adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bifrost: keep ssh port open for now

Browse source
This commit is contained in:
Adithya 2024-11-23 00:25:40 +05:30
parent 29fd0a24b4
commit dd2654a5d0
Signed by: adtya
GPG key ID: B8857BFBA2C47B9C
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
hosts/bifrost/services/ssh.nix
View file

@ -1,12 +1,16 @@
{ config, ... }: { config, ... }:
let facts = config.nodeconfig.facts; in { let facts = config.nodeconfig.facts; in {
networking.firewall.interfaces.ens3.allowedTCPPorts = [ 22 ]; networking.firewall.interfaces = {
ens3.allowedTCPPorts = [ 2222 ];
ens4.allowedTCPPorts = [ 22 ];
};
services.openssh = { services.openssh = {
enable = true; enable = true;
openFirewall = false; openFirewall = false;
listenAddresses = [ listenAddresses = [
{ addr = facts.wireguard-ip; port = 22; } { addr = facts.external-ip; port = 2222; }
{ addr = facts.local-ip; port = 22; } { addr = facts.local-ip; port = 22; }
{ addr = facts.wireguard-ip; port = 22; }
]; ];
settings = { settings = {
KbdInteractiveAuthentication = false; KbdInteractiveAuthentication = false;