chore: fix netbird ssh

2026-03-02 19:24:28 +01:00
parent 674ce6957c
commit e4195230a5
6 changed files with 115 additions and 20 deletions
--- a/hosts/m3-kratos/services/netbird.nix
+++ b/hosts/m3-kratos/services/netbird.nix
@@ -1,5 +1,32 @@
 {pkgs, ...}: {
  services.netbird.enable = true;
-  environment.systemPackages = [pkgs.netbird-ui];
+  environment.systemPackages = with pkgs; [netbird-ui];
+
+  systemd.services.netbird = {
+    environment = {
+      NB_DISABLE_SSH_CONFIG = "true";
+    };
+    path = [
+      pkgs.shadow # login
+      pkgs.util-linux # runuser
+    ];
+  };
+
+  # Symlink kannst du jetzt ENTFERNEN – nicht mehr nötig!
+  # system.activationScripts.netbird-login-link = ...  # LÖSCHEN
+
+  programs.ssh.extraConfig = ''
+    Match exec "${pkgs.netbird}/bin/netbird ssh detect %h %p"
+        PreferredAuthentications password,publickey,keyboard-interactive
+        PasswordAuthentication yes
+        PubkeyAuthentication yes
+        BatchMode no
+        ProxyCommand ${pkgs.netbird}/bin/netbird ssh proxy %h %p
+        StrictHostKeyChecking no
+        UserKnownHostsFile /dev/null
+        CheckHostIP no
+        LogLevel ERROR
+  '';
+
  networking.firewall.checkReversePath = "loose";
 }