Mirrors/home-manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

ssh: add localForwards option for matchBlocks

Browse source
This commit is contained in:
Tobias Happ 2019-08-02 19:37:45 +02:00 committed by Robert Helgesson
parent ed4f66185f
commit 0e871b490e
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
3 changed files with 70 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

62
modules/programs/ssh.nix
View file

@ -10,6 +10,39 @@ let
unwords = builtins.concatStringsSep " "; unwords = builtins.concatStringsSep " ";
localForwardModule = types.submodule ({ ... }: {
options = {
bind = {
address = mkOption {
type = types.str;
default = "localhost";
example = "example.org";
description = "The address where to bind the port.";
};
port = mkOption {
type = types.port;
example = 8080;
description = "Specifies port number to bind on bind address.";
};
};
host = {
address = mkOption {
type = types.str;
example = "example.org";
description = "The address where to forward the traffic to.";
};
port = mkOption {
type = types.port;
example = 80;
description = "Specifies port number to forward the traffic to.";
};
};
};
});
matchBlockModule = types.submodule ({ name, ... }: { matchBlockModule = types.submodule ({ name, ... }: {
options = { options = {
host = mkOption { host = mkOption {
@ -152,6 +185,27 @@ let
''; '';
}; };
localForwards = mkOption {
type = types.listOf localForwardModule;
default = [];
example = literalExample ''
[
{
bind.port = 8080;
host.address = "10.0.0.13";
host.port = 80;
}
];
'';
description = ''
Specify local port forwardings. See
<citerefentry>
<refentrytitle>ssh_config</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry> for LocalForward.
'';
};
extraOptions = mkOption { extraOptions = mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.str;
default = {}; default = {};
@ -181,6 +235,14 @@ let
++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}" ++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}"
++ optional (cf.proxyJump != null) " ProxyJump ${cf.proxyJump}" ++ optional (cf.proxyJump != null) " ProxyJump ${cf.proxyJump}"
++ map (file: " IdentityFile ${file}") cf.identityFile ++ map (file: " IdentityFile ${file}") cf.identityFile
++ map (f:
let
addressPort = entry: " [${entry.address}]:${toString entry.port}";
in
" LocalForward"
+ addressPort f.bind
+ addressPort f.host
) cf.localForwards
++ mapAttrsToList (n: v: " ${n} ${v}") cf.extraOptions ++ mapAttrsToList (n: v: " ${n} ${v}") cf.extraOptions
); );

1
tests/modules/programs/ssh/match-blocks-attrs-expected.conf
View file

@ -11,6 +11,7 @@ Host abc
Host xyz Host xyz
ServerAliveInterval 60 ServerAliveInterval 60
IdentityFile file IdentityFile file
LocalForward [localhost]:8080 [10.0.0.1]:80
Host * Host *
ForwardAgent no ForwardAgent no

7
tests/modules/programs/ssh/match-blocks-attrs.nix
View file

@ -15,6 +15,13 @@ with lib;
xyz = { xyz = {
identityFile = "file"; identityFile = "file";
serverAliveInterval = 60; serverAliveInterval = 60;
localForwards = [
{
bind.port = 8080;
host.address = "10.0.0.1";
host.port = 80;
}
];
}; };
"* !github.com" = { "* !github.com" = {