modules/home/programs/ssh/default.nix at 5b37b423bec4d308e5fc4dc8dec6ed6468de2cfe · pyrox.dev/nix

pyrox.dev / nix

My Nix Configuration

nix / modules / home / programs / ssh / default.nix

at 5b37b423bec4d308e5fc4dc8dec6ed6468de2cfe 1.2 kB view raw

 1{ lib, config, ... }:
 2let
 3  cfg = config.py.programs.ssh;
 4in
 5{
 6  options.py.programs.ssh.enable = lib.mkEnableOption "ssh";
 7  config = lib.mkIf cfg.enable {
 8    programs.ssh = {
 9      enable = true;
10      compression = true;
11      matchBlocks = {
12        "marvin" = {
13          hostname = "100.123.15.72";
14          user = "thehedgehog";
15          port = 22;
16          extraOptions = {
17            "IdentitiesOnly" = "no";
18            "PreferredAuthentications" = "publickey";
19          };
20        };
21        "prefect" = {
22          hostname = "100.93.63.54";
23          user = "thehedgehog";
24          port = 22;
25          extraOptions = {
26            "IdentitiesOnly" = "no";
27            "PreferredAuthentications" = "publickey";
28          };
29        };
30        "botw" = {
31          hostname = "bandit.labs.overthewire.org";
32          port = 2220;
33          sendEnv = [
34            "WECHALLUSER"
35            "WECHALLTOKEN"
36          ];
37        };
38      };
39      extraOptionOverrides = {
40        "Match" = ''host * exec "gpg-connect-agent UPDATESTARTUPTTY /bye"'';
41      };
42    };
43    home.file.".ssh/authorized_signatures".text = import ./ssh-auth-signers.nix;
44  };
45}