{ pkgs, config, ... }: let psCfg = config.pub-solar; in { config = { services.openssh.knownHosts = { "nachtigall.pub.solar".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGUJGAYFzgzpeEs5rYvBX9jBn6wkj4Q5VqnT4xkg3l// barkeeper@nachtigall"; }; systemd.services.ssh-tunnel-nachtigall-pub-solar = { enable = false; unitConfig = { Description = "Reverse SSH connection to enable backups"; After = ["network.target"]; }; serviceConfig = { Type = "simple"; ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o ServerAliveInterval=10 -o ExitOnForwardFailure=yes -R 127.0.0.1:22022:localhost:22 hakkonaut@nachtigall.pub.solar"; User = psCfg.user.name; Group = "users"; Restart = "always"; RestartSec = "5s"; }; wantedBy = ["default.target"]; }; }; }