diff options
Diffstat (limited to 'os/kay/modules/sshfwd.nix')
| -rw-r--r-- | os/kay/modules/sshfwd.nix | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/os/kay/modules/sshfwd.nix b/os/kay/modules/sshfwd.nix index d70b893..fcafd17 100644 --- a/os/kay/modules/sshfwd.nix +++ b/os/kay/modules/sshfwd.nix @@ -1,21 +1,24 @@ -{ ... }: let +{ ... }: +let group = "sshfwd"; -in { +in +{ networking.firewall.allowedTCPPorts = [ 2222 ]; users = { - groups.${group}.members = []; + groups.${group}.members = [ ]; users."lia" = { inherit group; isSystemUser = true; - openssh.authorizedKeys.keys - = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAe7fJlh9L+9JSq0+hK7jNZjszmZqNXwzqcZ+zx0yJyU lia" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAe7fJlh9L+9JSq0+hK7jNZjszmZqNXwzqcZ+zx0yJyU lia" + ]; }; }; - services.openssh.extraConfig = '' + services.openssh.extraConfig = '' Match Group ${group} ForceCommand echo 'this account is only usable for remote forwarding' PermitTunnel no |