mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 02:58:44 +08:00
174 lines
6.7 KiB
Nix
174 lines
6.7 KiB
Nix
inputs:
|
|
{
|
|
options.nixos.packages.ssh = let inherit (inputs.lib) mkOption types; in mkOption
|
|
{ type = types.nullOr (types.submodule {}); default = {}; };
|
|
config = let inherit (inputs.config.nixos.packages) ssh; in inputs.lib.mkIf (ssh != null)
|
|
{
|
|
services.openssh.knownHosts =
|
|
let servers =
|
|
{
|
|
vps4 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIF7Y0tjt1XLPjqJ8HEB26W9jVfJafRQ3pv5AbPaxEc/Z";
|
|
hostnames = [ "vps4.chn.moe" "104.234.37.61" ];
|
|
};
|
|
"initrd.vps4" =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIJkOPTFvX9f+Fn/KHOIvUgoRiJfq02T42lVGQhpMUGJq";
|
|
hostnames = [ "initrd.vps4.chn.moe" "104.234.37.61" ];
|
|
};
|
|
vps6 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIO5ZcvyRyOnUCuRtqrM/Qf+AdUe3a5bhbnfyhw2FSLDZ";
|
|
hostnames = [ "vps6.chn.moe" "wireguard.vps6.chn.moe" "74.211.99.69" "192.168.83.1" ];
|
|
};
|
|
"initrd.vps6" =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIB4DKB/zzUYco5ap6k9+UxeO04LL12eGvkmQstnYxgnS";
|
|
hostnames = [ "initrd.vps6.chn.moe" "74.211.99.69" ];
|
|
};
|
|
vps7 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIF5XkdilejDAlg5hZZD0oq69k8fQpe9hIJylTo/aLRgY";
|
|
hostnames = [ "vps7.chn.moe" "wireguard.vps7.chn.moe" "ssh.git.chn.moe" "144.126.144.62" "192.168.83.2" ];
|
|
};
|
|
"initrd.vps7" =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIGZyQpdQmEZw3nLERFmk2tS1gpSvXwW0Eish9UfhrRxC";
|
|
hostnames = [ "initrd.vps7.chn.moe" "144.126.144.62" ];
|
|
};
|
|
nas =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIIktNbEcDMKlibXg54u7QOLt0755qB/P4vfjwca8xY6V";
|
|
hostnames = [ "wireguard.nas.chn.moe" "192.168.1.2" "192.168.83.4" ];
|
|
};
|
|
"initrd.nas" =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIAoMu0HEaFQsnlJL0L6isnkNZdRq0OiDXyaX3+fl3NjT";
|
|
hostnames = [ "initrd.nas.chn.moe" "192.168.1.2" ];
|
|
};
|
|
surface =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIFdm3DcfHdcLP0oSpVrWwIZ/b9lZuakBSPwCFz2BdTJ7";
|
|
hostnames = [ "192.168.1.4" "wireguard.surface.chn.moe" "192.168.83.5" ];
|
|
};
|
|
pc =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIMSfREi19OSwQnhdsE8wiNwGSFFJwNGN0M5gN+sdrrLJ";
|
|
hostnames = [ "wireguard.pc.chn.moe" "[office.chn.moe]:3673" "192.168.1.105" "192.168.83.3" ];
|
|
};
|
|
hpc =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIDVpsQW3kZt5alHC6mZhay3ZEe2fRGziG4YJWCv2nn/O";
|
|
hostnames = [ "hpc.xmu.edu.cn" ];
|
|
};
|
|
github =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
|
hostnames = [ "github.com" ];
|
|
};
|
|
xmupc1 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAINTvfywkKRwMrVp73HfHTfjhac2Tn9qX/lRjLr09ycHp";
|
|
hostnames = [ "[office.chn.moe]:6007" "[xmupc1.chn.moe]:6007" "wireguard.xmupc1.chn.moe" "192.168.83.6" ];
|
|
};
|
|
xmupc2 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIJZ/+divGnDr0x+UlknA84Tfu6TPD+zBGmxWZY4Z38P6";
|
|
hostnames = [ "[xmupc2.chn.moe]:6394" "wireguard.xmupc2.chn.moe" "192.168.83.7" ];
|
|
};
|
|
srv1-node0 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIDm6M1D7dBVhjjZtXYuzMj2P1fXNWN3O9wmwNssxEeDs";
|
|
hostnames = [ "srv1.chn.moe" "node0.srv1.chn.moe" "wireguard.node0.srv1.chn.moe" ];
|
|
};
|
|
srv1-node1 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIIFmG/ZzLDm23NeYa3SSI0a0uEyQWRFkaNRE9nB8egl7";
|
|
hostnames = [ "192.168.178.2" ];
|
|
};
|
|
srv1-node2 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIDhgEApzHhVPDvdVFPRuJ/zCDiR1K+rD4sZzH77imKPE";
|
|
hostnames = [ "192.168.178.3" ];
|
|
};
|
|
srv1-node3 =
|
|
{
|
|
ed25519 = "AAAAC3NzaC1lZDI1NTE5AAAAIO/4xbQNz6KNcEdjtBMGY8wUoFK1sCgamKl/r+kVjd7O";
|
|
hostnames = [ "192.168.178.4" ];
|
|
};
|
|
};
|
|
in builtins.listToAttrs (builtins.map
|
|
(server:
|
|
{
|
|
inherit (server) name;
|
|
value =
|
|
{
|
|
publicKey = "ssh-ed25519 ${server.value.ed25519}";
|
|
hostNames = server.value.hostnames;
|
|
};
|
|
})
|
|
(inputs.localLib.attrsToList servers));
|
|
programs.ssh =
|
|
{
|
|
startAgent = true;
|
|
enableAskPassword = true;
|
|
askPassword = "${inputs.pkgs.systemd}/bin/systemd-ask-password";
|
|
extraConfig = "AddKeysToAgent yes";
|
|
};
|
|
environment.sessionVariables.SSH_ASKPASS_REQUIRE = "prefer";
|
|
nixos.user.sharedModules =
|
|
[(hmInputs: {
|
|
config.programs.ssh =
|
|
{
|
|
enable = true;
|
|
controlMaster = "auto";
|
|
controlPersist = "1m";
|
|
compression = true;
|
|
matchBlocks = builtins.listToAttrs
|
|
(
|
|
(builtins.map
|
|
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; }; })
|
|
[ "vps4" "vps6" "wireguard.vps6" "vps7" "wireguard.vps7" "wireguard.nas" ])
|
|
++ (builtins.map
|
|
(host: { name = host; value = { inherit host; hostname = "${host}.chn.moe"; forwardX11 = true; }; })
|
|
[ "wireguard.pc" "wireguard.surface" "wireguard.xmupc1" "wireguard.xmupc2" "srv1" "wireguard.srv1" ])
|
|
++ (builtins.map
|
|
(host:
|
|
{
|
|
name = host;
|
|
value =
|
|
{
|
|
host = host;
|
|
hostname = "hpc.xmu.edu.cn";
|
|
user = host;
|
|
setEnv.TERM = "chn_unset_ls_colors:xterm-256color";
|
|
};
|
|
})
|
|
[ "wlin" "hwang" ])
|
|
)
|
|
// rec {
|
|
xmupc1 = { host = "xmupc1"; hostname = "xmupc1.chn.moe"; port = 6007; forwardX11 = true; };
|
|
xmupc2 = { host = "xmupc2"; hostname = "xmupc2.chn.moe"; port = 6394; forwardX11 = true; };
|
|
nas = { host = "nas"; hostname = "192.168.1.2"; forwardX11 = true; };
|
|
pc = { host = "pc"; hostname = "192.168.1.3"; forwardX11 = true; };
|
|
surface = { host = "surface"; hostname = "192.168.1.4"; forwardX11 = true; };
|
|
gitea = { host = "gitea"; hostname = "ssh.git.chn.moe"; };
|
|
jykang =
|
|
{
|
|
host = "jykang";
|
|
hostname = "hpc.xmu.edu.cn";
|
|
user = "jykang";
|
|
forwardAgent = true;
|
|
extraOptions.AddKeysToAgent = "yes";
|
|
};
|
|
"wireguard.jykang" = jykang // { host = "wireguard.jykang"; proxyJump = "wireguard.xmupc1"; };
|
|
srv1-node1 = { host = "srv1-node1"; hostname = "192.168.178.2"; proxyJump = "srv1"; };
|
|
srv1-node2 = { host = "srv1-node2"; hostname = "192.168.178.3"; proxyJump = "srv1"; };
|
|
srv1-node3 = { host = "srv1-node3"; hostname = "192.168.178.4"; proxyJump = "srv1"; };
|
|
};
|
|
};
|
|
})];
|
|
};
|
|
}
|