mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 20:39:18 -08:00
36 lines
730 B
Nix
36 lines
730 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
network.firewall = {
|
|
public = {
|
|
tcp.ports = singleton 62954;
|
|
udp.ranges = [{
|
|
from = 60000;
|
|
to = 61000;
|
|
}];
|
|
};
|
|
private = {
|
|
tcp.ports = singleton 62954;
|
|
udp.ranges = [{
|
|
from = 60000;
|
|
to = 61000;
|
|
}];
|
|
};
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
ports = lib.mkDefault [ 62954 ];
|
|
passwordAuthentication = false;
|
|
challengeResponseAuthentication = false;
|
|
permitRootLogin = lib.mkDefault "prohibit-password";
|
|
kexAlgorithms = [ "curve25519-sha256@libssh.org" ];
|
|
extraConfig = ''
|
|
StreamLocalBindUnlink yes
|
|
LogLevel VERBOSE
|
|
'';
|
|
};
|
|
programs.mosh.enable = true;
|
|
}
|