feat: add NixOS module for declarative deployment

Adds nixos-module.nix with services.oubliette options (enable, package, settings, configFile) and a hardened systemd service. Exposes the module as nixosModules.default in flake.nix. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-14 17:01:31 +01:00
parent 8e8f5366be
commit 75bac814d4
3 changed files with 88 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -46,3 +46,25 @@ Test with:
 ```sh
 ssh -o StrictHostKeyChecking=no -p 2222 root@localhost
 ```
+
+### NixOS Module
+
+Add the flake as an input and enable the service:
+
+```nix
+{
+  services.oubliette = {
+    enable = true;
+    package = inputs.oubliette.packages.${system}.default;
+    settings = {
+      ssh.listen_addr = ":2222";
+      auth.accept_after = 10;
+      auth.static_credentials = [
+        { username = "root"; password = "toor"; }
+      ];
+    };
+  };
+}
+```
+
+Alternatively, use `configFile` to pass a pre-written TOML file instead of `settings`.