3 inherit (import ./../ssh-keys.nix pkgs)
4 snakeOilPrivateKey snakeOilPublicKey;
6 networking.firewall.allowedTCPPorts = [ 80 ];
8 systemd.services.mock-google-metadata = {
9 description = "Mock Google metadata service";
10 serviceConfig.Type = "simple";
11 serviceConfig.ExecStart = "${pkgs.python3}/bin/python ${./server.py}";
13 SNAKEOIL_PUBLIC_KEY = snakeOilPublicKey;
15 wantedBy = [ "multi-user.target" ];
16 after = [ "network.target" ];
19 services.openssh.enable = true;
20 services.openssh.settings.KbdInteractiveAuthentication = false;
21 services.openssh.settings.PasswordAuthentication = false;
23 security.googleOsLogin.enable = true;
26 networking.interfaces.lo.ipv4.addresses = [ { address = "169.254.169.254"; prefixLength = 32; } ];