ssh: Allow forwardAgent to be set to null

Allow the option to not explicitly set `ForwardAgent` in the `Host *`
block for instances where `CanonicalizeHostname` is enabled and the file
is parsed twice.

modules/programs/ssh.nix

@@ -351,7 +351,7 @@ in {
 
     forwardAgent = mkOption {
       default = false;
-      type = types.bool;
+      type = types.nullOr types.bool;
       description = ''
         Whether the connection to the authentication agent (if any)
         will be forwarded to the remote machine.
@@ -533,7 +533,10 @@ in {
         '') ++ (map (block: matchBlockStr block.name block.data) matchBlocks))}
 
       Host *
-        ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent}
+        ${
+          optionalString (cfg.forwardAgent != null)
+          "ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent}"
+        }
         AddKeysToAgent ${cfg.addKeysToAgent}
         Compression ${lib.hm.booleans.yesNo cfg.compression}
         ServerAliveInterval ${toString cfg.serverAliveInterval}
@@ -554,3 +557,4 @@ in {
         cfg.matchBlocks);
   };
 }
+

tests/modules/programs/ssh/default.nix

@@ -3,6 +3,7 @@
   ssh-includes = ./includes.nix;
   ssh-match-blocks = ./match-blocks-attrs.nix;
   ssh-match-blocks-match-and-hosts = ./match-blocks-match-and-hosts.nix;
+  ssh-forwardAgent-null-config = ./forwardAgent-null-config.nix;
 
   ssh-forwards-dynamic-valid-bind-no-asserts =
     ./forwards-dynamic-valid-bind-no-asserts.nix;

tests/modules/programs/ssh/forwardAgent-null-config.nix

@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+  config = {
+    programs.ssh = {
+      enable = true;
+      forwardAgent = null;
+    };
+
+    home.file.assertions.text = builtins.toJSON
+      (map (a: a.message) (filter (a: !a.assertion) config.assertions));
+
+    nmt.script = ''
+      assertFileExists home-files/.ssh/config
+      assertFileContent home-files/.ssh/config ${
+        ./forwardAgent-null-expected.conf
+      }
+      assertFileContent home-files/assertions ${./no-assertions.json}
+    '';
+  };
+}

tests/modules/programs/ssh/forwardAgent-null-expected.conf

@@ -0,0 +1,15 @@
+
+
+Host *
+
+  AddKeysToAgent no
+  Compression no
+  ServerAliveInterval 0
+  ServerAliveCountMax 3
+  HashKnownHosts no
+  UserKnownHostsFile ~/.ssh/known_hosts
+  ControlMaster no
+  ControlPath ~/.ssh/master-%r@%n:%p
+  ControlPersist no
+
+