hosts/kay,lia/sshfwd: init

author: sinanmohd <sinan@sinanmohd.com> 2024-02-11 20:17:49 +0530
committer: sinanmohd <sinan@sinanmohd.com> 2024-02-11 21:06:35 +0530
commit: 7bb35b9e407422312c171802c7f5e583f353ba28 (patch)
tree: dd78df8c598e97edf346f897f4580ab5155ac0c0 /hosts/lia/modules/sshfwd.nix
parent: 05c7f64bd12d56f3fc066f61fc01351acb0ddb7b (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/hosts/lia/modules/sshfwd.nix b/hosts/lia/modules/sshfwd.nix
new file mode 100644
index 0000000..f86238b
--- /dev/null
+++ b/hosts/lia/modules/sshfwd.nix
@@ -0,0 +1,22 @@
+{ pkgs, config, ... }: {
+  sops.secrets."sshfwd/kay" = {};
+
+  environment.systemPackages = with pkgs; [ openssh ];
+  systemd.services."sshfwd" = {
+    description = "Forwarding port 22 to the Internet";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network-online.target" ];
+    wants = [ "network-online.target" ];
+    # restart rather than stop+start this unit to prevent the
+    # network from dying during switch-to-configuration.
+    stopIfChanged = false;
+
+    path = [ pkgs.openssh ];
+    script = ''
+      echo -n "Forwarding port 22"
+      exec ssh -N lia@sinanmohd.com \
+          -R 0.0.0.0:2222:127.0.0.1:22 \
+          -i ${config.sops.secrets."sshfwd/kay".path}
+    '';
+  };
+}
author	sinanmohd <sinan@sinanmohd.com>	2024-02-11 20:17:49 +0530
committer	sinanmohd <sinan@sinanmohd.com>	2024-02-11 21:06:35 +0530
commit	7bb35b9e407422312c171802c7f5e583f353ba28 (patch)
tree	dd78df8c598e97edf346f897f4580ab5155ac0c0 /hosts/lia/modules/sshfwd.nix
parent	05c7f64bd12d56f3fc066f61fc01351acb0ddb7b (diff)