summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2021-04-12 15:11:51 +0200
committerAlan Pearce2021-04-12 15:11:51 +0200
commitf5785c7356f7538306397493b33c859f05886c35 (patch)
tree9ec358e8849d950741d9b4a804e3f6a8113e2215
parent88661823ed8563dafa4f8304e537f4ae5d9c2341 (diff)
downloadnixfiles-f5785c7356f7538306397493b33c859f05886c35.tar.lz
nixfiles-f5785c7356f7538306397493b33c859f05886c35.tar.zst
nixfiles-f5785c7356f7538306397493b33c859f05886c35.zip
prefect: enable SSH
-rw-r--r--system/prefect.nix5
-rw-r--r--system/settings/configuration/user.nix3
2 files changed, 8 insertions, 0 deletions
diff --git a/system/prefect.nix b/system/prefect.nix
index 188dfd8f..f9146e8e 100644
--- a/system/prefect.nix
+++ b/system/prefect.nix
@@ -73,6 +73,11 @@
   };
   networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
 
+  services.openssh = {
+    enable = true;
+    openFirewall = false;
+    startWhenNeeded = true;
+  };
   networking.firewall.extraCommands = ''
     iptables  -A nixos-fw -p udp --source 172.30.44.0/24       -j nixos-fw-accept
     iptables  -A nixos-fw -p tcp --source 172.30.44.0/24       -j nixos-fw-accept
diff --git a/system/settings/configuration/user.nix b/system/settings/configuration/user.nix
index e152a91b..5227f057 100644
--- a/system/settings/configuration/user.nix
+++ b/system/settings/configuration/user.nix
@@ -8,5 +8,8 @@
     initialPassword = "password";
     home = "/home/alan";
     uid = 1000;
+    openssh.authorizedKeys.keys = [
+      "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDRIsbc/xJGxEJGCCNT99kQhB1N84jPlPtrqSVF/OxbGenvk2HWbL/q/YpEUkG5eQrfV5jK8nXfNfjSsPDjF96A= alan@alanpearce.eu (sekey)"
+    ];
   };
 }