global/security: enable ssh GatewayPorts

2024-04-14 07:27:35 -04:00 · 2024-04-14 07:27:35 -04:00 · d55fccdd3a
commit d55fccdd3a
parent d9d184041e
1 changed files with 6 additions and 3 deletions
--- a/modules/global/security.nix
+++ b/modules/global/security.nix
@ -38,10 +38,13 @@ with lib;
  services.openssh = {
    enable = true;
    openFirewall = mkDefault true;
-    settings.X11Forwarding = mkDefault false;
+    settings = {
+      X11Forwarding = mkDefault false;
+      GatewayPorts = mkDefault "yes";
+    };
    hostKeys = mkDefault [{
-        path = "/etc/ssh/ssh_host_ed25519_key";
-        type = "ed25519";
+      path = "/etc/ssh/ssh_host_ed25519_key";
+      type = "ed25519";
    }];
  };