From e6ed60548397627bf10f561f9438201dbba0a36e Mon Sep 17 00:00:00 2001
From: Azat Bahawi <azat@bahawi.net>
Date: Sun, 21 Apr 2024 02:15:42 +0300
Subject: 2024-04-21

---
 modules/nixos/openssh.nix | 51 -----------------------------------------------
 1 file changed, 51 deletions(-)
 delete mode 100644 modules/nixos/openssh.nix

(limited to 'modules/nixos/openssh.nix')

diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix
deleted file mode 100644
index 9b82757..0000000
--- a/modules/nixos/openssh.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.openssh;
-in
-{
-  options.nixfiles.modules.openssh.server = {
-    enable = mkEnableOption "OpenSSH server";
-
-    port = mkOption {
-      description = "OpenSSH server port.";
-      type = types.port;
-      default = 22022; # Port 22 should be occupied by a tarpit.
-    };
-  };
-
-  config = mkIf cfg.server.enable {
-    ark.files = [
-      "/etc/ssh/ssh_host_ed25519_key"
-      "/etc/ssh/ssh_host_ed25519_key.pub"
-      "/etc/ssh/ssh_host_rsa_key"
-      "/etc/ssh/ssh_host_rsa_key.pub"
-    ];
-
-    programs.mosh.enable = true;
-
-    services = {
-      openssh = {
-        enable = true;
-        ports = [ cfg.server.port ];
-        settings = {
-          ClientAliveCountMax = 3;
-          ClientAliveInterval = 60;
-          KbdInteractiveAuthentication = false;
-          LogLevel = if config.nixfiles.modules.fail2ban.enable then "VERBOSE" else "ERROR";
-          MaxAuthTries = 3;
-          PasswordAuthentication = false;
-          PermitRootLogin = mkForce "no";
-        };
-      };
-
-      fail2ban.jails.sshd = {
-        enabled = true;
-        settings = {
-          mode = "aggressive";
-          inherit (cfg.server) port;
-        };
-      };
-    };
-  };
-}
-- 
cgit v1.2.3