Burp server: Add user for SSH-tunnelling in

hosts/burp-server.nix

@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:
 {
     services.burp.server = {
         enable = true;
@@ -27,4 +27,21 @@
             "Mon,Tue,Wed,Thu,Fri,Sat,Sun,00,01,02,03,04,05,06,07,08,17,18,19,20,21,22,23"
         ];
     };
+
+    # Used for other clients to open an SSH tunnel to the burp server
+    users.users.burp-remote = {
+        isNormalUser = false;
+        isSystemUser = true;
+        createHome = false;
+        group = "nogroup";
+        # A shell is necessary for the user to run `sleep`
+        shell = pkgs.bash;
+        openssh.authorizedKeys.keys = [
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItwImll4vcrfRQZjf6zkEGJswpL9EdWRiibXtjis99J root@Emitter"
+        ];
+    };
+    services.openssh.extraConfig = ''
+        Match User burp-remote
+            ForceCommand ${pkgs.coreutils}/bin/sleep 10
+    '';
 }