eeva/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager synced 2024-11-27 05:29:46 +01:00
Code Issues Releases Wiki Activity

ssh: Allow forwardAgent to be set to null

Browse source 
Allow the option to not explicitly set `ForwardAgent` in the `Host *`
block for instances where `CanonicalizeHostname` is enabled and the file
is parsed twice.
This commit is contained in:
Chris Moultrie 2024-11-05 19:41:35 -05:00
parent 8f6ca7855d
commit 775f23f1d8
No known key found for this signature in database
4 changed files with 45 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
modules/programs/ssh.nix
View file

@ -351,7 +351,7 @@ in {
forwardAgent = mkOption { forwardAgent = mkOption {
default = false; default = false;
type = types.bool; type = types.nullOr types.bool;
description = '' description = ''
Whether the connection to the authentication agent (if any) Whether the connection to the authentication agent (if any)
will be forwarded to the remote machine. will be forwarded to the remote machine.
@ -533,7 +533,10 @@ in {
'') ++ (map (block: matchBlockStr block.name block.data) matchBlocks))} '') ++ (map (block: matchBlockStr block.name block.data) matchBlocks))}
Host * Host *
ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent} ${
optionalString (cfg.forwardAgent != null)
"ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent}"
}
AddKeysToAgent ${cfg.addKeysToAgent} AddKeysToAgent ${cfg.addKeysToAgent}
Compression ${lib.hm.booleans.yesNo cfg.compression} Compression ${lib.hm.booleans.yesNo cfg.compression}
ServerAliveInterval ${toString cfg.serverAliveInterval} ServerAliveInterval ${toString cfg.serverAliveInterval}
@ -554,3 +557,4 @@ in {
cfg.matchBlocks); cfg.matchBlocks);
}; };
} }

1
tests/modules/programs/ssh/default.nix
View file

@ -3,6 +3,7 @@
ssh-includes = ./includes.nix; ssh-includes = ./includes.nix;
ssh-match-blocks = ./match-blocks-attrs.nix; ssh-match-blocks = ./match-blocks-attrs.nix;
ssh-match-blocks-match-and-hosts = ./match-blocks-match-and-hosts.nix; ssh-match-blocks-match-and-hosts = ./match-blocks-match-and-hosts.nix;
ssh-forwardAgent-null-config = ./forwardAgent-null-config.nix;
ssh-forwards-dynamic-valid-bind-no-asserts = ssh-forwards-dynamic-valid-bind-no-asserts =
./forwards-dynamic-valid-bind-no-asserts.nix; ./forwards-dynamic-valid-bind-no-asserts.nix;

23
tests/modules/programs/ssh/forwardAgent-null-config.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, pkgs, ... }:
with lib;
{
config = {
programs.ssh = {
enable = true;
forwardAgent = null;
};
home.file.assertions.text = builtins.toJSON
(map (a: a.message) (filter (a: !a.assertion) config.assertions));
nmt.script = ''
assertFileExists home-files/.ssh/config
assertFileContent home-files/.ssh/config ${
./forwardAgent-null-expected.conf
}
assertFileContent home-files/assertions ${./no-assertions.json}
'';
};
}

15
tests/modules/programs/ssh/forwardAgent-null-expected.conf Normal file
View file

@ -0,0 +1,15 @@
Host *
AddKeysToAgent no
Compression no
ServerAliveInterval 0
ServerAliveCountMax 3
HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no
ControlPath ~/.ssh/master-%r@%n:%p
ControlPersist no