Benjamin Bädorf
c04be07044
All checks were successful
continuous-integration/drone/push Build is passing
30 lines
849 B
Nix
30 lines
849 B
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: let
|
|
psCfg = config.pub-solar;
|
|
in {
|
|
config = {
|
|
services.openssh.knownHosts = {
|
|
"cloud.pub.solar".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIABPJSwr9DfnqV0KoL23BcxlWtRxuOqQpnFnCv4SG/LW";
|
|
};
|
|
|
|
systemd.services.ssh-tunnel-cloud-pub-solar = {
|
|
unitConfig = {
|
|
Description = "Reverse SSH connection to enable backups from IPv4-only to IPv6-only host";
|
|
After = ["network.target"];
|
|
};
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o ServerAliveInterval=10 -o ExitOnForwardFailure=yes -R 127.0.0.1:22022:localhost:22 root@cloud.pub.solar";
|
|
User = psCfg.user.name;
|
|
Group = "users";
|
|
Restart = "always";
|
|
RestartSec = "5s";
|
|
};
|
|
wantedBy = ["default.target"];
|
|
};
|
|
};
|
|
}
|