Feat(system): Add openssh access

3 files changed, 27 insertions, 1 deletions

diff --git a/services/default.nix b/services/default.nix
index 0916bc03..36cf9763 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -4,5 +4,6 @@
     ./nix
     ./snapper
     ./dconf
+    ./openssh
   ];
 }
diff --git a/services/openssh/default.nix b/services/openssh/default.nix
new file mode 100644
index 00000000..5ee48a0c
--- /dev/null
+++ b/services/openssh/default.nix
@@ -0,0 +1,19 @@
+{
+  config,
+  pkg,
+  ...
+}: {
+  services.openssh = {
+    enable = true;
+    hostKeys = [
+      {
+        path = "/srv/sshd/ssh_host_ed25519_key";
+        rounds = 1000;
+        type = "ed25519";
+      }
+    ];
+    settings = {
+      PasswordAuthentication = false;
+    };
+  };
+}
diff --git a/system/users/default.nix b/system/users/default.nix
index d5b69814..adff5df3 100644
--- a/system/users/default.nix
+++ b/system/users/default.nix
@@ -25,8 +25,14 @@ in {
         createHome = true;
         shell = pkgs.zsh;
         initialHashedPassword = cfg.hashedPassword;
-        extraGroups = ["wheel"];
+        extraGroups = [
+          "wheel"
+          "networkmanager" # if I activate network-manager, this will help
+        ];
         uid = 1000;
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha"
+        ];
       };
     };
     #    system.activationScripts.home_permissions =