mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 17:17:22 +01:00
32 lines
1 KiB
Nix
32 lines
1 KiB
Nix
{ inputs, lib, config, confLib, ... }:
|
|
{
|
|
options.swarselmodules.ssh = lib.mkEnableOption "ssh settings";
|
|
config = lib.mkIf config.swarselmodules.ssh ({
|
|
programs.ssh = {
|
|
enable = true;
|
|
enableDefaultConfig = false;
|
|
extraConfig = ''
|
|
SetEnv TERM=xterm-256color
|
|
ServerAliveInterval 20
|
|
'';
|
|
matchBlocks = {
|
|
"*" = {
|
|
forwardAgent = true;
|
|
addKeysToAgent = "no";
|
|
compression = false;
|
|
serverAliveInterval = 0;
|
|
serverAliveCountMax = 3;
|
|
hashKnownHosts = false;
|
|
userKnownHostsFile = "~/.ssh/known_hosts";
|
|
controlMaster = "auto";
|
|
controlPath = "~/.ssh/master-%r@%n:%p";
|
|
controlPersist = "5m";
|
|
};
|
|
} // confLib.getConfig.repo.secrets.common.ssh.hosts;
|
|
};
|
|
} // lib.optionalAttrs (inputs ? sops) {
|
|
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic && !config.swarselsystems.isNixos) {
|
|
builder-key = { path = "${config.home.homeDirectory}/.ssh/builder"; mode = "0600"; };
|
|
};
|
|
});
|
|
}
|