nixos/modules/networking/ssh.nix

{ config, lib,  ... }:
{
  config = {
    services.openssh = {
      enable = true;
      ports = [ 1173 ];
      settings = {
        PasswordAuthentication = false;
        PermitRootLogin = "no";
      };
    };

    sops.secrets."ssh_pubkeys" = {
      path = "/home/${config.user}/.ssh/authorized_keys";
      owner = "${config.user}";
      group = "users";
      mode = "0600";
    };

    home-manager.users.${config.user} = { pkgs, config, ... }: {
      home.file.".ssh/config" = {
        source = config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nixos/dotfiles/ssh/${config.home.username}";
      };
    };
  };

}
gitea repo 2025-06-20 11:59:24 -07:00			`{ config, lib, ... }:`
			`{`
			`config = {`
			`services.openssh = {`
			`enable = true;`
update config 2025-08-12 11:58:29 -07:00			`ports = [ 1173 ];`
gitea repo 2025-06-20 11:59:24 -07:00			`settings = {`
			`PasswordAuthentication = false;`
			`PermitRootLogin = "no";`
			`};`
			`};`

			`sops.secrets."ssh_pubkeys" = {`
			`path = "/home/${config.user}/.ssh/authorized_keys";`
			`owner = "${config.user}";`
			`group = "users";`
			`mode = "0600";`
			`};`

			`home-manager.users.${config.user} = { pkgs, config, ... }: {`
			`home.file.".ssh/config" = {`
			`source = config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nixos/dotfiles/ssh/${config.home.username}";`
			`};`
			`};`
			`};`

			`}`