feat: add initial config

config/openssh.nix

@@ -0,0 +1,22 @@
+let
+  secrets = import ../intermediate/secrets.nix;
+  users = builtins.attrNames secrets.source.openssh.users;
+in
+rec {
+  ssh_users = users;
+
+  extraConfig = {
+    users = {
+      "autossh-incoming" = ''
+        PasswordAuthentication no
+        PermitTTY no
+        X11Forwarding no
+        AllowAgentForwarding no
+        PermitTunnel no
+        AllowTcpForwarding remote
+        PermitListen localhost:*
+        PermitListen 127.0.0.1:*
+      '';
+    };
+  };
+}