feat(ssh/openssh): overhauling ssh and openssh modules

2025-09-10 18:50:49 +02:00
parent 00acad3833
commit 65de9592a0
10 changed files with 176 additions and 105 deletions
--- a/modules/home/programs/ssh/default.nix
+++ b/modules/home/programs/ssh/default.nix
@@ -1,9 +1,16 @@
 {
+  outputs,
  config,
  lib,
  ...
 }:
 let
+  nixosConfigs = builtins.attrNames outputs.nixosConfigurations;
+  homeConfigs = map (n: lib.last (lib.splitString "@" n)) (
+    builtins.attrNames outputs.homeConfigurations
+  );
+  hostnames = lib.unique (homeConfigs ++ nixosConfigs);
+
  inherit (lib) mkIf mkEnableOption;
  cfg = config.home.programs.ssh;
 in
@@ -13,8 +20,23 @@ in
  };
  config = mkIf cfg.enable {
    programs.ssh = {
-      enable = true;
-      userKnownHostsFile = "~/.ssh/known_hosts";
+      matchBlocks = {
+        net = {
+          host = lib.concatStringsSep " " (
+            lib.flatten (
+              map (host: [
+                host
+                "${host}.local"
+              ]) hostnames
+            )
+          );
+          extraOptions.StreamLocalBindUnlink = "yes";
+          forwardAgent = true;
+          forwardX11 = true;
+          forwardX11Trusted = true;
+          setEnv.WAYLAND_DISPLAY = "wayland-waypipe";
+        };
+      };
    };
  };
 }