From e6605b3a7391650109cd210051676b7c70f814e2 Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Fri, 28 Jul 2023 21:49:49 +0200
Subject: [PATCH] common/sshd: socket activate

---
 hosts/common.nix              | 12 ++++++++----
 hosts/tsuki/configuration.nix | 14 +++++---------
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/hosts/common.nix b/hosts/common.nix
index b96f43b..ab4b8ae 100644
--- a/hosts/common.nix
+++ b/hosts/common.nix
@@ -240,10 +240,14 @@ in {
 
     resolved.enable = true;
 
-    openssh= {
-      passwordAuthentication = false;
-      kbdInteractiveAuthentication = false;
-      permitRootLogin = "no";
+    openssh = {
+      startWhenNeeded = true;
+      settings = {
+        StreamLocalBindUnlink = true;
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
+      };
     };
 
     udev.packages = with pkgs; [
diff --git a/hosts/tsuki/configuration.nix b/hosts/tsuki/configuration.nix
index fd22bdf..07901a0 100644
--- a/hosts/tsuki/configuration.nix
+++ b/hosts/tsuki/configuration.nix
@@ -59,15 +59,11 @@
     firewall.enable=true;
   };
 
-  services = {
-    openssh.enable = true;
-    printing.enable = true;
-    cron = {
-      enable = true;
-      systemCronJobs = [
-    #     "*/5 * * * *      root    date >> /tmp/cron.log"
-      ];
-    };
+  services.openssh.enable = true;
+
+  systemd.services."sshd@".serviceConfig = {
+    Nice = -15;
+    IOSchedulingClass = "realtime";
   };
 
   users = {