From 03d21c96eac95ea2d042366168c2510118ab44a5 Mon Sep 17 00:00:00 2001
From: Caroline Larimore <caroline@larimo.re>
Date: Mon, 14 Apr 2025 18:39:55 -0700
Subject: migration: openssh server

---
 snowfall/modules/nixos/services/ssh/default.nix | 28 +++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 snowfall/modules/nixos/services/ssh/default.nix

(limited to 'snowfall/modules/nixos/services/ssh/default.nix')

diff --git a/snowfall/modules/nixos/services/ssh/default.nix b/snowfall/modules/nixos/services/ssh/default.nix
new file mode 100644
index 0000000..6856897
--- /dev/null
+++ b/snowfall/modules/nixos/services/ssh/default.nix
@@ -0,0 +1,28 @@
+{ options, config, lib, namespace, ... }:
+
+with lib; with lib.${namespace}; let
+  cfg = config.${namespace}.services.ssh;
+  impermanence = config.${namespace}.system.impermanence;
+in {
+  options.${namespace}.services.ssh = with types; {
+    enable = mkEnableOption "ssh server";
+
+    port = mkOption {
+      type = types.port;
+      default = 22;
+      description = "ssh server port";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    openssh = {
+      enable = true;
+      ports = [ cfg.port ];
+      
+      settings = {
+        PermitRootLogin = "no";
+        PasswordAuthentication = false;
+      };
+    };
+  };
+}
-- 
cgit v1.2.3