Use localhost SSH for password-less NixOS rebuilds

2025-12-09 23:33:07 +01:00
parent 4ee36c3121
commit d4706ae65a
2 changed files with 13 additions and 1 deletions
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -144,4 +144,15 @@ in
      iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
    '';
  };
+
+  # Enable localhost SSH
+  services.openssh = {
+    enable = true;
+    openFirewall = false;
+    startWhenNeeded = true;
+    settings = {
+      PermitRootLogin = "without-password";
+      PasswordAuthentication = false;
+    };
+  };
 }