home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE
commit 697dba0d8a96ecf24b43490a33f09c785ce9b912
parent bb391074e5645029b382792758d7797e382001f6
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Mon,  1 Jun 2020 14:09:49 +0200

users/vincent: add ssh to core

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:

Musers/vincent/core/default.nix | 1+


Musers/vincent/core/shell.nix | 1+


Ausers/vincent/core/ssh.nix | 61+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


3 files changed, 63 insertions(+), 0 deletions(-)

diff --git a/users/vincent/core/default.nix b/users/vincent/core/default.nix
@@ -8,6 +8,7 @@
     ./git.nix
     ./gpg.nix
     ./htop.nix
+    ./ssh.nix
     ./tmux.nix
     ./xdg.nix
     ./zsh.nix
diff --git a/users/vincent/core/shell.nix b/users/vincent/core/shell.nix
@@ -15,6 +15,7 @@
   };
 
   env = ''
+    export PATH=$HOME/bin:$PATH
     export LESSHISTFILE="${config.xdg.dataHome}/less_history"
     export GOPATH=${config.home.homeDirectory}
     export WEBKIT_DISABLE_COMPOSITING_MODE=1;
diff --git a/users/vincent/core/ssh.nix b/users/vincent/core/ssh.nix
@@ -0,0 +1,61 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+  patchedOpenSSH = pkgs.openssh.override { withKerberos = true; withGssapiPatches = true; };
+in
+{
+  home.packages = [
+    patchedOpenSSH
+  ];
+  home.file.".ssh/sockets/.placeholder".text = '''';
+  xdg.configFile.".ssh/.placeholder".text = '''';
+  programs.ssh = {
+    enable = true;
+
+    serverAliveInterval = 60;
+    hashKnownHosts = true;
+    userKnownHostsFile = "${config.xdg.configHome}/ssh/known_hosts";
+    controlPath = "${config.home.homeDirectory}/.ssh/sockets/%u-%l-%r@%h:%p";
+    matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        extraOptions = {
+          controlMaster = "auto";
+          controlPersist = "360";
+        };
+      };
+      "gitlab.com" = {
+        hostname = "gitlab.com";
+        user = "git";
+        extraOptions = {
+          controlMaster = "auto";
+          controlPersist = "360";
+        };
+      };
+      "git.sr.ht" = {
+        hostname = "git.sr.ht";
+        user = "git";
+        extraOptions = {
+          controlMaster = "auto";
+          controlPersist = "360";
+        };
+      };
+      "*.redhat.com" = {
+        user = "vdemeest";
+      };
+      "192.168.1.*" = {
+        forwardAgent = true;
+      };
+      "10.100.0.*" = {
+        forwardAgent = true;
+      };
+    }; # FIXME with optional secrets // cfg.machines;
+    extraConfig = ''
+      PreferredAuthentications gssapi-with-mic,publickey,password
+      GSSAPIAuthentication yes
+      GSSAPIDelegateCredentials yes
+    '';
+  };
+}