{ config, lib, ... }: { programs.ssh = lib.mkIf config.ssh { enable = true; enableDefaultConfig = false; extraConfig = '' SetEnv TERM="xterm-256color" ${lib.optionalString config._1password "IdentityAgent ~/.1password/agent.sock"} ''; matchBlocks = lib.mkMerge [ { "*" = { user = "john"; # From the help text about the deprecation of the default config: forwardAgent = false; addKeysToAgent = "no"; compression = false; serverAliveInterval = 0; serverAliveCountMax = 3; hashKnownHosts = false; userKnownHostsFile = "~/.ssh/known_hosts"; controlMaster = "no"; controlPath = "~/.ssh/master-%r@%n:%p"; controlPersist = "no"; }; } (lib.mkIf (config.profile == "personal") { "ad-nix" = { hostname = "192.168.1.201"; user = "appdaemon"; }; "appdaemon" = { hostname = "192.168.1.242"; user = "appdaemon"; }; "docs" = { hostname = "192.168.1.110"; user = "root"; }; "gitea" = { hostname = "192.168.1.104"; user = "john"; }; "hermes" = { hostname = "192.168.1.150"; user = "root"; }; "panoptes" = { hostname = "192.168.1.107"; user = "panoptes"; }; "panoptes-root" = { hostname = "192.168.1.107"; user = "root"; }; "platform-caddy" = { hostname = "192.168.1.65"; user = "root"; }; "pve5070" = { hostname = "192.168.1.130"; user = "root"; }; "nix-test" = { hostname = "192.168.1.36"; user = "john"; }; "z2m-nix" = { hostname = "192.168.1.129"; user = "root"; }; "soteria" = { hostname = "soteria.john-stream.com"; user = "john"; identitiesOnly = true; identityFile = "~/.ssh/id_ed25519"; certificateFile = "~/.ssh/id_ed25519-cert.pub"; }; "*.john-stream.com" = { user = "john"; identitiesOnly = true; identityFile = "~/.ssh/id_ed25519"; certificateFile = "~/.ssh/id_ed25519-cert.pub"; addKeysToAgent = "yes"; forwardAgent = true; }; }) (lib.mkIf (config.profile == "work") { "ubuntu-nvidia" = { hostname = "10.118.46.120"; user = "john"; }; }) ]; }; }