From 92848a9ab888518d7211327d7733f40814e7ccbf Mon Sep 17 00:00:00 2001
From: Alejandro Soto <alejandro@34project.org>
Date: Fri, 2 Aug 2024 17:03:25 -0600
Subject: sys/[lustrated]: initial commit

---
 sys/auth/openssh.nix | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'sys/auth')

diff --git a/sys/auth/openssh.nix b/sys/auth/openssh.nix
index 3bc3a78..87c6299 100644
--- a/sys/auth/openssh.nix
+++ b/sys/auth/openssh.nix
@@ -19,6 +19,11 @@ in
         };
       }) [ "ecdsa" "ed25519" "rsa" ]);
 
+    shiftPortNumber = mkOption {
+      type = types.bool;
+      default = true;
+    };
+
     withDeployKeys = mkOption {
       type = types.bool;
       default = false;
@@ -39,7 +44,7 @@ in
     services.openssh = {
       enable = true;
       openFirewall = true;
-      ports = [ 2234 ];
+      ports = mkIf cfg.shiftPortNumber [ 2234 ];
       startWhenNeeded = !config.services.fail2ban.enable;
 
       hostKeys = map
-- 
cgit v1.2.3