nix-config/home-manager/_mixins/cli/ssh.nix

27 lines
661 B
Nix

{ outputs, lib, ... }:
let
hostnames = builtins.attrNames outputs.nixosConfigurations;
in
{
programs.ssh = {
enable = true;
matchBlocks = {
net = {
host = builtins.concatStringsSep " " hostnames;
forwardAgent = true;
remoteForwards = [{
bind.address = ''/%d/.gnupg-sockets/S.gpg-agent'';
host.address = ''/%d/.gnupg-sockets/S.gpg-agent.extra'';
}];
};
trusted = lib.hm.dag.entryBefore [ "net" ] {
host = "burd.me *.burd.me *.ts.burd.me";
forwardAgent = true;
};
};
};
home.persistence = {
"/persist/home/gburd".directories = [ ".ssh" ];
};
}