{ config, lib, this, ... }: with lib; let cfg = config.nixfiles.modules.endlessh-go; in { options.nixfiles.modules.endlessh-go.enable = mkEnableOption "endlessh-go"; config = let port = 22; in mkIf cfg.enable { services.endlessh-go = { enable = true; listenAddress = "0.0.0.0"; inherit port; prometheus = { enable = true; listenAddress = this.wireguard.ipv4.address; port = 9229; }; extraOptions = [ "-geoip_supplier=ip-api" ]; }; networking.firewall.allowedTCPPorts = [ port ]; }; }