1bdbebc3f8
* ssh: add generic Match support for matchBlocks Introduce conservative support for actual `Match` blocks in ssh config. "Conservative" means this PR doesn'tt try to process the `match` expression and simply uses it as a string provided by the user. If set, `match` has precedence over `host` meaning if both are set, `match` is used and `host` is ignored. * Add news entry
32 lines
691 B
Nix
32 lines
691 B
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
config = {
|
|
programs.ssh = {
|
|
enable = true;
|
|
matchBlocks = {
|
|
abc = { port = 2222; };
|
|
|
|
xyz = {
|
|
match = "host xyz canonical";
|
|
port = 2223;
|
|
};
|
|
|
|
"* !github.com" = { port = 516; };
|
|
};
|
|
};
|
|
|
|
home.file.assertions.text = builtins.toJSON
|
|
(map (a: a.message) (filter (a: !a.assertion) config.assertions));
|
|
|
|
nmt.script = ''
|
|
assertFileExists home-files/.ssh/config
|
|
assertFileContent \
|
|
home-files/.ssh/config \
|
|
${./match-blocks-match-and-hosts-expected.conf}
|
|
assertFileContent home-files/assertions ${./no-assertions.json}
|
|
'';
|
|
};
|
|
}
|