ssh: add addKeysToAgent option

modules/programs/ssh.nix

@@ -361,6 +361,17 @@ in
       '';
     };
 
+    addKeysToAgent = mkOption {
+      type = types.str;
+      default = "no";
+      description = ''
+        When enabled, a private key that is used during authentication will be
+        added to ssh-agent if it is running (with confirmation enabled if
+        set to 'confirm'). The argument must be 'no' (the default), 'yes', 'confirm'
+        (optionally followed by a time interval), 'ask' or a time interval (e.g. '1h').
+      '';
+    };
+
     compression = mkOption {
       default = false;
       type = types.bool;
@@ -528,6 +539,7 @@ in
 
       Host *
         ForwardAgent ${lib.hm.booleans.yesNo cfg.forwardAgent}
+        AddKeysToAgent ${cfg.addKeysToAgent}
         Compression ${lib.hm.booleans.yesNo cfg.compression}
         ServerAliveInterval ${toString cfg.serverAliveInterval}
         ServerAliveCountMax ${toString cfg.serverAliveCountMax}

tests/modules/programs/ssh/default-config-expected.conf

@@ -2,6 +2,7 @@
 
 Host *
   ForwardAgent no
+  AddKeysToAgent no
   Compression no
   ServerAliveInterval 0
   ServerAliveCountMax 3

tests/modules/programs/ssh/forwards-dynamic-valid-bind-no-asserts-expected.conf

@@ -5,6 +5,7 @@ Host dynamicBindPathNoPort
 
 Host *
   ForwardAgent no
+  AddKeysToAgent no
   Compression no
   ServerAliveInterval 0
   ServerAliveCountMax 3

tests/modules/programs/ssh/match-blocks-attrs-expected.conf

@@ -18,6 +18,7 @@ Host ordered
 
 Host *
   ForwardAgent no
+  AddKeysToAgent no
   Compression no
   ServerAliveInterval 0
   ServerAliveCountMax 3

tests/modules/programs/ssh/match-blocks-match-and-hosts-expected.conf

@@ -7,6 +7,7 @@ Match host xyz canonical
 
 Host *
   ForwardAgent no
+  AddKeysToAgent no
   Compression no
   ServerAliveInterval 0
   ServerAliveCountMax 3