From aa2d52c3f2e2fb1b26e48cf09a3f7ac23a5398b7 Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Thu, 1 May 2025 13:01:30 +0200
Subject: modules/legacy/ssh: Migrate to by-name

---
 modules/by-name/ss/ssh/module.nix        | 55 ++++++++++++++++++++++++++++++++
 modules/home.legacy/conf/default.nix     |  1 -
 modules/home.legacy/conf/ssh/default.nix | 25 ---------------
 3 files changed, 55 insertions(+), 26 deletions(-)
 create mode 100644 modules/by-name/ss/ssh/module.nix
 delete mode 100644 modules/home.legacy/conf/ssh/default.nix

(limited to 'modules')

diff --git a/modules/by-name/ss/ssh/module.nix b/modules/by-name/ss/ssh/module.nix
new file mode 100644
index 00000000..91cc4aeb
--- /dev/null
+++ b/modules/by-name/ss/ssh/module.nix
@@ -0,0 +1,55 @@
+# nixos-config - My current NixOS configuration
+#
+# Copyright (C) 2025 Benedikt Peetz <benedikt.peetz@b-peetz.de>
+# SPDX-License-Identifier: GPL-3.0-or-later
+#
+# This file is part of my nixos-config.
+#
+# You should have received a copy of the License along with this program.
+# If not, see <https://www.gnu.org/licenses/gpl-3.0.txt>.
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  cfg = config.soispha.programs.ssh;
+in {
+  options.soispha.programs.ssh = {
+    enable = lib.mkEnableOption "ssh config";
+    rootKnownHosts = lib.mkOption {
+      type = lib.types.attrsOf lib.types.str;
+      description = ''
+        An attrset of keys (the domain) and values (the host key.)
+        These are only applied to the root user.
+      '';
+      default = {};
+      apply = value:
+        builtins.concatStringsSep "\n"
+        (lib.attrsets.mapAttrsToList (hostName: hostKey: "${hostName} ${hostKey}") value);
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    home-manager.users = {
+      root.programs.ssh = {
+        enable = true;
+        compression = true;
+        hashKnownHosts = false;
+        serverAliveInterval = 240;
+        userKnownHostsFile = builtins.toString (pkgs.writeTextFile {
+          name = "root-known-hosts";
+          text = cfg.rootKnownHosts;
+        });
+      };
+
+      soispha.programs.ssh = {
+        enable = true;
+        compression = true;
+        hashKnownHosts = false;
+        serverAliveInterval = 240;
+        userKnownHostsFile = "${config.home-manager.users.soispha.xdg.dataHome}/ssh/known_hosts";
+      };
+    };
+  };
+}
diff --git a/modules/home.legacy/conf/default.nix b/modules/home.legacy/conf/default.nix
index 7ea7cade..de02f844 100644
--- a/modules/home.legacy/conf/default.nix
+++ b/modules/home.legacy/conf/default.nix
@@ -31,7 +31,6 @@
     ./python
     ./rclone
     ./rofi
-    ./ssh
     ./starship
     ./swayidle
     ./tridactyl
diff --git a/modules/home.legacy/conf/ssh/default.nix b/modules/home.legacy/conf/ssh/default.nix
deleted file mode 100644
index 0d40ac30..00000000
--- a/modules/home.legacy/conf/ssh/default.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-# nixos-config - My current NixOS configuration
-#
-# Copyright (C) 2025 Benedikt Peetz <benedikt.peetz@b-peetz.de>
-# SPDX-License-Identifier: GPL-3.0-or-later
-#
-# This file is part of my nixos-config.
-#
-# You should have received a copy of the License along with this program.
-# If not, see <https://www.gnu.org/licenses/gpl-3.0.txt>.
-{config, ...}: {
-  programs.ssh = {
-    enable = true;
-    compression = true;
-    hashKnownHosts = false;
-    serverAliveInterval = 240;
-    userKnownHostsFile = "${config.xdg.dataHome}/ssh/known_hosts";
-
-    matchBlocks = {
-      "codeberg.org" = {
-        # TODO: Remove this once they fix their ipv6 config
-        addressFamily = "inet";
-      };
-    };
-  };
-}
-- 
cgit 1.4.1