feat(endlessh): add an ssh tarpit to raptus
This commit is contained in:
parent
3b5f91973c
commit
5716c2eee9
SSH key fingerprint:
SHA256:iQnIC12spf4QjWSbarmkD2No1cLMlu6TWoV7K6cYF5g
1 changed files with 12 additions and 3 deletions
|
|
@ -2,6 +2,7 @@
|
||||||
modulesPath,
|
modulesPath,
|
||||||
lib,
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
|
config,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
|
|
@ -39,11 +40,11 @@ in
|
||||||
networking.firewall = lib.mkForce {
|
networking.firewall = lib.mkForce {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [
|
||||||
22
|
|
||||||
443
|
443
|
||||||
5984 # couchdb
|
5984 # couchdb
|
||||||
3000 # forgejo
|
3000 # forgejo
|
||||||
];
|
8000 # rustypaste
|
||||||
|
] ++ config.services.openssh.ports ++ [ config.services.endlessh.port ];
|
||||||
};
|
};
|
||||||
|
|
||||||
# User account to run remote builds
|
# User account to run remote builds
|
||||||
|
|
@ -93,7 +94,15 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
ports = [ 56528 ];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.endlessh = {
|
||||||
|
enable = true;
|
||||||
|
port = 22;
|
||||||
|
};
|
||||||
|
|
||||||
environment.systemPackages = map lib.lowPrio [
|
environment.systemPackages = map lib.lowPrio [
|
||||||
pkgs.curl
|
pkgs.curl
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue