modules/ssh: Use new RFC41 settings option

1 files changed, 21 insertions, 17 deletions

diff --git a/modules/by-name/ss/ssh/module.nix b/modules/by-name/ss/ssh/module.nix
index f7218e36..87c50728 100644
--- a/modules/by-name/ss/ssh/module.nix
+++ b/modules/by-name/ss/ssh/module.nix
@@ -15,16 +15,16 @@
 }: let
   cfg = config.soispha.programs.ssh;
 
-  mkDefaultMatchBlock = userKnownHostsFile: {
-    addKeysToAgent = "no";
-    compression = true;
-    controlMaster = "no";
-    controlPersist = "no";
-    forwardAgent = false;
-    hashKnownHosts = false;
-    serverAliveCountMax = 3;
-    serverAliveInterval = 240;
-    inherit userKnownHostsFile;
+  mkDefaultMatchBlock = UserKnownHostsFile: {
+    AddKeysToAgent = "no";
+    Compression = true;
+    ControlMaster = "no";
+    ControlPersist = "no";
+    ForwardAgent = false;
+    HashKnownHosts = false;
+    ServerAliveCountMax = 3;
+    ServerAliveInterval = 240;
+    inherit UserKnownHostsFile;
   };
 in {
   options.soispha.programs.ssh = {
@@ -48,19 +48,23 @@ in {
         enable = true;
         enableDefaultConfig = false;
 
-        matchBlocks."*" = mkDefaultMatchBlock (
-          builtins.toString (pkgs.writeTextFile {
-            name = "root-known-hosts";
-            text = cfg.rootKnownHosts;
-          })
-        );
+        settings = {
+          "Host *" = mkDefaultMatchBlock (
+            builtins.toString (pkgs.writeTextFile {
+              name = "root-known-hosts";
+              text = cfg.rootKnownHosts;
+            })
+          );
+        };
       };
 
       soispha.programs.ssh = {
         enable = true;
         enableDefaultConfig = false;
 
-        matchBlocks."*" = mkDefaultMatchBlock "${config.home-manager.users.soispha.xdg.dataHome}/ssh/known_hosts";
+        settings = {
+          "Host *" = mkDefaultMatchBlock "${config.home-manager.users.soispha.xdg.dataHome}/ssh/known_hosts";
+        };
       };
     };
   };