nix-config/home/gburd/features/cli/ssh.nix

{ outputs, lib, ... }:
let
  hostnames = builtins.attrNames outputs.nixosConfigurations;
in
{
  programs.ssh = {
    enable = true;
    matchBlocks = {
      net = {
        host = builtins.concatStringsSep " " hostnames;
        forwardAgent = true;
        remoteForwards = [{
          bind.address = ''/%d/.gnupg-sockets/S.gpg-agent'';
          host.address = ''/%d/.gnupg-sockets/S.gpg-agent.extra'';
        }];
      };
      trusted = lib.hm.dag.entryBefore [ "net" ] {
        host = "m7.rs *.m7.rs *.ts.m7.rs";
        forwardAgent = true;
      };
    };
  };

  home.persistence = {
    "/persist/home/misterio".directories = [ ".ssh" ];
  };
}
A fork of Misterio77 and his standard template. Many thangs to the hard work and generous availability of: git@github.com:Misterio77/nix-config.git 2023-09-15 14:53:38 +00:00			`{ outputs, lib, ... }:`
			`let`
			`hostnames = builtins.attrNames outputs.nixosConfigurations;`
			`in`
			`{`
			`programs.ssh = {`
			`enable = true;`
			`matchBlocks = {`
			`net = {`
			`host = builtins.concatStringsSep " " hostnames;`
			`forwardAgent = true;`
			`remoteForwards = [{`
			`bind.address = ''/%d/.gnupg-sockets/S.gpg-agent'';`
			`host.address = ''/%d/.gnupg-sockets/S.gpg-agent.extra'';`
			`}];`
			`};`
			`trusted = lib.hm.dag.entryBefore [ "net" ] {`
			`host = "m7.rs .m7.rs .ts.m7.rs";`
			`forwardAgent = true;`
			`};`
			`};`
			`};`

			`home.persistence = {`
			`"/persist/home/misterio".directories = [ ".ssh" ];`
			`};`
			`}`