forked from M-Labs/it-infra
nixbld: SSH reverse proxy setup
This commit is contained in:
parent
e9b02d0c72
commit
ac022776e7
|
|
@ -88,7 +88,7 @@ in
|
||||||
hostName = "nixbld";
|
hostName = "nixbld";
|
||||||
hostId = "e423f012";
|
hostId = "e423f012";
|
||||||
firewall = {
|
firewall = {
|
||||||
allowedTCPPorts = [ 53 80 443 7402 ];
|
allowedTCPPorts = [ 53 80 443 7402 3939 3940 ];
|
||||||
allowedUDPPorts = [ 53 67 ];
|
allowedUDPPorts = [ 53 67 ];
|
||||||
trustedInterfaces = [ netifLan ];
|
trustedInterfaces = [ netifLan ];
|
||||||
};
|
};
|
||||||
|
|
@ -301,6 +301,7 @@ in
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.openssh.forwardX11 = true;
|
services.openssh.forwardX11 = true;
|
||||||
services.openssh.passwordAuthentication = false;
|
services.openssh.passwordAuthentication = false;
|
||||||
|
services.openssh.gatewayPorts = "clientspecified";
|
||||||
programs.mosh.enable = true;
|
programs.mosh.enable = true;
|
||||||
|
|
||||||
programs.fish.enable = true;
|
programs.fish.enable = true;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue