From e33b53e459023b13590a370ea342ffa4a4642b78 Mon Sep 17 00:00:00 2001
From: Nathan <nathanblunkall5@gmail.com>
Date: Sat, 16 Aug 2025 12:19:31 -0500
Subject: [PATCH] no interactive auth for gitea

---
 system-config/services/containers/gitea/default.nix | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/system-config/services/containers/gitea/default.nix b/system-config/services/containers/gitea/default.nix
index 2ee1198..317d2c4 100644
--- a/system-config/services/containers/gitea/default.nix
+++ b/system-config/services/containers/gitea/default.nix
@@ -104,7 +104,14 @@
                     };
 
                 };
-                services.openssh.enable = true;
+                services.openssh = {
+                    enable = true;
+                    settings = {
+                        PermitRootLogin = lib.mkForce "no";
+                        PasswordAuthentication = false;
+                        KbdInteractiveAuthentication = false;
+                    };
+                };
 
                 networking.firewall.allowedTCPPorts = [ 22 3000 ];