From 9735218118e6bf323d41ebb2845dbd5232c3f865 Mon Sep 17 00:00:00 2001 From: Christoph Schmatzler Date: Sat, 20 Dec 2025 22:25:30 +0000 Subject: [PATCH] simplify --- hosts/michael/default.nix | 2 +- hosts/michael/openssh.nix | 9 --------- hosts/mindy/default.nix | 2 +- hosts/mindy/openssh.nix | 9 --------- hosts/tahani/default.nix | 2 +- hosts/tahani/networking.nix | 2 +- {hosts/tahani => profiles}/openssh.nix | 0 7 files changed, 4 insertions(+), 22 deletions(-) delete mode 100644 hosts/michael/openssh.nix delete mode 100644 hosts/mindy/openssh.nix rename {hosts/tahani => profiles}/openssh.nix (100%) diff --git a/hosts/michael/default.nix b/hosts/michael/default.nix index 0fa55e2..f97613b 100644 --- a/hosts/michael/default.nix +++ b/hosts/michael/default.nix @@ -11,9 +11,9 @@ (modulesPath + "/profiles/qemu-guest.nix") ./disk-config.nix ./hardware-configuration.nix - ./openssh.nix ./secrets.nix ../../profiles/core.nix + ../../profiles/openssh.nix ../../profiles/fail2ban.nix ../../profiles/gitea.nix ../../profiles/nixos.nix diff --git a/hosts/michael/openssh.nix b/hosts/michael/openssh.nix deleted file mode 100644 index 7b61c7e..0000000 --- a/hosts/michael/openssh.nix +++ /dev/null @@ -1,9 +0,0 @@ -{...}: { - services.openssh = { - enable = true; - settings = { - PermitRootLogin = "yes"; - PasswordAuthentication = false; - }; - }; -} diff --git a/hosts/mindy/default.nix b/hosts/mindy/default.nix index 5276c45..9a72576 100644 --- a/hosts/mindy/default.nix +++ b/hosts/mindy/default.nix @@ -11,11 +11,11 @@ (modulesPath + "/profiles/qemu-guest.nix") ./disk-config.nix ./hardware-configuration.nix - ./openssh.nix ./pgbackrest.nix ./secrets.nix ../../modules/pgbackrest.nix ../../profiles/core.nix + ../../profiles/openssh.nix ../../profiles/fail2ban.nix ../../profiles/nixos.nix ../../profiles/postgresql.nix diff --git a/hosts/mindy/openssh.nix b/hosts/mindy/openssh.nix deleted file mode 100644 index 7b61c7e..0000000 --- a/hosts/mindy/openssh.nix +++ /dev/null @@ -1,9 +0,0 @@ -{...}: { - services.openssh = { - enable = true; - settings = { - PermitRootLogin = "yes"; - PasswordAuthentication = false; - }; - }; -} diff --git a/hosts/tahani/default.nix b/hosts/tahani/default.nix index 96b3a5f..9b58737 100644 --- a/hosts/tahani/default.nix +++ b/hosts/tahani/default.nix @@ -8,11 +8,11 @@ imports = [ ./adguardhome.nix ./networking.nix - ./openssh.nix ./paperless.nix ./secrets.nix ./syncthing.nix ../../profiles/core.nix + ../../profiles/openssh.nix ../../profiles/nixos.nix ../../profiles/syncthing.nix ../../profiles/tailscale.nix diff --git a/hosts/tahani/networking.nix b/hosts/tahani/networking.nix index a519902..f50a16d 100644 --- a/hosts/tahani/networking.nix +++ b/hosts/tahani/networking.nix @@ -14,7 +14,7 @@ enable = true; trustedInterfaces = ["eno1" "tailscale0"]; allowedUDPPorts = [config.services.tailscale.port]; - allowedTCPPorts = [22 5555]; + allowedTCPPorts = [22]; checkReversePath = "loose"; }; }; diff --git a/hosts/tahani/openssh.nix b/profiles/openssh.nix similarity index 100% rename from hosts/tahani/openssh.nix rename to profiles/openssh.nix