From 7aecda084f6f3a5b01da1b20dcfd98f3708ca107 Mon Sep 17 00:00:00 2001
From: Trolli Schmittlauch <t.schmittlauch@orlives.de>
Date: Tue, 17 Dec 2024 18:13:59 +0100
Subject: [PATCH] workmac ssh config: recommended multiplexer settings

---
 home/workmac.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/home/workmac.nix b/home/workmac.nix
index 724f64f..0aff0cb 100644
--- a/home/workmac.nix
+++ b/home/workmac.nix
@@ -32,11 +32,21 @@ in
 
   programs.ssh = {
     enable = true;
+    # defaults in bottom match block "*"
+    # TODO: common config for desktop as well
+    # multiplexer, e.g. to avoid rate limiting on jumphost usage
+    serverAliveInterval = 60;
+    controlMaster = "auto";
+    controlPersist = "4h";
     # ssh host config
     matchBlocks = {
 
+      # early catchall to enforce agent socket usage. **NOT** the place for fallback defaults.
       "*" = {
-        extraOptions.IdentityAgent = "\"~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock\"";
+        extraOptions = {
+          IdentityAgent = "\"~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock\"";
+          #ControlPath = "/tmp/ssh_mux_%h_%p_%r";
+        };
       };
 
       "hydra01" = lib.hm.dag.entryAfter [ "*" ] {