aboutsummaryrefslogtreecommitdiff
path: root/modules/nixos/server/openssh/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/server/openssh/default.nix')
-rw-r--r--modules/nixos/server/openssh/default.nix15
1 files changed, 7 insertions, 8 deletions
diff --git a/modules/nixos/server/openssh/default.nix b/modules/nixos/server/openssh/default.nix
index a56460d..ac23d28 100644
--- a/modules/nixos/server/openssh/default.nix
+++ b/modules/nixos/server/openssh/default.nix
@@ -5,7 +5,7 @@
}:
let
- inherit (lib) mkEnableOption mkIf;
+ inherit (lib) mkEnableOption mkIf mkDefault;
cfg = config.nx.server.openssh;
in
{
@@ -17,18 +17,17 @@ in
services.openssh = {
enable = true;
ports = [ 8693 ];
- settings = {
- PasswordAuthentication = false;
- AllowUsers = [ ];
- X11Forwarding = false;
- PermitRootLogin = "yes";
- };
+ settings = {
+ PasswordAuthentication = false;
+ X11Forwarding = false;
+ PermitRootLogin = "yes";
+ };
};
networking.firewall.allowedTCPPorts = [ 8693 ];
services.fail2ban = {
enable = true;
- bantime = "1h";
+ bantime = lib.mkDefault "1h";
jails = {
sshd = {
enabled = true;
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-30 17:32:41 +0000