ssh.nix (1582B)
1 { domain, username, sshport, privatekey, ... }: 2 3 { 4 programs.ssh = { 5 enable = true; 6 enableDefaultConfig = false; 7 matchBlocks = { 8 "*" = { 9 forwardAgent = false; 10 addKeysToAgent = "no"; 11 compression = false; 12 serverAliveInterval = 0; 13 serverAliveCountMax = 3; 14 hashKnownHosts = false; 15 userKnownHostsFile = "~/.ssh/known_hosts"; 16 controlMaster = "no"; 17 controlPath = "~/.ssh/master-%r@%n:%p"; 18 controlPersist = "no"; 19 }; 20 "tunnel" = { 21 hostname = "${domain}"; 22 user = "${username}"; 23 port = sshport; 24 identityFile = "${privatekey}"; 25 extraOptions = { 26 RemoteCommand = "ssh -p 55013 ${username}@localhost -i ${privatekey}"; 27 RequestTTY = "force"; 28 }; 29 }; 30 "arcadia" = { 31 hostname = "192.168.1.6"; 32 user = "${username}"; 33 port = sshport; 34 identityFile = "${privatekey}"; 35 }; 36 "ilias" = { 37 hostname = "192.168.1.3"; 38 user = "${username}"; 39 port = sshport; 40 identityFile = "${privatekey}"; 41 }; 42 "router" = { 43 hostname = "192.168.1.1"; 44 user = "root"; 45 port = 22; 46 }; 47 "ap" = { 48 hostname = "192.168.1.2"; 49 user = "root"; 50 port = 22; 51 extraOptions = { 52 HostKeyAlgorithms = "+ssh-rsa"; 53 }; 54 }; 55 "artemis" = { 56 hostname = "${domain}"; 57 user = "${username}"; 58 port = sshport; 59 identityFile = "${privatekey}"; 60 }; 61 }; 62 }; 63 64 }