nixos-config-priv/home/zhuangzi/common/core/ssh.nix

{ outputs, lib, ... }:
{
  programs.ssh = {
    enable = true;

    extraConfig = ''
      #req'd for enabling yubikey-agent
      AddKeysToAgent yes
    '';

    matchBlocks = {
      "yubikey-hosts" = {
        host = "gitlab.com github.com";
        forwardAgent = true;
        identitiesOnly = true;
        identityFile = [
          "~/.ssh/id_yubikey" # This is an auto symlink to whatever yubikey is plugged in. See hosts/common/optional/yubikey
          "~/.ssh/id_mila"
          "~/.ssh/id_hello" # fallback to id_hello if yubis aren't present
        ];
      };
    };
    # FIXME: This should probably be for git systems only?
    #controlMaster = "auto";
    #controlPath = "~/.ssh/sockets/S.%r@%h:%p";
    #controlPersist = "60m";

    #extraConfig = ''
    #Include config.d/*
    #'';
  };
  #  home.file.".ssh/sockets/.keep".text = "# Managed by Home Manager";
}
asdf 2024-06-07 11:37:13 +00:00			`{ outputs, lib, ... }:`
			`{`
			`programs.ssh = {`
			`enable = true;`

			`extraConfig = ''`
			`#req'd for enabling yubikey-agent`
			`AddKeysToAgent yes`
			`'';`

			`matchBlocks = {`
			`"yubikey-hosts" = {`
			`host = "gitlab.com github.com";`
			`forwardAgent = true;`
			`identitiesOnly = true;`
			`identityFile = [`
			`"~/.ssh/id_yubikey" # This is an auto symlink to whatever yubikey is plugged in. See hosts/common/optional/yubikey`
			`"~/.ssh/id_mila"`
			`"~/.ssh/id_hello" # fallback to id_hello if yubis aren't present`
			`];`
			`};`
			`};`
			`# FIXME: This should probably be for git systems only?`
			`#controlMaster = "auto";`
			`#controlPath = "~/.ssh/sockets/S.%r@%h:%p";`
			`#controlPersist = "60m";`

			`#extraConfig = ''`
			`#Include config.d/*`
			`#'';`
			`};`
			`# home.file.".ssh/sockets/.keep".text = "# Managed by Home Manager";`
			`}`