ssh: add more options

2018-11-24 23:40:25 +01:00 · 2018-11-24 23:40:25 +01:00 · 456e2d7ed5
parent fa3d1f98e0
commit 456e2d7ed5
1 changed files with 24 additions and 2 deletions
--- a/modules/programs/ssh.nix
+++ b/modules/programs/ssh.nix
@ -8,6 +8,8 @@ let

  yn = flag: if flag then "yes" else "no";

+  unwords = builtins.concatStringsSep " ";
+
  matchBlockModule = types.submodule ({ name, ... }: {
    options = {
      host = mkOption {
@ -24,6 +26,15 @@ let
        description = "Specifies port number to connect on remote host.";
      };

+      forwardAgent = mkOption {
+        default = null;
+        type = types.nullOr types.bool;
+        description = ''
+          Whether the connection to the authentication agent (if any)
+          will be forwarded to the remote machine.
+        '';
+      };
+
      forwardX11 = mkOption {
        type = types.bool;
        default = false;
@ -81,6 +92,15 @@ let
          "Set timeout in seconds after which response will be requested.";
      };

+      sendEnv = mkOption {
+        type = types.listOf types.str;
+        default = [];
+        description = ''
+          Environment variables to send from the local host to the
+          server.
+        '';
+      };
+
      compression = mkOption {
        type = types.nullOr types.bool;
        default = null;
@ -118,12 +138,14 @@ let
  matchBlockStr = cf: concatStringsSep "\n" (
    ["Host ${cf.host}"]
    ++ optional (cf.port != null)         "  Port ${toString cf.port}"
+    ++ optional (cf.forwardAgent != null) "  ForwardAgent ${yn cf.forwardAgent}"
    ++ optional cf.forwardX11             "  ForwardX11 yes"
    ++ optional cf.forwardX11Trusted      "  ForwardX11Trusted yes"
    ++ optional cf.identitiesOnly         "  IdentitiesOnly yes"
    ++ optional (cf.user != null)         "  User ${cf.user}"
    ++ optional (cf.identityFile != null) "  IdentityFile ${cf.identityFile}"
    ++ optional (cf.hostname != null)     "  HostName ${cf.hostname}"
+    ++ optional (cf.sendEnv != [])        "  SendEnv ${unwords cf.sendEnv}"
    ++ optional (cf.serverAliveInterval != 0)
         "  ServerAliveInterval ${toString cf.serverAliveInterval}"
    ++ optional (cf.compression != null)  "  Compression ${yn cf.compression}"
@ -144,8 +166,8 @@ in
      default = false;
      type = types.bool;
      description = ''
-        Whether connection to authentication agent (if any) will be forwarded
-        to remote machine.
+        Whether the connection to the authentication agent (if any)
+        will be forwarded to the remote machine.
      '';
    };