From 721a7e682848c7abd6ebcdf7cf1b7e148c19e383 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 12 Mar 2023 03:58:52 +0000 Subject: [PATCH] ops/nixos: refactor ssh_config --- ops/nixos/lib/common.nix | 4 ++-- ops/nixos/lib/home-manager/ext.nix | 4 ++-- ops/nixos/lib/whitby-distributed.nix | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ops/nixos/lib/common.nix b/ops/nixos/lib/common.nix index e6b7d07cdf..6951be68c2 100644 --- a/ops/nixos/lib/common.nix +++ b/ops/nixos/lib/common.nix @@ -212,9 +212,9 @@ in programs.ssh = { extraConfig = '' CanonicalizeHostname yes - CanonicalDomains int.as205479.net as205479.net + CanonicalDomains int.as205479.net as205479.net otter-acoustic.ts.net CanonicalizeMaxDots 0 - CanonicalizePermittedCNAMEs *.lukegb.com:*.as205479.net,*.int.as205479.net *.lukegb.dev:*.as205479.net,*.int.as205479.net *.zxcvbnm.ninja:*.as205479.net,*.int.as205479.net + CanonicalizePermittedCNAMEs *.lukegb.com:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net *.lukegb.dev:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net *.zxcvbnm.ninja:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net ''; knownHosts."*" = { certAuthority = true; diff --git a/ops/nixos/lib/home-manager/ext.nix b/ops/nixos/lib/home-manager/ext.nix index d87b549992..c6efbeca43 100644 --- a/ops/nixos/lib/home-manager/ext.nix +++ b/ops/nixos/lib/home-manager/ext.nix @@ -8,9 +8,9 @@ in { programs.ssh = { extraConfig = '' CanonicalizeHostname yes - CanonicalDomains int.as205479.net as205479.net + CanonicalDomains int.as205479.net as205479.net otter-acoustic.ts.net CanonicalizeMaxDots 0 - CanonicalizePermittedCNAMEs *.lukegb.com:*.as205479.net,*.int.as205479.net *.lukegb.dev:*.as205479.net,*.int.as205479.net *.zxcvbnm.ninja:*.as205479.net,*.int.as205479.net + CanonicalizePermittedCNAMEs *.lukegb.com:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net *.lukegb.dev:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net *.zxcvbnm.ninja:*.as205479.net,*.int.as205479.net,*.otter-acoustic.ts.net ''; userKnownHostsFile = "~/.ssh/known_hosts ${caKnownHostsFile}"; }; diff --git a/ops/nixos/lib/whitby-distributed.nix b/ops/nixos/lib/whitby-distributed.nix index 193121a3e3..75c4a7c6ea 100644 --- a/ops/nixos/lib/whitby-distributed.nix +++ b/ops/nixos/lib/whitby-distributed.nix @@ -22,6 +22,7 @@ programs.ssh.extraConfig = '' Host whitby-build + Hostname whitby.tvl.fyi User lukegb PubkeyAcceptedKeyTypes ssh-ed25519 IdentityFile ${config.my.vault.secrets.id_ed25519_nixbuild.path}