Commit 668497c351ee

Vincent Demeester <vincent@sbr.pm>
2021-10-26 21:54:23
systems: enable ssh on naruhodo
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent 4e77336
Changed files (3)
systems
hosts
naruhodo.nix
modules
profiles
ssh.nix
default.nix
systems/hosts/naruhodo.nix
@@ -157,6 +157,7 @@ in
     virtualization = { enable = true; nested = true; };
     redhat.enable = true;
     scanning.enable = true;
+    ssh.enable = true;
   };
   environment.systemPackages = with pkgs; [
     virtmanager
systems/modules/profiles/ssh.nix
@@ -8,6 +8,10 @@ in
   options = {
     profiles.ssh = {
       enable = mkEnableOption "Enable ssh profile";
+      listenAddresses = mkOption {
+        type = types.listOf types.str;
+        default = [ ];
+      };
       forwardX11 = mkOption {
         type = types.bool;
         default = false;
@@ -23,6 +27,8 @@ in
         enable = true;
         startWhenNeeded = false;
         forwardX11 = cfg.forwardX11;
+        # listenAddresses = map
+        # Move this for kerkouane only
         extraConfig = ''
           StreamLocalBindUnlink yes
           Match User nginx
systems/modules/default.nix
@@ -8,4 +8,5 @@
     ./virtualisation
     "${(import ../../nix/sources.nix).sops-nix}/modules/sops"
   ];
+  sops.defaultSopsFile = ../../secrets/secrets.yaml;
 }