ssh config

2025-09-27 15:56:36 -06:00 · 2025-09-27 15:56:36 -06:00 · 8cd5e390cf
commit 8cd5e390cf
parent a9b9063ee1
3 changed files with 74 additions and 54 deletions
--- a/config/home-manager.nix
+++ b/config/home-manager.nix
@ -6,45 +6,57 @@
 }:
 {
  home.stateVersion = "23.05";
-  programs.bash =
-    let
-      inherit (pkgs) fd fzf;
-      inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts;
-    in
-    {
+  programs = {
+    direnv = {
      enable = true;
-      historyFile = "\${XDG_STATE_HOME}/bash/history";
-      historyControl = [
-        "erasedups"
-        "ignorespace"
-        "ignoredups"
-      ];
-      shellAliases = {
-        cp = "cp -i";
-        mv = "mv -i";
-        mkdir = "mkdir -p";
-        mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }";
-        copy = "xclip -selection clipboard";
-        cdp = "pwd | copy";
-        cfp = "(){ readlink -f \"$1\" | copy }";
-        ".." = "cd ..";
-        "..." = "cd ../..";
-        ".3" = "cd ../../..";
-        ".4" = "cd ../../../..";
-        ".5" = "cd ../../../../..";
-        c = "cat";
-        sc = "systemctl --user";
-        jc = "journalctl --user -xefu";
-        open-gallery = ''
-          cd /srv/pool/scrapping/JawZ/gallery-dl &&
-          xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"'';
-      };
-      enableVteIntegration = true;
-      initExtra = ''
-        ${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title
-        export command_timeout=60
-      '';
+      enableBashIntegration = true;
+      nix-direnv.enable = true;
    };
+    git = {
+      enable = true;
+      userName = "Danilo Reyes";
+      userEmail = "CaptainJawZ@protonmail.com";
+    };
+    bash =
+      let
+        inherit (pkgs) fd fzf;
+        inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts;
+      in
+      {
+        enable = true;
+        historyFile = "\${XDG_STATE_HOME}/bash/history";
+        historyControl = [
+          "erasedups"
+          "ignorespace"
+          "ignoredups"
+        ];
+        shellAliases = {
+          cp = "cp -i";
+          mv = "mv -i";
+          mkdir = "mkdir -p";
+          mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }";
+          copy = "xclip -selection clipboard";
+          cdp = "pwd | copy";
+          cfp = "(){ readlink -f \"$1\" | copy }";
+          ".." = "cd ..";
+          "..." = "cd ../..";
+          ".3" = "cd ../../..";
+          ".4" = "cd ../../../..";
+          ".5" = "cd ../../../../..";
+          c = "cat";
+          sc = "systemctl --user";
+          jc = "journalctl --user -xefu";
+          open-gallery = ''
+            cd /srv/pool/scrapping/JawZ/gallery-dl &&
+            xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"'';
+        };
+        enableVteIntegration = true;
+        initExtra = ''
+          ${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title
+          export command_timeout=60
+        '';
+      };
+  };
  xdg = {
    enable = true;
    userDirs = {
@ -60,16 +72,4 @@
    };
    configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts";
  };
-  programs = {
-    direnv = {
-      enable = true;
-      enableBashIntegration = true;
-      nix-direnv.enable = true;
-    };
-    git = {
-      enable = true;
-      userName = "Danilo Reyes";
-      userEmail = "CaptainJawZ@protonmail.com";
-    };
-  };
 }
--- a/config/jawz.nix
+++ b/config/jawz.nix
@ -1,6 +1,10 @@
 { config, lib, ... }:
 let
  inherit (config.networking) hostName;
+  nixosHosts =
+    lib.attrNames config.my.ips
+    |> lib.filter (name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName);
+  nixosHostsMatch = lib.concatStringsSep " " nixosHosts;
 in
 {
  sops.secrets =
@ -15,16 +19,32 @@ in
    in
    {
      jawz-password.neededForUsers = true;
-      "private_keys/age" = keyConfig "${baseDir}_age";
-      "public_keys/age" = keyConfig "${baseDir}_age.pub";
      "private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}";
      "git_private_keys/${hostName}" = keyConfig "${baseDir}_git";
      "syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem";
      "syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem";
      "syncthing_password".sopsFile = ../secrets/keys.yaml;
    };
-
-  home-manager.users.jawz.home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
+  home-manager.users.jawz = {
+    home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
+    programs.ssh = {
+      enable = true;
+      matchBlocks = {
+        vps = {
+          hostname = config.my.ips.vps;
+          user = "fedora";
+          port = 3456;
+          identityFile = config.sops.secrets."private_keys/${hostName}".path;
+        };
+        "${nixosHostsMatch}" = {
+          user = "jawz";
+          identityFile = config.sops.secrets."private_keys/${hostName}".path;
+        };
+        "${config.my.servers.gitea.host} github.com gitlab.com bitbucket.org".identityFile =
+          config.sops.secrets."git_private_keys/${hostName}".path;
+      };
+    };
+  };
  services.syncthing = {
    enable = true;
    user = "jawz";
--- a/flake.nix
+++ b/flake.nix
@ -99,7 +99,7 @@
        workstation = createConfig "workstation" inputs.nixpkgs;
        miniserver = createConfig "miniserver" inputs.nixpkgs-small;
        server = createConfig "server" inputs.nixpkgs-small;
-        galaxy = createConfig "galaxy" inputs.nixpkgs-small;
+        
      };
      packages.${system} = (jawz-scripts.packages.${system} or { });
      devShells.${system} = builtins.listToAttrs (