2024-08-24 22:00:37 +03:00
|
|
|
{
|
|
|
|
lib,
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
myData,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
{
|
2024-08-25 11:07:35 +03:00
|
|
|
options.mj.services.ssh8022 = with lib.types; {
|
|
|
|
client = {
|
|
|
|
enable = lib.mkEnableOption "Enable ssh8022 client";
|
|
|
|
keyfile = lib.mkOption { type = str; };
|
|
|
|
};
|
|
|
|
server = {
|
|
|
|
enable = lib.mkEnableOption "Enable ssh8022 server";
|
|
|
|
keyfile = lib.mkOption { type = str; };
|
|
|
|
};
|
2024-08-24 22:00:37 +03:00
|
|
|
};
|
|
|
|
|
2024-08-25 11:07:35 +03:00
|
|
|
config = lib.mkMerge [
|
|
|
|
(
|
|
|
|
let
|
|
|
|
cfg = config.mj.services.ssh8022.client;
|
|
|
|
in
|
|
|
|
lib.mkIf cfg.enable {
|
|
|
|
programs.ssh.extraConfig = ''
|
2024-08-25 11:38:53 +03:00
|
|
|
Host dl.jakstys.lt fra1-b.jakstys.lt
|
2024-08-26 09:20:57 +03:00
|
|
|
ProxyCommand ${pkgs.spiped}/bin/spipe -t %h:8022 -k ${cfg.keyfile}
|
2024-08-25 11:07:35 +03:00
|
|
|
'';
|
|
|
|
}
|
|
|
|
)
|
|
|
|
(
|
|
|
|
let
|
|
|
|
cfg = config.mj.services.ssh8022.server;
|
|
|
|
in
|
|
|
|
lib.mkIf cfg.enable {
|
|
|
|
services.spiped = {
|
|
|
|
enable = true;
|
|
|
|
config = {
|
|
|
|
ssh8022 = {
|
|
|
|
inherit (cfg) keyfile;
|
|
|
|
decrypt = true;
|
2024-08-25 11:14:52 +03:00
|
|
|
source = "[0.0.0.0]:8022";
|
2024-08-25 11:07:35 +03:00
|
|
|
target = "127.0.0.1:22";
|
|
|
|
};
|
|
|
|
};
|
2024-08-24 22:00:37 +03:00
|
|
|
};
|
2024-08-25 11:07:35 +03:00
|
|
|
networking.firewall.allowedTCPPorts = [ myData.ports.ssh8022 ];
|
2024-08-26 09:16:52 +03:00
|
|
|
systemd.services."spiped@ssh8022" = {
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
overrideStrategy = "asDropin";
|
|
|
|
};
|
2024-08-25 11:07:35 +03:00
|
|
|
}
|
|
|
|
)
|
|
|
|
];
|
2024-08-24 22:00:37 +03:00
|
|
|
}
|