38 lines
1.1 KiB
Nix
38 lines
1.1 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
cfg = config.sane.services.dropbear;
|
|
in
|
|
{
|
|
options = {
|
|
sane.services.dropbear = with lib; {
|
|
enable = mkOption {
|
|
default = false;
|
|
type = types.bool;
|
|
};
|
|
|
|
package = mkOption {
|
|
type = types.package;
|
|
default = pkgs.dropbear;
|
|
defaultText = literalExpression "pkgs.dropbear";
|
|
};
|
|
|
|
port = mkOption {
|
|
type = types.port;
|
|
default = 22;
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
systemd.services.dropbear = {
|
|
description = "Dropbear SSH Server";
|
|
after = [ "network.target" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig.Type = "simple";
|
|
# N.B.: dropbear ssh key format is incompatible with OpenSSH's.
|
|
# also, needs to be manually generated on first run (`dropbearkey -t rsa -f /etc/ssh/host_keys/dropbear_rsa_host_key -s 4096`)
|
|
serviceConfig.ExecStart = "${cfg.package}/bin/dropbear -F -p ${builtins.toString cfg.port} -r /etc/ssh/host_keys/dropbear_rsa_host_key -r /etc/ssh/host_keys/dropbear_ed25519_host_key";
|
|
};
|
|
};
|
|
}
|