From 1e20b6b4016e3aef4300420034155c788ca10ae9 Mon Sep 17 00:00:00 2001
From: Katherina Walshe-Grey <git@katherina.rocks>
Date: Wed, 19 Jun 2024 20:22:37 +0100
Subject: [PATCH] Allow SSH login to any machine

---
 colmena/remote.nix              | 5 -----
 common/{openssh.nix => ssh.nix} | 2 --
 hive.nix                        | 1 +
 3 files changed, 1 insertion(+), 7 deletions(-)
 rename common/{openssh.nix => ssh.nix} (80%)

diff --git a/colmena/remote.nix b/colmena/remote.nix
index 47191f7..84c28bd 100644
--- a/colmena/remote.nix
+++ b/colmena/remote.nix
@@ -7,10 +7,5 @@
     tags = [ "remote" ];
   };
 
-  # Required for remote builds
   security.sudo.wheelNeedsPassword = false;
-
-  imports = [
-    ../common/openssh.nix
-  ];
 }
diff --git a/common/openssh.nix b/common/ssh.nix
similarity index 80%
rename from common/openssh.nix
rename to common/ssh.nix
index 6715088..d8dd364 100644
--- a/common/openssh.nix
+++ b/common/ssh.nix
@@ -10,6 +10,4 @@
   };
 
   services.fail2ban.enable = true;
-
-  networking.firewall.allowedTCPPorts = [ 22 ];
 }
\ No newline at end of file
diff --git a/hive.nix b/hive.nix
index e3ccd2b..7251c01 100644
--- a/hive.nix
+++ b/hive.nix
@@ -23,6 +23,7 @@ in {
       (import "${sources.home-manager}/nixos")
       (import "${sources.agenix}/modules/age.nix")
       ./pinning.nix
+      ./common/ssh.nix
       ./common/sudo.nix
       ./common/utilities.nix
       ./users/qenya.nix