schmittlauch/nixconfigs
2
0
Fork 0
Code Issues 2 Pull requests Releases Wiki Activity

home/ssh: adjust to deprecation warnings

Browse source
This commit is contained in:
Trolli Schmittlauch 2025-12-29 01:00:03 +01:00
parent 27bfacbfec
commit 411c7642ea
2 changed files with 38 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

20
home/desktop.nix
View file

@ -76,9 +76,27 @@
programs.ssh = { programs.ssh = {
enable = true; enable = true;
enableDefaultConfig = false; # deprecated
package = pkgs.openssh; package = pkgs.openssh;
# TODO: common config for desktop as well
# ssh host config # ssh host config
matchBlocks = (import "${inputs.mysecrets}/ssh_hosts.nix").privateHosts; matchBlocks = {
# default, gets placed last by home-manager
"*" = {
serverAliveInterval = 10;
serverAliveCountMax = 2; # 2 strikes and you're out
forwardAgent = false;
addKeysToAgent = "no";
compression = false;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
};
}
// (import "${inputs.mysecrets}/ssh_hosts.nix").privateHosts;
}; };
# media button control support from Bluetooth devices # media button control support from Bluetooth devices

29
home/workmac.nix
View file

@ -38,22 +38,31 @@ in
programs.ssh = { programs.ssh = {
enable = true; enable = true;
enableDefaultConfig = false; # deprecated
package = pkgs.openssh; package = pkgs.openssh;
# defaults in bottom match block "*"
# TODO: common config for desktop as well # TODO: common config for desktop as well
serverAliveInterval = 10; # early catchall to enforce agent socket usage. **NOT** the place for fallback defaults.
serverAliveCountMax = 2; # 2 strikes and you're out extraOptionOverrides = {
IdentityAgent = "\"~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock\"";
};
# ssh host config # ssh host config
matchBlocks = { matchBlocks = {
# default, gets placed last by home-manager
# early catchall to enforce agent socket usage. **NOT** the place for fallback defaults.
"*" = { "*" = {
extraOptions = { serverAliveInterval = 10;
IdentityAgent = "\"~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock\""; serverAliveCountMax = 2; # 2 strikes and you're out
}; forwardAgent = false;
addKeysToAgent = "no";
compression = false;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
}; };
"hydra01" = lib.hm.dag.entryAfter [ "*" ] { "hydra01" = {
hostname = "hydra01.access.whq.gocept.net"; hostname = "hydra01.access.whq.gocept.net";
user = "os"; user = "os";
}; };
@ -68,7 +77,7 @@ in
}; };
}; };
"fcio-rzob-jump" = lib.hm.dag.entryAfter [ "*" ] { "fcio-rzob-jump" = {
# multiplexer, e.g. to avoid rate limiting on jumphost usage # multiplexer, e.g. to avoid rate limiting on jumphost usage
hostname = "vpn-rzob.services.fcio.net"; hostname = "vpn-rzob.services.fcio.net";
extraOptions = { extraOptions = {