From e127c668f65918e5204ed86e8e98a4f5fafc12da Mon Sep 17 00:00:00 2001 From: teutat3s Date: Sat, 8 Jun 2024 23:52:08 +0200 Subject: [PATCH] metronom, tankstelle: cleanup for SSH only via wireguard --- hosts/metronom/networking.nix | 3 --- hosts/tankstelle/networking.nix | 3 --- hosts/tankstelle/wireguard.nix | 20 ++++++++++---------- 3 files changed, 10 insertions(+), 16 deletions(-) diff --git a/hosts/metronom/networking.nix b/hosts/metronom/networking.nix index b309ec32..380c2207 100644 --- a/hosts/metronom/networking.nix +++ b/hosts/metronom/networking.nix @@ -16,7 +16,4 @@ networking.enableIPv6 = true; networking.useDHCP = false; networking.interfaces."enp1s0".useDHCP = true; - - # TODO: ssh via wireguard only - services.openssh.openFirewall = true; } diff --git a/hosts/tankstelle/networking.nix b/hosts/tankstelle/networking.nix index 1ef2e26a..8e893923 100644 --- a/hosts/tankstelle/networking.nix +++ b/hosts/tankstelle/networking.nix @@ -35,7 +35,4 @@ ]; }; }; - - # TODO: ssh via wireguard only - services.openssh.openFirewall = true; } diff --git a/hosts/tankstelle/wireguard.nix b/hosts/tankstelle/wireguard.nix index d8979eba..ceb430b1 100644 --- a/hosts/tankstelle/wireguard.nix +++ b/hosts/tankstelle/wireguard.nix @@ -41,14 +41,14 @@ }; }; - #services.openssh.listenAddresses = [ - # { - # addr = "10.7.6.4"; - # port = 22; - # } - # { - # addr = "[fd00:fae:fae:fae:fae:4::]"; - # port = 22; - # } - #]; + services.openssh.listenAddresses = [ + { + addr = "10.7.6.4"; + port = 22; + } + { + addr = "[fd00:fae:fae:fae:fae:4::]"; + port = 22; + } + ]; }