33 lines
910 B
Nix
33 lines
910 B
Nix
{pkgs, ...}: {
|
||
services.netbird.enable = true;
|
||
environment.systemPackages = with pkgs; [netbird-ui];
|
||
|
||
systemd.services.netbird = {
|
||
environment = {
|
||
NB_DISABLE_SSH_CONFIG = "true";
|
||
};
|
||
path = [
|
||
pkgs.shadow # login
|
||
pkgs.util-linux # runuser
|
||
];
|
||
};
|
||
|
||
# Symlink kannst du jetzt ENTFERNEN – nicht mehr nötig!
|
||
# system.activationScripts.netbird-login-link = ... # LÖSCHEN
|
||
|
||
programs.ssh.extraConfig = ''
|
||
Match exec "${pkgs.netbird}/bin/netbird ssh detect %h %p"
|
||
PreferredAuthentications password,publickey,keyboard-interactive
|
||
PasswordAuthentication yes
|
||
PubkeyAuthentication yes
|
||
BatchMode no
|
||
ProxyCommand ${pkgs.netbird}/bin/netbird ssh proxy %h %p
|
||
StrictHostKeyChecking no
|
||
UserKnownHostsFile /dev/null
|
||
CheckHostIP no
|
||
LogLevel ERROR
|
||
'';
|
||
|
||
networking.firewall.checkReversePath = "loose";
|
||
}
|