simplify configuration for darwin

author: Franck Cuny <franck@fcuny.net> 2025-11-02 13:06:05 -0800
committer: Franck Cuny <franck@fcuny.net> 2025-11-02 13:06:05 -0800
commit: cb961051f8307a0bfd6e75acb52a7b7ac003e4d0 (patch)
tree: c2e3e29716bf10bb5d95d2c11d8692672c379c5f /home/profiles/ssh.nix
parent: move remote-unlock as a profile (diff)
download: infra-cb961051f8307a0bfd6e75acb52a7b7ac003e4d0.tar.gz
1 files changed, 29 insertions, 0 deletions
diff --git a/home/profiles/ssh.nix b/home/profiles/ssh.nix
new file mode 100644
index 0000000..250aff5
--- /dev/null
+++ b/home/profiles/ssh.nix
@@ -0,0 +1,29 @@
+{ config, ... }:
+{
+  programs.ssh = {
+    enable = true;
+    forwardAgent = true;
+    serverAliveInterval = 60;
+    controlMaster = "auto";
+    controlPersist = "30m";
+    controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p";
+
+    matchBlocks = {
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        forwardAgent = false;
+        extraOptions = {
+          preferredAuthentications = "publickey";
+          controlMaster = "no";
+          controlPath = "none";
+        };
+      };
+    };
+  };
+
+  home.file = {
+    # we need this path to be created so that the control path can be used.
+    ".ssh/sockets/.keep".text = "# Managed by Home Manager";
+  };
+}
author	Franck Cuny <franck@fcuny.net>	2025-11-02 13:06:05 -0800
committer	Franck Cuny <franck@fcuny.net>	2025-11-02 13:06:05 -0800
commit	cb961051f8307a0bfd6e75acb52a7b7ac003e4d0 (patch)
tree	c2e3e29716bf10bb5d95d2c11d8692672c379c5f /home/profiles/ssh.nix
parent	move remote-unlock as a profile (diff)
download	infra-cb961051f8307a0bfd6e75acb52a7b7ac003e4d0.tar.gz