ssh: add localForwards option for matchBlocks
This commit is contained in:
parent
ed4f66185f
commit
0e871b490e
3 changed files with 70 additions and 0 deletions
|
@ -10,6 +10,39 @@ let
|
||||||
|
|
||||||
unwords = builtins.concatStringsSep " ";
|
unwords = builtins.concatStringsSep " ";
|
||||||
|
|
||||||
|
localForwardModule = types.submodule ({ ... }: {
|
||||||
|
options = {
|
||||||
|
bind = {
|
||||||
|
address = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "localhost";
|
||||||
|
example = "example.org";
|
||||||
|
description = "The address where to bind the port.";
|
||||||
|
};
|
||||||
|
|
||||||
|
port = mkOption {
|
||||||
|
type = types.port;
|
||||||
|
example = 8080;
|
||||||
|
description = "Specifies port number to bind on bind address.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
host = {
|
||||||
|
address = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
example = "example.org";
|
||||||
|
description = "The address where to forward the traffic to.";
|
||||||
|
};
|
||||||
|
|
||||||
|
port = mkOption {
|
||||||
|
type = types.port;
|
||||||
|
example = 80;
|
||||||
|
description = "Specifies port number to forward the traffic to.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
|
||||||
matchBlockModule = types.submodule ({ name, ... }: {
|
matchBlockModule = types.submodule ({ name, ... }: {
|
||||||
options = {
|
options = {
|
||||||
host = mkOption {
|
host = mkOption {
|
||||||
|
@ -152,6 +185,27 @@ let
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
localForwards = mkOption {
|
||||||
|
type = types.listOf localForwardModule;
|
||||||
|
default = [];
|
||||||
|
example = literalExample ''
|
||||||
|
[
|
||||||
|
{
|
||||||
|
bind.port = 8080;
|
||||||
|
host.address = "10.0.0.13";
|
||||||
|
host.port = 80;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
'';
|
||||||
|
description = ''
|
||||||
|
Specify local port forwardings. See
|
||||||
|
<citerefentry>
|
||||||
|
<refentrytitle>ssh_config</refentrytitle>
|
||||||
|
<manvolnum>5</manvolnum>
|
||||||
|
</citerefentry> for LocalForward.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
extraOptions = mkOption {
|
extraOptions = mkOption {
|
||||||
type = types.attrsOf types.str;
|
type = types.attrsOf types.str;
|
||||||
default = {};
|
default = {};
|
||||||
|
@ -181,6 +235,14 @@ let
|
||||||
++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}"
|
++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}"
|
||||||
++ optional (cf.proxyJump != null) " ProxyJump ${cf.proxyJump}"
|
++ optional (cf.proxyJump != null) " ProxyJump ${cf.proxyJump}"
|
||||||
++ map (file: " IdentityFile ${file}") cf.identityFile
|
++ map (file: " IdentityFile ${file}") cf.identityFile
|
||||||
|
++ map (f:
|
||||||
|
let
|
||||||
|
addressPort = entry: " [${entry.address}]:${toString entry.port}";
|
||||||
|
in
|
||||||
|
" LocalForward"
|
||||||
|
+ addressPort f.bind
|
||||||
|
+ addressPort f.host
|
||||||
|
) cf.localForwards
|
||||||
++ mapAttrsToList (n: v: " ${n} ${v}") cf.extraOptions
|
++ mapAttrsToList (n: v: " ${n} ${v}") cf.extraOptions
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,7 @@ Host abc
|
||||||
Host xyz
|
Host xyz
|
||||||
ServerAliveInterval 60
|
ServerAliveInterval 60
|
||||||
IdentityFile file
|
IdentityFile file
|
||||||
|
LocalForward [localhost]:8080 [10.0.0.1]:80
|
||||||
|
|
||||||
Host *
|
Host *
|
||||||
ForwardAgent no
|
ForwardAgent no
|
||||||
|
|
|
@ -15,6 +15,13 @@ with lib;
|
||||||
xyz = {
|
xyz = {
|
||||||
identityFile = "file";
|
identityFile = "file";
|
||||||
serverAliveInterval = 60;
|
serverAliveInterval = 60;
|
||||||
|
localForwards = [
|
||||||
|
{
|
||||||
|
bind.port = 8080;
|
||||||
|
host.address = "10.0.0.1";
|
||||||
|
host.port = 80;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
"* !github.com" = {
|
"* !github.com" = {
|
||||||
|
|
Loading…
Reference in a new issue