From 81ae35ccfdc9d91491e3cf0323351f9009318669 Mon Sep 17 00:00:00 2001 From: Rodrigo Arias Mallo Date: Mon, 22 Sep 2025 16:44:09 +0200 Subject: [PATCH] Remove ssh jumps to raccoon or tent --- m/apex/configuration.nix | 8 -------- m/common/ssf.nix | 1 - m/common/ssf/ssh.nix | 12 ------------ m/fox/configuration.nix | 6 ------ 4 files changed, 27 deletions(-) delete mode 100644 m/common/ssf/ssh.nix diff --git a/m/apex/configuration.nix b/m/apex/configuration.nix index fdddb676..82d38422 100644 --- a/m/apex/configuration.nix +++ b/m/apex/configuration.nix @@ -56,14 +56,6 @@ }; }; - # Use SSH tunnel to reach internal hosts - programs.ssh.extraConfig = '' - Host knights3.bsc.es - ProxyCommand nc -X connect -x localhost:23080 %h %p - Host tent - ProxyJump raccoon - ''; - networking.firewall = { extraCommands = '' # Blackhole BSC vulnerability scanner (OpenVAS) as it is spamming our diff --git a/m/common/ssf.nix b/m/common/ssf.nix index 8e8dc6b4..5c9d8477 100644 --- a/m/common/ssf.nix +++ b/m/common/ssf.nix @@ -5,6 +5,5 @@ ./ssf/fs.nix ./ssf/hosts.nix ./ssf/net.nix - ./ssf/ssh.nix ]; } diff --git a/m/common/ssf/ssh.nix b/m/common/ssf/ssh.nix deleted file mode 100644 index c2f0d71e..00000000 --- a/m/common/ssf/ssh.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - # Use SSH tunnel to apex to reach internal hosts - programs.ssh.extraConfig = '' - Host tent - ProxyJump raccoon - - # Access raccoon via the HTTP proxy - Host raccoon knights3.bsc.es - HostName knights3.bsc.es - ProxyCommand=ssh apex 'nc -X connect -x localhost:23080 %h %p' - ''; -} diff --git a/m/fox/configuration.nix b/m/fox/configuration.nix index d73f9dc6..e890ba54 100644 --- a/m/fox/configuration.nix +++ b/m/fox/configuration.nix @@ -45,12 +45,6 @@ services.fail2ban.enable = true; - # Use SSH tunnel to reach internal hosts - programs.ssh.extraConfig = '' - Host tent - ProxyJump raccoon - ''; - networking = { timeServers = [ "ntp1.upc.edu" "ntp2.upc.edu" ]; hostName = "fox";