Remove more persistence references and move to a simpler, global system

2025-02-28 14:17:13 -05:00 · 2025-02-28 14:17:13 -05:00 · 9a8e7d8a9e
commit 9a8e7d8a9e
parent 8d1a992bb2
6 changed files with 23 additions and 49 deletions
--- a/system/services/general/ssh/default.nix
+++ b/system/services/general/ssh/default.nix
@ -1,22 +1,20 @@
 { lib, ... }:
 {
-  imports = [ ./fail2ban ];
-
-  services.openssh = {
-    enable = true;
-    settings = {
-      PermitRootLogin = lib.mkForce "no";
-      PrintLastLog = "no";
-      PasswordAuthentication = false;
-      UsePAM = false;
-      X11Forwarding = false;
+  services = {
+    openssh = {
+      enable = true;
+      settings = {
+        PermitRootLogin = lib.mkForce "no";
+        PrintLastLog = "no";
+        PasswordAuthentication = false;
+        UsePAM = false;
+        X11Forwarding = false;
+      };
+    };
+    fail2ban = {
+      enable = true;
+      maxretry = 5;
+      bantime = "10m";
    };
  };
-
-  environment.persistence."/persist".files = [
-    "/etc/ssh/ssh_host_ed25519_key"
-    "/etc/ssh/ssh_host_ed25519_key.pub"
-    "/etc/ssh/ssh_host_rsa_key"
-    "/etc/ssh/ssh_host_rsa_key.pub"
-  ];
 }