alarsyo/nixos-config
alarsyo/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
nixos-config/home/ssh.nix

63 lines
1.4 KiB
Nix
Raw Blame History

{
config,
lib,
...
}: let
inherit
(lib)
mkEnableOption
mkIf
;
cfg = config.my.home.ssh;
in {
options.my.home.ssh = {
enable = (mkEnableOption "ssh configuration") // {default = true;};
};
config = mkIf cfg.enable {
programs.ssh = {
enable = true;
matchBlocks = let
addGPGAgentForwarding = hostConf:
{
remoteForwards = [
{
# shhhh this is a path but it works
bind.address = "/run/user/1000/gnupg/S.gpg-agent.ssh";
host.address = "/run/user/1000/gnupg/S.gpg-agent.ssh";
}
];
}
// hostConf;
in {
boreal = addGPGAgentForwarding {hostname = "boreal.alarsyo.net";};
hades = addGPGAgentForwarding {hostname = "hades.alarsyo.net";};
thanatos = addGPGAgentForwarding {hostname = "thanatos.alarsyo.net";};
pi = addGPGAgentForwarding {
hostname = "pi.alarsyo.net";
user = "pi";
};
"thanatos.lrde.epita.fr" =
lib.hm.dag.entryBefore ["*.lrde.epita.fr"]
(addGPGAgentForwarding {
user = "alarsyo";
});
"*.lrde.epita.fr" = {
user = "amartin";
};
lrde-proxyjump = {
host = "*.lrde.epita.fr !ssh.lrde.epita.fr";
proxyJump = "ssh.lrde.epita.fr";
};
};
includes = ["prologin_config"];
};
};
}
Reference in a new issue View git blame Copy permalink