From ae5be4a644bfc2fd5fb9e6c225ba1b6b694ebd64 Mon Sep 17 00:00:00 2001 From: Marko Korhonen Date: Sat, 5 Oct 2024 17:05:57 +0300 Subject: [PATCH] Add more SSH hosts, fix gpg agent forwarding for moria --- gpg.nix | 1 + users/functionalhacker/programs/ssh.nix | 59 +++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/gpg.nix b/gpg.nix index b7046d0f..266ad8e9 100644 --- a/gpg.nix +++ b/gpg.nix @@ -6,6 +6,7 @@ gnupg.agent = { enable = true; enableSSHSupport = true; + enableExtraSocket = true; }; }; diff --git a/users/functionalhacker/programs/ssh.nix b/users/functionalhacker/programs/ssh.nix index d30402a9..cf8084ed 100644 --- a/users/functionalhacker/programs/ssh.nix +++ b/users/functionalhacker/programs/ssh.nix @@ -3,18 +3,77 @@ { programs.ssh = { enable = true; + matchBlocks = { + + # Server moria = { hostname = "korhonen.cc"; user = "balrog"; port = 221; + + remoteForwards = [ + { + bind.address = "/run/user/1000/gnupg/S.gpg-agent.ssh"; + host.address = "/run/user/1000/gnupg/S.gpg-agent.ssh"; + } + { + bind.address = "/run/user/1000/gnupg/S.gpg-agent"; + host.address = "/run/user/1000/gnupg/S.gpg-agent.extra"; + } + ]; + + extraOptions = { + StreamLocalBindUnlink = "yes"; + }; }; + # Server LUKS unlock + moria-unlock = { + hostname = "korhonen.cc"; + user = "root"; + port = 221; + }; + + # Main OpenWRT router + beleriand = { + hostname = "beleriand.korhonen.lan"; + user = "root"; + }; + + # CoreELEC box + rivendell = { + hostname = "rivendell.korhonen.lan"; + user = "root"; + }; + + # OpenWRT AP/travel router + esgaroth = { + hostname = "esgaroth.korhonen.lan"; + user = "root"; + }; + + # Self hosted forgejo forgejo = { hostname = "git.korhonen.cc"; user = "git"; port = 2882; }; + + github = { + hostname = "github.com"; + user = "git"; + }; + + gitlab = { + hostname = "gitlab.com"; + user = "git"; + }; + + aur = { + hostname = "aur.archlinux.org"; + user = "aur"; + }; }; }; }