49 lines
970 B
Nix
49 lines
970 B
Nix
{
|
|
pkgs,
|
|
lib,
|
|
config,
|
|
...
|
|
}: let
|
|
program = "ssh";
|
|
cfg = config.dots.${program};
|
|
home_dir = config.home.homeDirectory;
|
|
in {
|
|
options.dots.${program} = {
|
|
enable = lib.mkEnableOption "enables ${program}";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
programs.ssh = {
|
|
enable = true;
|
|
#enableDefaultConfig = false;
|
|
matchBlocks = {
|
|
"git.blakedheld.xyz" = {
|
|
user = "gitea";
|
|
identityFile = "${home_dir}/.ssh/id_blake";
|
|
port = 7567;
|
|
};
|
|
"git.snowbelle.lan" = {
|
|
user = "gitea";
|
|
port = 7567;
|
|
};
|
|
"bebe" = {
|
|
hostname = "10.10.0.1";
|
|
user = "root";
|
|
};
|
|
};
|
|
};
|
|
|
|
# manage secrets with sops
|
|
sops.secrets = {
|
|
"id_blake" = {
|
|
mode = "0600";
|
|
path = "${home_dir}/.ssh/id_blake";
|
|
};
|
|
"id_blake.pub" = {
|
|
mode = "644";
|
|
path = "${home_dir}/.ssh/id_blake.pub";
|
|
};
|
|
};
|
|
};
|
|
}
|