From 2ffd84eb4e09da75287da5d907c6608feb549de1 Mon Sep 17 00:00:00 2001 From: m3tam3re Date: Sat, 22 Feb 2025 11:03:03 +0100 Subject: [PATCH] ssh_config --- home/m3tam3re/home.nix | 77 +++++++++++++++++++++++++++++++ hosts/m3-ares/configuration.nix | 8 +++- hosts/m3-kratos/configuration.nix | 8 +++- 3 files changed, 91 insertions(+), 2 deletions(-) diff --git a/home/m3tam3re/home.nix b/home/m3tam3re/home.nix index 68d1f5c..0e55f03 100644 --- a/home/m3tam3re/home.nix +++ b/home/m3tam3re/home.nix @@ -95,6 +95,83 @@ init.defaultBranch = "master"; }; }; + programs.ssh = { + enable = true; + matchBlocks = { + "github.com" = { + hostname = "github.com"; + user = "m3tam3re"; + port = 22; + identityFile = "~/.ssh/github"; + }; + "code.m3tam3re.com" = { + hostname = "code.m3tam3re.com"; + user = "m3tam3re"; + identityFile = "~/.ssh/gitea"; + }; + "lkk-nix-1" = { + hostname = "89.58.10.189"; + user = "lkk-admin"; + identityFile = "~/.ssh/lkk-admin"; + }; + "m3-r1" = { + hostname = "202.61.226.110"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "lkk-prod-test" = { + hostname = "192.168.122.215"; + user = "root"; + identityFile = "~/.ssh/m3tam3re"; + }; + "lkk-prod-1" = { + hostname = "192.168.0.24"; + user = "root"; + identityFile = "~/.ssh/m3tam3re"; + }; + "lkk-prod-2" = { + hostname = "192.168.0.20"; + user = "root"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-deck" = { + hostname = "192.168.178.193"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-kratos-vm" = { + hostname = "192.168.122.43"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-hermes" = { + hostname = "95.216.214.142"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-helios" = { + hostname = "192.168.178.210"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-ares" = { + hostname = "192.168.1.30"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "m3-atlas" = { + hostname = "152.53.85.162"; + user = "m3tam3re"; + identityFile = "~/.ssh/m3tam3re"; + }; + "self-host-server" = { + hostname = "37.27.255.72"; + port = 2222; + user = "m3tam3re"; + identityFile = "~/.ssh/self-host-server"; + }; + }; + }; programs.zellij-ps = { enable = true; projectFolders = [ diff --git a/hosts/m3-ares/configuration.nix b/hosts/m3-ares/configuration.nix index 4f2dd49..4e75e79 100644 --- a/hosts/m3-ares/configuration.nix +++ b/hosts/m3-ares/configuration.nix @@ -92,7 +92,13 @@ # List services that you want to enable: # Enable the OpenSSH daemon. - services.openssh.enable = true; + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + settings = { + PasswordAuthentication = false; + }; + }; services.fstrim.enable = true; # Open ports in the firewall. diff --git a/hosts/m3-kratos/configuration.nix b/hosts/m3-kratos/configuration.nix index e0c76e4..a8bbf3d 100644 --- a/hosts/m3-kratos/configuration.nix +++ b/hosts/m3-kratos/configuration.nix @@ -76,7 +76,13 @@ # List services that you want to enable: # Enable the OpenSSH daemon. - services.openssh.enable = true; + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + settings = { + PasswordAuthentication = false; + }; + }; services.fstrim.enable = true; services.zfs.autoSnapshot.enable = true;