25.11

2025-12-03 01:59:12 +01:00
parent 5d65da4fca
commit edda49ee66
27 changed files with 235 additions and 267 deletions
--- a/home-modules/ssh.nix
+++ b/home-modules/ssh.nix
@@ -3,31 +3,39 @@
  programs.ssh = {
    enable = true;
    package = pkgs.openssh;
-    addKeysToAgent = "yes";
+    enableDefaultConfig = false;
    matchBlocks = let
-      nxace = name: {
+      default = {
+        addKeysToAgent = "yes";
+        forwardAgent = false;
+        compression = false;
+        serverAliveInterval = 0;
+        serverAliveCountMax = 3;
+        hashKnownHosts = false;
+        userKnownHostsFile = "~/.ssh/known_hosts";
+        controlMaster = "no";
+        controlPath = "~/.ssh/master-%r@%n:%p";
+        controlPersist = "no";
+      };
+      nxace = name: default // {
        host = name;
        hostname = "ssh.${hyper.domain}";
        user = "nx2";
        port = 50022;
-        identityFile = "${hyper.home}/vault/ssh/nxace-nx2-${hyper.host}";
+        identityFile = [ "${hyper.home}/vault/ssh/nxace-nx2-${hyper.host}" ];
      };
    in {
-      "*".identityFile = [
+      "*" = default;
+      "ssh.nx2.site" = default // { identityFile = [
+        "${hyper.home}/vault/ssh/nxace-nx2-${hyper.host}"
        "${hyper.home}/vault/ssh/nxgit-nx2-${hyper.host}"
-        "${hyper.home}/vault/ssh/github-noggynoggy-${hyper.host}"
-        "${hyper.home}/vault/ssh/tg-dm-informatik-tuda"
-        (pkgs.lib.mkIf (hyper.host == "NxDCS") "${hyper.home}/vault/ssh/dcsgit-lkurzweg-${hyper.host}")
-      ];
-      "github.com".identityFile = [ "${hyper.home}/vault/ssh/github-noggynoggy-${hyper.host}" ];
-      "nxace" = nxace "nxace";
-      "nxacel" = (nxace "nxacel") // { hostname = "10.0.1.1"; };
-      "nxrpli" = (nxace "nxrpil") // { hostname = "10.0.1.31"; port = 22; };
-      "nxgit" = (nxace "nxgit") // {
-        user = "git";
-        identityFile = "${hyper.home}/vault/ssh/nxgit-nx2-${hyper.host}";
-        # addKeysToAgent = "1h";
-      };
+      ]; };
+      "tg.dm.informatik.tu-darmstadt.de" = default // { identityFile = [ "${hyper.home}/vault/ssh/tg-dm-informatik-tuda"           ]; };
+      "git.da.dicos.de"                  = default // { identityFile = [ "${hyper.home}/vault/ssh/dcsgit-lkurzweg-${hyper.host}"   ]; };
+      "github.com"                       = default // { identityFile = [ "${hyper.home}/vault/ssh/github-noggynoggy-${hyper.host}" ]; };
+      "nxace"                            = (nxace "nxace" );
+      "nxacel"                           = (nxace "nxacel") // { hostname = "10.0.1.1"; };
+      "nxrpli"                           = (nxace "nxrpil") // { hostname = "10.0.1.31"; port = 22; };
    };
  };
  services.ssh-agent = {