Add template host

2024-03-08 20:10:50 +01:00
parent 8b15e98499
commit 7ba862f21d
12 changed files with 161 additions and 20 deletions
--- a/system/default.nix
+++ b/system/default.nix
@@ -1,5 +1,5 @@
 { ... }: {
-  import = [
+  imports = [
    ./sops.nix
    ./root-user.nix
    ./sshd.nix
--- a/system/root-user.nix
+++ b/system/root-user.nix
@@ -6,7 +6,7 @@
  users.users.root = {
    shell = pkgs.zsh;
    hashedPasswordFile = config.sops.secrets.root_password_hash.path;
-    opennsh.authorizedKeys.keys = [
+    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAwfb2jpKrBnCw28aevnH8HbE5YbcMXpdaVv2KmueDu6 torjus@gunter"
    ];
  };
--- a/system/sops.nix
+++ b/system/sops.nix
@@ -1,6 +1,6 @@
 { ... }: {
  sops = {
-    defaultSopsFile = ./secrets/secrets.yaml;
+    defaultSopsFile = ../secrets/secrets.yaml;
    age.keyFile = "/var/lib/sops-nix/key.txt";
    age.generateKey = true;
  };
--- a/system/sshd.nix
+++ b/system/sshd.nix
@@ -1,9 +1,11 @@
 { ... }: {
  services.openssh = {
    enable = true;
-    permitRootLogin = "no";
-    # TODO: Allow root login from certain hosts.
-    # Then dissallow rest.
-    passwordAuthentication = true;
+    settings = {
+      PermitRootLogin = "yes";
+      # TODO: Allow root login from certain hosts.
+      # Then dissallow rest.
+      PasswordAuthentication = true;
+    };
  };
 }