coolneng/panacea
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use localhost SSH for password-less NixOS rebuilds

Browse Source
This commit is contained in:
coolneng
2025-12-09 23:33:07 +01:00
parent 4ee36c3121
commit d4706ae65a
2 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Makefile
View File

@@ -1,5 +1,6 @@
switch: switch:
sudo nixos-rebuild switch --flake path://$(PWD)# nixos-rebuild switch --target-host root@localhost \
--build-host root@localhost --flake path://$(PWD)#panacea
update: update:
nix flake update --commit-lock-file nix flake update --commit-lock-file

11
modules/networking.nix
View File

@@ -144,4 +144,15 @@ in
iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true iptables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport ${wireguard_port} -j RETURN || true
''; '';
}; };
# Enable localhost SSH
services.openssh = {
enable = true;
openFirewall = false;
startWhenNeeded = true;
settings = {
PermitRootLogin = "without-password";
PasswordAuthentication = false;
};
};
} }