diff options
| author | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
|---|---|---|
| committer | Azat Bahawi <azat@bahawi.net> | 2024-04-21 02:15:42 +0300 |
| commit | e6ed60548397627bf10f561f9438201dbba0a36e (patch) | |
| tree | f9a84c5957d2cc4fcd148065ee9365a0c851ae1c /modules/endlessh-go.nix | |
| parent | 9ac64328603d44bd272175942d3ea3eaadcabd04 (diff) | |
2024-04-21
Diffstat (limited to 'modules/endlessh-go.nix')
| -rw-r--r-- | modules/endlessh-go.nix | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/modules/endlessh-go.nix b/modules/endlessh-go.nix new file mode 100644 index 0000000..efaaa8f --- /dev/null +++ b/modules/endlessh-go.nix @@ -0,0 +1,36 @@ +{ + config, + lib, + this, + ... +}: +with lib; +let + cfg = config.nixfiles.modules.endlessh-go; +in +{ + options.nixfiles.modules.endlessh-go.enable = mkEnableOption "endlessh-go"; + + config = + let + port = 22; + in + mkIf cfg.enable { + services.endlessh-go = { + enable = true; + listenAddress = "0.0.0.0"; + inherit port; + prometheus = { + enable = true; + listenAddress = this.wireguard.ipv4.address; + port = 9229; + }; + extraOptions = [ + "-geoip_supplier=ip-api" + "-v=1" + ]; + }; + + networking.firewall.allowedTCPPorts = [ port ]; + }; +} |