summaryrefslogtreecommitdiff
path: root/hosts/lia/modules/sshfwd.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/lia/modules/sshfwd.nix')
-rw-r--r--hosts/lia/modules/sshfwd.nix18
1 files changed, 16 insertions, 2 deletions
diff --git a/hosts/lia/modules/sshfwd.nix b/hosts/lia/modules/sshfwd.nix
index dac2d71..f5f7526 100644
--- a/hosts/lia/modules/sshfwd.nix
+++ b/hosts/lia/modules/sshfwd.nix
@@ -2,7 +2,9 @@
mkFwdSrv = {
local_port,
remote_port,
+ remote_user,
remote ? "sinanmohd.com",
+ ssh_port ? 22,
key ? config.sops.secrets."sshfwd/${remote}".path,
}: {
"sshfwd-${toString local_port}-${remote}:${toString remote_port}" = {
@@ -18,7 +20,7 @@
path = [ pkgs.openssh ];
script = ''
echo -n "Forwarding port ${toString local_port}"
- exec ssh -N lia@${remote} \
+ exec ssh -N ${remote_user}@${remote} -p ${toString ssh_port} \
-R 0.0.0.0:${toString remote_port}:127.0.0.1:${toString local_port} \
-i ${key}
'';
@@ -26,8 +28,20 @@
};
in {
sops.secrets."sshfwd/sinanmohd.com" = {};
+ sops.secrets."sshfwd/lia.sinanmohd.com" = {};
environment.systemPackages = with pkgs; [ openssh ];
systemd.services
- = mkFwdSrv { local_port = 22; remote_port = 2222; };
+ = (mkFwdSrv {
+ local_port = 22;
+ remote_user = "lia";
+ remote_port = 2222;
+ }) //
+ (mkFwdSrv {
+ local_port = 22;
+ remote_port = 22;
+ ssh_port = 23;
+ remote_user = "root";
+ remote = "lia.sinanmohd.com";
+ });
}