From 04a5481eae0379165dcfc4b6ca70ef66d1d33d62 Mon Sep 17 00:00:00 2001 From: Mark Nipper Date: Tue, 16 Jul 2024 09:01:17 -0700 Subject: Close SSH through firewall by default --- hosts/darkstar/default.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'hosts/darkstar/default.nix') diff --git a/hosts/darkstar/default.nix b/hosts/darkstar/default.nix index b9b4e39..0e4541d 100644 --- a/hosts/darkstar/default.nix +++ b/hosts/darkstar/default.nix @@ -79,6 +79,8 @@ #}; }; + services.openssh.openFirewall = true; + sops = { age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; defaultSopsFile = ../secrets/darkstar.yaml; -- cgit v1.2.3