2024-04-21

1 files changed, 0 insertions, 51 deletions

diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix
deleted file mode 100644
index 9b82757..0000000
--- a/modules/nixos/openssh.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.openssh;
-in
-{
-  options.nixfiles.modules.openssh.server = {
-    enable = mkEnableOption "OpenSSH server";
-
-    port = mkOption {
-      description = "OpenSSH server port.";
-      type = types.port;
-      default = 22022; # Port 22 should be occupied by a tarpit.
-    };
-  };
-
-  config = mkIf cfg.server.enable {
-    ark.files = [
-      "/etc/ssh/ssh_host_ed25519_key"
-      "/etc/ssh/ssh_host_ed25519_key.pub"
-      "/etc/ssh/ssh_host_rsa_key"
-      "/etc/ssh/ssh_host_rsa_key.pub"
-    ];
-
-    programs.mosh.enable = true;
-
-    services = {
-      openssh = {
-        enable = true;
-        ports = [ cfg.server.port ];
-        settings = {
-          ClientAliveCountMax = 3;
-          ClientAliveInterval = 60;
-          KbdInteractiveAuthentication = false;
-          LogLevel = if config.nixfiles.modules.fail2ban.enable then "VERBOSE" else "ERROR";
-          MaxAuthTries = 3;
-          PasswordAuthentication = false;
-          PermitRootLogin = mkForce "no";
-        };
-      };
-
-      fail2ban.jails.sshd = {
-        enabled = true;
-        settings = {
-          mode = "aggressive";
-          inherit (cfg.server) port;
-        };
-      };
-    };
-  };
-}