about summary refs log tree commit diff
path: root/modules/nixos/openssh.nix
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--modules/nixos/openssh.nix21
1 files changed, 10 insertions, 11 deletions
diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix
index 9a131d7..c7a144e 100644
--- a/modules/nixos/openssh.nix
+++ b/modules/nixos/openssh.nix
@@ -18,16 +18,16 @@ in {
   };
 
   config = mkIf cfg.server.enable {
-    # TODO Enable on a fresh system.
-    # ark = {
-    #   files = [
-    #     "/etc/ssh/ssh_host_ed25519_key"
-    #     "/etc/ssh/ssh_host_ed25519_key.pub"
-    #     "/etc/ssh/ssh_host_rsa_key"
-    #     "/etc/ssh/ssh_host_rsa_key.pub"
-    #   ];
-    #   directories = ["/etc/ssh/authorized_keys.d"];
-    # };
+    # FIXME This is mounted after the activation script is launched.
+    ark = {
+      files = [
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+      ];
+      # directories = ["/etc/ssh/authorized_keys.d"];
+    };
 
     programs.mosh.enable = true;
 
@@ -36,7 +36,6 @@ in {
         enable = true;
         ports = [cfg.server.port];
         settings = {
-          AllowUsers = my.username;
           ClientAliveCountMax = 3;
           ClientAliveInterval = 60;
           KbdInteractiveAuthentication = false;

Consider giving Nix/NixOS a try! <3