ssh: add includes option (#2453)

This commit is contained in:
Tobias Happ 2021-11-16 19:51:10 +01:00 committed by GitHub
parent 42915b78af
commit 5559ef0023
Failed to generate hash of commit
6 changed files with 38 additions and 13 deletions

View file

@ -414,6 +414,22 @@ in
'';
};
includes = mkOption {
type = types.listOf types.str;
default = [];
description = ''
File globs of ssh config files that should be included via the
<literal>Include</literal> directive.
</para><para>
See
<citerefentry>
<refentrytitle>ssh_config</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>
for more information.
'';
};
matchBlocks = mkOption {
type = hm.types.listOrDagOf matchBlockModule;
default = {};
@ -474,9 +490,12 @@ in
else abort "Dependency cycle in SSH match blocks: ${sortedMatchBlocksStr}";
in ''
${concatStringsSep "\n" (
mapAttrsToList (n: v: "${n} ${v}") cfg.extraOptionOverrides)}
${concatStringsSep "\n\n" (map (block: matchBlockStr block.data) matchBlocks)}
(mapAttrsToList (n: v: "${n} ${v}") cfg.extraOptionOverrides)
++ (optional (cfg.includes != [ ]) ''
Include ${concatStringsSep " " cfg.includes}
'')
++ (map (block: matchBlockStr block.data) matchBlocks)
)}
Host *
ForwardAgent ${yn cfg.forwardAgent}

View file

@ -1,7 +1,5 @@
Host *
ForwardAgent no
Compression no

View file

@ -1,5 +1,6 @@
{
ssh-defaults = ./default-config.nix;
ssh-includes = ./includes.nix;
ssh-match-blocks = ./match-blocks-attrs.nix;
ssh-forwards-dynamic-valid-bind-no-asserts =

View file

@ -1,8 +1,5 @@
Host dynamicBindAddressWithPort
DynamicForward [127.0.0.1]:3000
Host dynamicBindPathNoPort
DynamicForward /run/user/1000/gnupg/S.gpg-agent.extra

View file

@ -0,0 +1,15 @@
{ config, lib, pkgs, ... }:
{
config = {
programs.ssh = {
enable = true;
includes = [ "config.d/*" "other/dir" ];
};
nmt.script = ''
assertFileExists home-files/.ssh/config
assertFileContains home-files/.ssh/config "Include config.d/* other/dir"
'';
};
}

View file

@ -1,13 +1,9 @@
Host * !github.com
Port 516
IdentityFile file1
IdentityFile file2
Host abc
ProxyJump jump-host
Host xyz
ServerAliveInterval 60
ServerAliveCountMax 10
@ -16,7 +12,6 @@ Host xyz
RemoteForward [localhost]:8081 [10.0.0.2]:80
RemoteForward /run/user/1000/gnupg/S.gpg-agent.extra /run/user/1000/gnupg/S.gpg-agent
DynamicForward [localhost]:2839
Host ordered
Port 1