nix-config/system/services/ssh.nix

{
  lib,
  config,
  ...
}:
with lib; let
  cfg = config.system.services.ssh;
in {
  options.system.services.ssh = {
    enable = mkEnableOption "Enables OpenSSH";
    allowedUsers = mkOption {
      type = types.listOf types.str;
      example = ["alice" "bob"];
      default = ["phundrak"];
    };
    passwordAuthentication = mkOption {
      type = types.bool;
      example = true;
      default = false;
    };
  };
  config.services.openssh = mkIf cfg.enable {
    inherit (cfg) enable;
    settings = {
      AllowUsers = cfg.allowedUsers;
      PermitRootLogin = "no";
      PasswordAuthentication = cfg.passwordAuthentication;
    };
  };
}
initial commit 2025-05-04 02:47:36 +02:00			`{`
			`lib,`
			`config,`
			`...`
			`}:`
			`with lib; let`
chore: refactor system modules 2025-07-05 00:02:39 +02:00			`cfg = config.system.services.ssh;`
initial commit 2025-05-04 02:47:36 +02:00			`in {`
chore: refactor system modules 2025-07-05 00:02:39 +02:00			`options.system.services.ssh = {`
initial commit 2025-05-04 02:47:36 +02:00			`enable = mkEnableOption "Enables OpenSSH";`
			`allowedUsers = mkOption {`
			`type = types.listOf types.str;`
			`example = ["alice" "bob"];`
			`default = ["phundrak"];`
			`};`
			`passwordAuthentication = mkOption {`
			`type = types.bool;`
			`example = true;`
			`default = false;`
			`};`
			`};`
			`config.services.openssh = mkIf cfg.enable {`
chore: refactor system modules 2025-07-05 00:02:39 +02:00			`inherit (cfg) enable;`
initial commit 2025-05-04 02:47:36 +02:00			`settings = {`
			`AllowUsers = cfg.allowedUsers;`
			`PermitRootLogin = "no";`
			`PasswordAuthentication = cfg.passwordAuthentication;`
			`};`
			`};`
			`}`