1
0
Fork 0
dotfiles/programs/ssh.nix

103 lines
2.1 KiB
Nix
Raw Normal View History

2022-04-14 18:25:49 +00:00
{ pkgs, config, ... }:
2022-01-25 21:21:15 +00:00
let
2022-04-06 20:20:03 +00:00
auth-socket = "${config.home.homeDirectory}/.ssh/1password.sock";
2022-01-25 21:21:15 +00:00
signers-directory = "${config.home.homeDirectory}/.ssh/allowed_signers";
in
2022-01-10 21:41:52 +00:00
{
2022-04-14 18:25:49 +00:00
home.packages = [ pkgs.openssh ];
2022-01-10 21:41:52 +00:00
programs.ssh = {
enable = true;
forwardAgent = false;
compression = false;
hashKnownHosts = true;
serverAliveInterval = 60;
extraConfig = ''
2022-04-06 20:20:03 +00:00
IdentityAgent "${auth-socket}"
2022-01-10 21:41:52 +00:00
UpdateHostKeys ask
VerifyHostKeyDNS yes
'';
matchBlocks = {
# Work
"git.app.nedeco.de" = {
port = 22;
user = "git";
2022-03-17 09:33:21 +00:00
identityFile = "~/.ssh/nedeco_gitlab.pub";
2022-01-10 21:41:52 +00:00
identitiesOnly = true;
compression = true;
};
"nedeco-smartos-hosting" = {
host = "10.0.90.*";
port = 22;
user = "root";
2022-03-17 09:33:21 +00:00
identityFile = "~/.ssh/nedeco.pub";
2022-01-10 21:41:52 +00:00
identitiesOnly = true;
};
# Private
"github.com" = {
port = 22;
user = "git";
2022-03-17 09:33:21 +00:00
identityFile = "~/.ssh/GitHub.pub";
2022-01-10 21:41:52 +00:00
identitiesOnly = true;
compression = true;
};
"gitlab.com" = {
port = 22;
user = "git";
2022-03-19 21:54:55 +00:00
identityFile = "~/.ssh/GitLab.pub";
2022-01-10 21:41:52 +00:00
identitiesOnly = true;
compression = true;
};
2022-01-11 22:13:08 +00:00
"router" = {
hostname = "10.0.0.1";
port = 22;
user = "root";
};
2022-01-10 21:41:52 +00:00
"nas" = {
2022-01-11 22:13:08 +00:00
hostname = "10.0.0.100";
2022-01-10 21:41:52 +00:00
port = 22;
user = "daniel";
identityFile = "~/.ssh/LAN.pub";
2022-01-10 21:41:52 +00:00
identitiesOnly = true;
2022-05-07 21:31:58 +00:00
};
"haven" = {
hostname = "100.101.243.36";
port = 22;
user = "daniel";
identityFile = "~/.ssh/LAN.pub";
identitiesOnly = true;
};
"webboat" = {
hostname = "100.99.89.98";
port = 20022;
user = "root";
identityFile = "~/.ssh/Hetzner.pub";
identitiesOnly = true;
2022-01-10 21:41:52 +00:00
};
};
2022-01-11 22:13:08 +00:00
includes = [
"~/.ssh/config_work"
];
2022-01-10 21:41:52 +00:00
};
2022-01-25 21:21:15 +00:00
2022-04-06 20:20:03 +00:00
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
2022-01-25 21:21:15 +00:00
home.file."${signers-directory}" = {
source = ../config/ssh/allowed_signers;
recursive = true;
};
2022-01-10 21:41:52 +00:00
}