remoll/matrix
1
0
Fork 0
mirror of https://github.com/lxstinthesky/matrix.git synced 2025-11-01 00:12:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

added an ssh key for neo

Browse Source
This commit is contained in:
Henrik
2025-10-26 15:14:09 +01:00
parent 665bd1d1f4
commit 3cd6c1c941
5 changed files with 28 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
nix/configuration.nix
View File

@@ -3,7 +3,7 @@
{ {
imports = [ imports = [
./users/users.nix ./users/users.nix
./modules/ssh.nix ./modules/security.nix
./vps/hetzner/hardware-configuration.nix ./vps/hetzner/hardware-configuration.nix
./modules/zsh.nix ./modules/zsh.nix
]; ];
@@ -54,9 +54,9 @@
diskSize = 5000; # 5GB, needed to prevent docker error running out of space diskSize = 5000; # 5GB, needed to prevent docker error running out of space
# Networking configuration # Networking configuration
#forwardPorts = [ forwardPorts = [
# { from = "host"; host.port = 2222; guest.port = 22; } { from = "host"; host.port = 2222; guest.port = 22; }
#]; ];
}; };
# Add VM-specific users # Add VM-specific users
@@ -69,8 +69,6 @@
packages = with pkgs; [ ]; packages = with pkgs; [ ];
}; };
security.sudo.wheelNeedsPassword = false;
# VM-specific packages # VM-specific packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
]; ];

17
nix/modules/security.nix Normal file
View File

@@ -0,0 +1,17 @@
{ config, pkgs, inputs, ... }:
{
# providing an ssh configuration
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no"; # Disable root login
PasswordAuthentication = false; # Force SSH key auth only
PubkeyAuthentication = true; # Enable SSH keys
};
ports = [ 22 ];
};
# other security hardening options can go here
security.sudo.wheelNeedsPassword = false;
}

8
nix/modules/ssh.nix
View File

@@ -1,8 +0,0 @@
{ config, pkgs, inputs, ... }:
{
services.openssh = {
enable = true;
# permitRootLogin = "no";
};
}

1
nix/users/keys/neo.pub Normal file
View File

@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBtePfzkSorgiFNuol/pEYlR0HToDCy9fk8PPfZWMuf3 henrik@strange

9
nix/users/users.nix
View File

@@ -5,15 +5,18 @@
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
users.users.neo = { users.users.neo = {
isNormalUser = true; isNormalUser = true;
description = "Matrix User 1"; description = "Neovim only user";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.zsh; shell = pkgs.zsh;
packages = with pkgs; [ ]; packages = with pkgs; [ ];
openssh.authorizedKeys.keyFiles = [
./keys/neo.pub
];
}; };
users.users.morpheus = { users.users.morpheus = {
isNormalUser = true; isNormalUser = true;
description = "Matrix User 2"; description = "Insert joke here";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.zsh; shell = pkgs.zsh;
packages = with pkgs; [ ]; packages = with pkgs; [ ];
@@ -21,7 +24,7 @@
users.users.trinity = { users.users.trinity = {
isNormalUser = true; isNormalUser = true;
description = "Matrix User 3"; description = "Named after an atom bomb test";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.zsh; shell = pkgs.zsh;
packages = with pkgs; [ ]; packages = with pkgs; [ ];