update: modularize users, pam, gnupg, openssh

nixosModules/services/openssh.nix

@@ -0,0 +1,22 @@
+{ config, lib, ... }: {
+  options.settings = {
+    services.openssh.enable = lib.mkEnableOption "enable openSSH";
+    services.openssh.usePAM = lib.mkEnableOption "use PAM for ssh authentication";
+  };
+
+
+#further move these options into settings
+  config = lib.mkIf config.settings.services.openssh.enable {
+    services.openssh = {
+      enable = true;
+      ports = [ 12342 ];
+      settings = {
+        UsePAM = config.settings.services.openssh.usePAM;
+        PasswordAuthentication = true;
+        AllowUsers = null;
+        X11Forwarding = false;
+        PermitRootLogin = "prohibit-password";
+      };
+    };
+  };
+}