From 9e3345ff9bfa7142eb11936fb794f3816a5ab8fa Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Tue, 20 Sep 2022 11:50:45 +0000
Subject: [PATCH] add sshd for aws generators

---
 generators/aws.nix        |  3 +++
 modules/services/sshd.nix | 24 ++++++++++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 modules/services/sshd.nix

diff --git a/generators/aws.nix b/generators/aws.nix
index f1f54cd..0c7997c 100644
--- a/generators/aws.nix
+++ b/generators/aws.nix
@@ -11,9 +11,12 @@ nixos-generators.nixoGenerate {
       colorscheme = (import ../../modules/colorscheme/gruvbox);
       passwordHash =
         "$6$PZYiMGmJIIHAepTM$Wx5EqTQ5GApzXx58nvi8azh16pdxrN6Qrv1wunDlzveOgawitWzcIxuj76X9V868fsPi/NOIEO8yVXqwzS9UF.";
+      publicKey =
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
     }
     ../hosts/common.nix
     ../modules/nixos
+    ../modules/services/sshd.nix
   ];
   format = "aws";
 }
diff --git a/modules/services/sshd.nix b/modules/services/sshd.nix
new file mode 100644
index 0000000..8be395b
--- /dev/null
+++ b/modules/services/sshd.nix
@@ -0,0 +1,24 @@
+{ config, pkgs, lib, ... }: {
+
+  options = {
+    publicKey = lib.mkOption {
+      type = lib.types.str;
+      description = "Public SSH key authorized for this system.";
+    };
+  };
+
+  config = {
+    services.openssh = {
+      enable = true;
+      ports = [ 22 ];
+      passwordAuthentication = false;
+      gatewayPorts = "no";
+      forwardX11 = false;
+      allowSFTP = true;
+      permitRootLogin = "no";
+    };
+
+    users.users.${config.user}.authorizedKeys.keys = [ config.publicKey ];
+  };
+
+}