ssh: refactoring

This commit is contained in:
Zynh Ludwig 2024-07-28 06:08:59 -07:00
parent e46de005fd
commit afdd0a22f3

View file

@ -11,41 +11,39 @@ in
homeNetwork = lib.mkEnableOption "include local hostnames for home network devices"; homeNetwork = lib.mkEnableOption "include local hostnames for home network devices";
}; };
config = lib.mkIf cfg.enable { config =
programs.ssh = { let home = config.home.homeDirectory + "/.ssh";
enable = true; in lib.mkIf cfg.enable {
includes = [ programs.ssh = {
"conf.d/*" enable = true;
]; includes = [ "conf.d/*" ];
matchBlocks = { matchBlocks = {
"git.zynh.me" = { "git.zynh.me" = {
hostname = "git.zynh.me"; hostname = "git.zynh.me";
user = "git"; user = "git";
port = 2221; port = 2221;
identityFile = "${config.home.homeDirectory}/.ssh/personal_git"; identityFile = "${home}/.ssh/personal_git";
}; };
msiserver = { msiserver = {
hostname = "scarlet.zynh.me"; hostname = "scarlet.zynh.me";
user = "zynh"; user = "zynh";
identityFile = "${config.home.homeDirectory}/.ssh/msiserver"; identityFile = "${home}/.ssh/msiserver";
}; };
"msiserver.local" = lib.mkIf cfg.homeNetwork { "msiserver.local" = lib.mkIf cfg.homeNetwork {
hostname = "msiserver"; hostname = "msiserver";
user = "zynh"; user = "zynh";
identityFile = "${config.home.homeDirectory}/.ssh/msiserver"; identityFile = "${home}/.ssh/msiserver";
}; };
caveserver = { caveserver = {
identityFile = "${config.home.homeDirectory}/.ssh/caveserver"; identityFile = "${home}/.ssh/caveserver";
};
}; };
}; };
};
sops.secrets = sops.secrets = lib.mkIf sops {
let home = config.home.homeDirectory;
in lib.mkIf sops {
"private_keys/msiserver".path = "${home}/.ssh/msiserver"; "private_keys/msiserver".path = "${home}/.ssh/msiserver";
"private_keys/caveserver".path = "${home}/.ssh/caveserver"; "private_keys/caveserver".path = "${home}/.ssh/caveserver";
"ssh_hosts/caveserver".path = "${home}/.ssh/conf.d/caveserver_config"; "ssh_hosts/caveserver".path = "${home}/.ssh/conf.d/caveserver_config";
}; };
}; };
} }