oysteikt/nix-dotfiles
oysteikt/nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

home/ssh: simplify pvv ssh config

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit 2024-11-29 01:35:14 +01:00
parent e0683af8eb
commit 0abd0c6251
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 29 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
home/programs/ssh/pvv.nix
View File

@ -1,14 +1,13 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
let let # http://www.pvv.ntnu.no/pvv/Maskiner
adminUser = "root";
normalUser = "oysteikt";
# http://www.pvv.ntnu.no/pvv/Maskiner
normalMachines = [ normalMachines = [
{ {
names = [ "hildring" "pvv-login" "pvv" ]; names = [ "hildring" "pvv-login" ];
proxyJump = lib.mkDefault null;
}
{
names = [ "drolsum" "pvv-login2" "pvv" ];
proxyJump = lib.mkDefault null; proxyJump = lib.mkDefault null;
addressFamily = "inet";
} }
[ "bekkalokk" "pvv-web" "pvv-wiki" "pvv-webmail" ] [ "bekkalokk" "pvv-web" "pvv-wiki" "pvv-webmail" ]
[ "bicep" "pvv-databases" ] [ "bicep" "pvv-databases" ]
@ -17,7 +16,6 @@ let
"buskerud" "buskerud"
"dagali" "dagali"
"demiurgen" "demiurgen"
"drolsum"
"eirin" "eirin"
"georg" "georg"
"ildkule" "ildkule"
@ -38,59 +36,38 @@ let
"ludvigsen" "ludvigsen"
[ "principal" "pvv-backup" ] [ "principal" "pvv-backup" ]
[ "skrott" "dibbler" ] [ "skrott" "dibbler" ]
[ "sleipner" "pvv-salt" ] {
names = [ "sleipner" "pvv-salt" ];
user = "oysteikt/admin";
}
]; ];
# Either( String [String] AttrSet{String} ) -> AttrSet{String} overrideIfNotExists = b: a: a // (builtins.removeAttrs b (builtins.attrNames a));
coerceToSSHMatchBlock =
machine:
if builtins.isString machine then { names = [machine]; }
else if builtins.isList machine then { names = machine; }
else machine;
# ListOf(String) -> AttrSet coerce = user: machines: lib.pipe machines [
machineWithNames = let (m: if builtins.isString m then { names = [m]; } else m)
inherit (lib.lists) head; (m: if builtins.isList m then { names = m; } else m)
inherit (lib.strings) split; (overrideIfNotExists { inherit user; })
in
names: { hostname = "${head names}.pvv.ntnu.no"; };
# AttrSet -> AttrSet -> AttrSet
convertMachineWithDefaults = defaults: normalizedMachine: let
inherit (lib.attrsets) nameValuePair;
inherit (lib.strings) concatStringsSep;
inherit (normalizedMachine) names;
name = concatStringsSep " " names;
value =
(machineWithNames names)
// defaults
// removeAttrs normalizedMachine ["names"];
in
nameValuePair name value;
# AttrSet -> AttrSet
convertNormalMachine = convertMachineWithDefaults { user = normalUser; proxyJump = "pvv"; };
# AttrSet -> AttrSet
convertAdminMachine =
convertMachineWithDefaults { user = adminUser; proxyJump = "pvv"; };
# ListOf (Either(String ListOf(String) AttrsOf(String))) -> (AttrSet -> AttrSet) -> AttrSet
convertMachinesWith = convertMachineFunction: let
inherit (lib.attrsets) listToAttrs;
inherit (lib.trivial) pipe;
pipeline = [
(map coerceToSSHMatchBlock)
(map convertMachineFunction)
listToAttrs
]; ];
in
machines: pipe machines pipeline; normalUser = "oysteikt";
matchConfig = let
machines = (map (coerce normalUser) normalMachines) ++ (map (coerce "root") rootMachines);
setVars = orig@{ names, ... }: {
name = builtins.concatStringsSep " " names;
value = overrideIfNotExists {
hostname = "${builtins.head names}.pvv.ntnu.no";
proxyJump = "pvv";
addressFamily = "inet";
} (builtins.removeAttrs orig ["names"]);
};
in builtins.listToAttrs (map setVars machines);
in in
{ {
programs.ssh.matchBlocks = lib.mergeAttrsList [ programs.ssh.matchBlocks = lib.mergeAttrsList [
(convertMachinesWith convertNormalMachine normalMachines) matchConfig
(convertMachinesWith convertAdminMachine rootMachines)
{ {
"pvv-git git.pvv.ntnu.no" = { "pvv-git git.pvv.ntnu.no" = {
hostname = "git.pvv.ntnu.no"; hostname = "git.pvv.ntnu.no";