1 files changed, 43 insertions, 0 deletions

diff --git a/nix/users/profiles/ssh.nix b/nix/users/profiles/ssh.nix
new file mode 100644
index 0000000..322a8bc
--- /dev/null
+++ b/nix/users/profiles/ssh.nix
@@ -0,0 +1,43 @@
+{ pkgs, config, ... }:
+{
+  # https://github.com/nix-community/home-manager/blob/master/modules/programs/ssh.nix
+  programs.ssh = {
+    enable = true;
+    forwardAgent = true;
+    serverAliveInterval = 60;
+    controlMaster = "auto";
+    controlPersist = "30m";
+    controlPath = "${config.home.homeDirectory}/.ssh/sockets/S.%r@%h:%p";
+
+    matchBlocks = {
+      "git.fcuny.net" = {
+        proxyCommand = "${pkgs.cloudflared}/bin/cloudflared access ssh --hostname %h";
+      };
+      "github.com" = {
+        hostname = "github.com";
+        user = "git";
+        forwardAgent = false;
+        extraOptions = {
+          preferredAuthentications = "publickey";
+          controlMaster = "no";
+          controlPath = "none";
+        };
+      };
+      "github.rbx.com" = {
+        hostname = "github.rbx.com";
+        user = "git";
+        forwardAgent = false;
+        extraOptions = {
+          preferredAuthentications = "publickey";
+          controlMaster = "no";
+          controlPath = "none";
+        };
+      };
+    };
+  };
+
+  home.file = {
+    # we need this path to be created so that the control path can be used.
+    ".ssh/sockets/.keep".text = "# Managed by Home Manager";
+  };
+}