clouvider-lon01: disable SSH open-to-all

This commit is contained in:
Luke Granger-Brown 2021-01-12 00:00:34 +00:00
parent ad516941e8
commit d20dd06aaf

View file

@ -131,7 +131,7 @@ in {
}; };
my.ip.tailscale = "100.79.173.25"; my.ip.tailscale = "100.79.173.25";
services.openssh.openFirewall = true; # TODO: make this false once I know it works services.openssh.openFirewall = false; # allowed by networking.firewall.extraCommands
services.openssh.hostKeys = [ services.openssh.hostKeys = [
{ {
path = "/persist/etc/ssh/ssh_host_ed25519_key"; path = "/persist/etc/ssh/ssh_host_ed25519_key";