os/hosts/droppie/nextcloud-web-tunnel.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

31 lines
879 B
Nix
Raw Normal View History

{
2023-01-28 21:27:52 +00:00
pkgs,
config,
...
}: let
psCfg = config.pub-solar;
in {
config = {
services.openssh.knownHosts = {
"nachtigall.pub.solar".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGUJGAYFzgzpeEs5rYvBX9jBn6wkj4Q5VqnT4xkg3l// barkeeper@nachtigall";
};
systemd.services.ssh-tunnel-nachtigall-pub-solar = {
enable = false;
unitConfig = {
Description = "Reverse SSH connection to enable backups";
2023-01-28 21:27:52 +00:00
After = ["network.target"];
};
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o ServerAliveInterval=10 -o ExitOnForwardFailure=yes -R 127.0.0.1:22022:localhost:22 hakkonaut@nachtigall.pub.solar";
User = psCfg.user.name;
Group = "users";
Restart = "always";
RestartSec = "5s";
};
2023-01-28 21:27:52 +00:00
wantedBy = ["default.target"];
};
};
}