ssh: move options to end of configuration file
This is needed to support overriding these options inside match blocks. A new option `programs.ssh.extraOptionOverrides` has been added to allow global overrides.
This commit is contained in:
parent
75c4075345
commit
4205c91609
2 changed files with 42 additions and 11 deletions
|
@ -587,6 +587,24 @@ in
|
|||
A new module is available: 'programs.fzf'.
|
||||
'';
|
||||
}
|
||||
|
||||
{
|
||||
time = "2018-03-25T06:49:57+00:00";
|
||||
condition = with config.programs.ssh; enable && matchBlocks != {};
|
||||
message = ''
|
||||
Options set through the 'programs.ssh' module are now placed
|
||||
at the end of the SSH configuration file. This was done to
|
||||
make it possible to override global options such as
|
||||
'ForwardAgent' or 'Compression' inside a host match block.
|
||||
|
||||
If you truly need to override an SSH option across all match
|
||||
blocks then the new option
|
||||
|
||||
programs.ssh.extraOptionOverrides
|
||||
|
||||
can be used.
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -220,9 +220,18 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
extraOptionOverrides = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
default = {};
|
||||
description = ''
|
||||
Extra SSH configuration options that take precedence over any
|
||||
host specific configuration.
|
||||
'';
|
||||
};
|
||||
|
||||
matchBlocks = mkOption {
|
||||
type = types.loaOf matchBlockModule;
|
||||
default = [];
|
||||
default = {};
|
||||
example = literalExample ''
|
||||
{
|
||||
"john.example.com" = {
|
||||
|
@ -248,20 +257,24 @@ in
|
|||
|
||||
config = mkIf cfg.enable {
|
||||
home.file.".ssh/config".text = ''
|
||||
ForwardAgent ${yn cfg.forwardAgent}
|
||||
Compression ${yn cfg.compression}
|
||||
ServerAliveInterval ${toString cfg.serverAliveInterval}
|
||||
HashKnownHosts ${yn cfg.hashKnownHosts}
|
||||
UserKnownHostsFile ${cfg.userKnownHostsFile}
|
||||
ControlMaster ${cfg.controlMaster}
|
||||
ControlPath ${cfg.controlPath}
|
||||
ControlPersist ${cfg.controlPersist}
|
||||
|
||||
${cfg.extraConfig}
|
||||
${concatStringsSep "\n" (
|
||||
mapAttrsToList (n: v: "${n} ${v}") cfg.extraOptionOverrides)}
|
||||
|
||||
${concatStringsSep "\n\n" (
|
||||
map matchBlockStr (
|
||||
builtins.attrValues cfg.matchBlocks))}
|
||||
|
||||
Host *
|
||||
ForwardAgent ${yn cfg.forwardAgent}
|
||||
Compression ${yn cfg.compression}
|
||||
ServerAliveInterval ${toString cfg.serverAliveInterval}
|
||||
HashKnownHosts ${yn cfg.hashKnownHosts}
|
||||
UserKnownHostsFile ${cfg.userKnownHostsFile}
|
||||
ControlMaster ${cfg.controlMaster}
|
||||
ControlPath ${cfg.controlPath}
|
||||
ControlPersist ${cfg.controlPersist}
|
||||
|
||||
${replaceStrings ["\n"] ["\n "] cfg.extraConfig}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue