22 lines
607 B
Nix
22 lines
607 B
Nix
{ config, lib, ... }:
|
|
{
|
|
options.settings.services.openssh = {
|
|
enable = lib.mkEnableOption "enable openSSH";
|
|
usePAM = lib.mkEnableOption "use PAM for ssh authentication";
|
|
};
|
|
|
|
#further move these options into settings
|
|
config = lib.mkIf config.settings.services.openssh.enable {
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = [ 12342 ];
|
|
settings = {
|
|
UsePAM = config.settings.services.openssh.usePAM;
|
|
PasswordAuthentication = true;
|
|
AllowUsers = null;
|
|
X11Forwarding = false;
|
|
PermitRootLogin = "prohibit-password";
|
|
};
|
|
};
|
|
};
|
|
}
|