modules/home/cli/ssh.nix at refactor/mkService · xaiya.dev/dotfiles

xaiya.dev / dotfiles

NixOS configuration 🪄

dotfiles / modules / home / cli / ssh.nix

at refactor/mkService 35 lines 906 B view raw

 1{ osConfig, ... }:
 2{
 3  programs.ssh = {
 4    enable = true;
 5    enableDefaultConfig = false; # Option will be deprecated
 6
 7    # Default Matchblocks that should be on every System
 8    # This might change over time if any other (not me) person joins this flake
 9    matchBlocks = {
10      "*" = {
11        addKeysToAgent = "no"; # These SSH Keys do not need to be managed through an agent
12
13        serverAliveCountMax = 3; 
14
15        hashKnownHosts = true; 
16        userKnownHostsFile = "~/.ssh/known_hosts"; 
17
18        controlPath = "~/.ssh/master-%r@%n:%p"; 
19        controlPersist = "no";
20      };
21      
22      "github.com" = {
23        user = "git";
24        hostname = "github.com";
25        identityFile = osConfig.age.secrets."ssh-gh".path;
26      };
27
28      "apricot" = {
29        user = "git";
30        hostname = "apricot";
31        identityFile = osConfig.age.secrets."ssh-tangled".path;
32      };
33    };
34  };
35}