refactor: seperate module for openssh

hosts/common/default.nix

@@ -3,21 +3,17 @@
   username,
   outputs,
   config,
-  lib,
   inputs,
   email,
   ...
-}: let
-  # Sops needs acess to the keys before the persist dirs are even mounted; so
-  # just persisting the keys won't work, we must point at /persist
-  hasOptinPersistence = config.environment.persistence."/persist".enable;
-in {
+}: {
   imports = [
     inputs.impermanence.nixosModules.impermanence
     inputs.home-manager.nixosModules.home-manager
 
     ../../modules/nixos/fail2ban.nix
     ../../modules/nixos/sops.nix
+    ../../modules/nixos/networking/ssh.nix
   ];
 
   sops.secrets.tux-password = {
@@ -98,22 +94,6 @@ in {
     };
   };
 
-  services = {
-    openssh = {
-      enable = true;
-      settings = {
-        PasswordAuthentication = false;
-      };
-
-      hostKeys = [
-        {
-          path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
-          type = "ed25519";
-        }
-      ];
-    };
-  };
-
   users = {
     mutableUsers = false;
     defaultUserShell = pkgs.zsh;