ssh: add support for ServerAliveCountMax

PR #1299

modules/misc/news.nix

@@ -1527,6 +1527,21 @@ in
           A new module is available: 'programs.zoxide'
         '';
       }
+
+      {
+        time = "2020-06-03T17:46:11+00:00";
+        condition = config.programs.ssh.enable;
+        message = ''
+          The ssh module now supports the 'ServerAliveCountMax' option
+          both globally through
+
+              programs.ssh.serverAliveCountMax
+
+          and per match blocks
+
+              programs.ssh.matchBlocks.<name>.serverAliveCountMax
+        '';
+      }
     ];
   };
 }

modules/programs/ssh.nix

@@ -143,6 +143,15 @@ let
           "Set timeout in seconds after which response will be requested.";
       };
 
+      serverAliveCountMax = mkOption {
+        type = types.ints.positive;
+        default = 3;
+        description = ''
+          Sets the number of server alive messages which may be sent
+          without SSH receiving any messages back from the server.
+        '';
+      };
+
       sendEnv = mkOption {
         type = types.listOf types.str;
         default = [];
@@ -281,7 +290,9 @@ let
     ++ optional (cf.addressFamily != null)   "  AddressFamily ${cf.addressFamily}"
     ++ optional (cf.sendEnv != [])           "  SendEnv ${unwords cf.sendEnv}"
     ++ optional (cf.serverAliveInterval != 0)
-         "  ServerAliveInterval ${toString cf.serverAliveInterval}"
+      "  ServerAliveInterval ${toString cf.serverAliveInterval}"
+    ++ optional (cf.serverAliveCountMax != 3)
+      "  ServerAliveCountMax ${toString cf.serverAliveCountMax}"
     ++ optional (cf.compression != null)     "  Compression ${yn cf.compression}"
     ++ optional (!cf.checkHostIP)            "  CheckHostIP no"
     ++ optional (cf.proxyCommand != null)    "  ProxyCommand ${cf.proxyCommand}"
@@ -325,6 +336,15 @@ in
       '';
     };
 
+    serverAliveCountMax = mkOption {
+      type = types.ints.positive;
+      default = 3;
+      description = ''
+        Sets the default number of server alive messages which may be
+        sent without SSH receiving any messages back from the server.
+      '';
+    };
+
     hashKnownHosts = mkOption {
       default = false;
       type = types.bool;
@@ -459,6 +479,7 @@ in
         ForwardAgent ${yn cfg.forwardAgent}
         Compression ${yn cfg.compression}
         ServerAliveInterval ${toString cfg.serverAliveInterval}
+        ServerAliveCountMax ${toString cfg.serverAliveCountMax}
         HashKnownHosts ${yn cfg.hashKnownHosts}
         UserKnownHostsFile ${cfg.userKnownHostsFile}
         ControlMaster ${cfg.controlMaster}

tests/modules/programs/ssh/default-config-expected.conf

@@ -6,6 +6,7 @@ Host *
   ForwardAgent no
   Compression no
   ServerAliveInterval 0
+  ServerAliveCountMax 3
   HashKnownHosts no
   UserKnownHostsFile ~/.ssh/known_hosts
   ControlMaster no

tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf

@@ -10,6 +10,7 @@ Host *
   ForwardAgent no
   Compression no
   ServerAliveInterval 0
+  ServerAliveCountMax 3
   HashKnownHosts no
   UserKnownHostsFile ~/.ssh/known_hosts
   ControlMaster no

tests/modules/programs/ssh/match-blocks-attrs-expected.conf

@@ -10,6 +10,7 @@ Host abc
 
 Host xyz
   ServerAliveInterval 60
+  ServerAliveCountMax 10
   IdentityFile file
   LocalForward [localhost]:8080 [10.0.0.1]:80
   RemoteForward [localhost]:8081 [10.0.0.2]:80
@@ -23,6 +24,7 @@ Host *
   ForwardAgent no
   Compression no
   ServerAliveInterval 0
+  ServerAliveCountMax 3
   HashKnownHosts no
   UserKnownHostsFile ~/.ssh/known_hosts
   ControlMaster no

tests/modules/programs/ssh/match-blocks-attrs.nix

@@ -17,6 +17,7 @@ with lib;
         xyz = {
           identityFile = "file";
           serverAliveInterval = 60;
+          serverAliveCountMax = 10;
           localForwards = [{
             bind.port = 8080;
             host.address = "10.0.0.1";