diff --git a/home/shell/default.nix b/home/shell/default.nix index 969cab0..bee27b7 100644 --- a/home/shell/default.nix +++ b/home/shell/default.nix @@ -7,7 +7,7 @@ ./exa.nix ./git.nix ./micro.nix - # ./ssh.nix + ./ssh.nix ./mpv.nix ./tmux.nix ./fish.nix diff --git a/home/shell/ssh.nix b/home/shell/ssh.nix index 90ce8b5..57993d8 100644 --- a/home/shell/ssh.nix +++ b/home/shell/ssh.nix @@ -1,8 +1,67 @@ -{...}: { +{ + pkgs, + lib, + ... +}: let + gcpHost = { + hostname, + project, + zone, + forwardAgent ? false, + }: { + proxyCommand = "${lib.getExe pkgs.python3} -S ${pkgs.google-cloud-sdk}/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel ${hostname} %p --listen-on-stdin --project ${project} --zone ${zone} --verbosity warning"; + forwardAgent = forwardAgent; + checkHostIP = false; + identitiesOnly = true; + extraOptions = { + StrictHostKeyChecking = "no"; + ProxyUseFdpass = "no"; + UserKnownHostsFile = "~/.ssh/google_compute_known_hosts"; + }; + }; +in { programs.ssh = { - enable = false; + enable = true; compression = true; addKeysToAgent = "ask"; + + matchBlocks = { + "cesium git.fainsin.bzh" = { + hostname = "fainsin.bzh"; + user = "root"; + port = 624; + }; + "nicole" = { + hostname = "3.tcp.eu.ngrok.io"; + user = "laurent"; + port = 25077; + forwardAgent = true; + }; + "dataverse51" = gcpHost { + hostname = "dataverse51"; + project = "genie-training"; + zone = "europe-west1-d"; + forwardAgent = true; + }; + "laurent-dev-hdd" = gcpHost { + hostname = "laurent-dev-hdd"; + project = "genie-training"; + zone = "europe-west1-b"; + forwardAgent = true; + }; + "laurent-dev-l4" = gcpHost { + hostname = "laurent-dev-l4"; + project = "genie-training"; + zone = "europe-west1-b"; + forwardAgent = true; + }; + "laurent-dev-a100" = gcpHost { + hostname = "laurent-dev-a100"; + project = "genie-training"; + zone = "europe-west4-a"; + forwardAgent = true; + }; + }; }; }