From d2a86a39aed7844b5ac97546876be82cac1853ac Mon Sep 17 00:00:00 2001
From: hodasemi <michaelh.95@t-online.de>
Date: Tue, 10 Jun 2025 09:14:33 +0200
Subject: [PATCH] Add ssh rules for forgejo user

---
 git_system.nix    | 7 +++++++
 shared/system.nix | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/git_system.nix b/git_system.nix
index 504b43e..bc57966 100644
--- a/git_system.nix
+++ b/git_system.nix
@@ -73,6 +73,13 @@ in
       };
     };
 
+    openssh = {
+      ports = [ 62 ];
+      settings = {
+          AllowUsers = [ "forgejo" ];
+      };
+    };
+
     renovate = {
       enable = true;
       schedule = "1 h";
diff --git a/shared/system.nix b/shared/system.nix
index effaf1a..da5ae16 100644
--- a/shared/system.nix
+++ b/shared/system.nix
@@ -23,6 +23,6 @@
 
   networking.firewall = {
     enable = true;
-    allowedTCPPorts = [ 62 80 443 ];
+    allowedTCPPorts = [ 80 443 ];
   };
 }