nixbld: SSH reverse proxy setup

This commit is contained in:
Sebastien Bourdeauducq 2022-09-17 19:13:54 +08:00
parent e9b02d0c72
commit ac022776e7
1 changed files with 2 additions and 1 deletions

View File

@ -88,7 +88,7 @@ in
hostName = "nixbld"; hostName = "nixbld";
hostId = "e423f012"; hostId = "e423f012";
firewall = { firewall = {
allowedTCPPorts = [ 53 80 443 7402 ]; allowedTCPPorts = [ 53 80 443 7402 3939 3940 ];
allowedUDPPorts = [ 53 67 ]; allowedUDPPorts = [ 53 67 ];
trustedInterfaces = [ netifLan ]; trustedInterfaces = [ netifLan ];
}; };
@ -301,6 +301,7 @@ in
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.forwardX11 = true; services.openssh.forwardX11 = true;
services.openssh.passwordAuthentication = false; services.openssh.passwordAuthentication = false;
services.openssh.gatewayPorts = "clientspecified";
programs.mosh.enable = true; programs.mosh.enable = true;
programs.fish.enable = true; programs.fish.enable = true;