mirror of
https://github.com/RGBCube/ncc
synced 2025-07-27 10:07:44 +00:00
59 lines
1.5 KiB
Nix
59 lines
1.5 KiB
Nix
{ self, config, lib, pkgs, ... }: let
|
|
inherit (lib) enabled mkIf filterAttrs attrNames mapAttrs head remove;
|
|
|
|
controlPath = "~/.ssh/control";
|
|
|
|
hosts = self.nixosConfigurations
|
|
|> filterAttrs (_: value: value.config.services.openssh.enable)
|
|
|> mapAttrs (_: value: {
|
|
user = value.config.users.users
|
|
|> filterAttrs (_: value: value.isNormalUser)
|
|
|> attrNames
|
|
|> remove "backup"
|
|
|> remove "build"
|
|
|> remove "root"
|
|
|> head;
|
|
|
|
hostname = value.config.networking.ipv4.address;
|
|
|
|
port = head value.config.services.openssh.ports;
|
|
});
|
|
in {
|
|
secrets.sshConfig = {
|
|
file = ./config.age;
|
|
mode = "444";
|
|
};
|
|
|
|
home-manager.sharedModules = [(homeArgs: let
|
|
lib' = homeArgs.lib;
|
|
|
|
inherit (lib'.hm.dag) entryAfter;
|
|
in {
|
|
home.activation.createControlPath = entryAfter [ "writeBoundary" ] /* bash */ ''
|
|
mkdir --parents ${controlPath}
|
|
'';
|
|
|
|
programs.ssh = enabled {
|
|
controlMaster = "auto";
|
|
controlPath = "${controlPath}/%r@%n:%p";
|
|
controlPersist = "60m";
|
|
serverAliveCountMax = 2;
|
|
serverAliveInterval = 60;
|
|
|
|
includes = [ config.secrets.sshConfig.path ];
|
|
|
|
matchBlocks = hosts // {
|
|
"*" = {
|
|
setEnv.COLORTERM = "truecolor";
|
|
setEnv.TERM = "xterm-256color";
|
|
|
|
identityFile = "~/.ssh/id";
|
|
};
|
|
};
|
|
};
|
|
})];
|
|
|
|
environment.systemPackages = mkIf config.isDesktop [
|
|
pkgs.mosh
|
|
];
|
|
}
|