# nixos-config - My current NixOS configuration
#
# Copyright (C) 2025 Benedikt Peetz <benedikt.peetz@b-peetz.de>
# SPDX-License-Identifier: GPL-3.0-or-later
#
# This file is part of my nixos-config.
#
# You should have received a copy of the License along with this program.
# If not, see <https://www.gnu.org/licenses/gpl-3.0.txt>.
{
  config,
  lib,
  pkgs,
  ...
}: let
  cfg = config.soispha.programs.ssh;
in {
  options.soispha.programs.ssh = {
    enable = lib.mkEnableOption "ssh config";
    rootKnownHosts = lib.mkOption {
      type = lib.types.attrsOf lib.types.str;
      description = ''
        An attrset of keys (the domain) and values (the host key.)
        These are only applied to the root user.
      '';
      default = {};
      apply = value:
        builtins.concatStringsSep "\n"
        (lib.attrsets.mapAttrsToList (hostName: hostKey: "${hostName} ${hostKey}") value);
    };
  };

  config = lib.mkIf cfg.enable {
    home-manager.users = {
      root.programs.ssh = {
        enable = true;
        compression = true;
        hashKnownHosts = false;
        serverAliveInterval = 240;
        userKnownHostsFile = builtins.toString (pkgs.writeTextFile {
          name = "root-known-hosts";
          text = cfg.rootKnownHosts;
        });
      };

      soispha.programs.ssh = {
        enable = true;
        compression = true;
        hashKnownHosts = false;
        serverAliveInterval = 240;
        userKnownHostsFile = "${config.home-manager.users.soispha.xdg.dataHome}/ssh/known_hosts";
      };
    };
  };
}