From a78f9f9d1ce225df551c4b97bf98fb1c6a370031 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Sat, 13 May 2017 01:11:06 +0200 Subject: [PATCH] ssh: use list for conditional blocks Sets do not guarantee order which is necessary for SSH configuration file semantics. Instead use a list of conditional block. Each conditional block must contain a `host` field, which will be used for the block condition. --- modules/programs/ssh.nix | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/modules/programs/ssh.nix b/modules/programs/ssh.nix index 508d92b5..fc191251 100644 --- a/modules/programs/ssh.nix +++ b/modules/programs/ssh.nix @@ -8,8 +8,15 @@ let yn = flag: if flag then "yes" else "no"; - hostModule = types.submodule ({...}: { + matchBlockModule = types.submodule ({...}: { options = { + host = mkOption { + type = types.str; + example = "*.example.org"; + description = '' + The host pattern used by this conditional block. + ''; + }; port = mkOption { type = types.nullOr types.int; @@ -80,8 +87,8 @@ let }; }); - hostStr = host: cf: concatStringsSep "\n" ( - ["Host ${host}"] + matchBlockStr = cf: concatStringsSep "\n" ( + ["Host ${cf.host}"] ++ optional (cf.port != null) " Port ${toString cf.port}" ++ optional cf.forwardX11 " ForwardX11 yes" ++ optional cf.forwardX11Trusted " ForwardX11Trusted yes" @@ -125,9 +132,9 @@ in ''; }; - hosts = mkOption { - type = types.attrsOf hostModule; - default = {}; + matchBlocks = mkOption { + type = types.listOf matchBlockModule; + default = []; description = '' Specify per-host settings. ''; @@ -140,7 +147,7 @@ in ControlMaster ${cfg.controlMaster} ControlPath ${cfg.controlPath} - ${concatStringsSep "\n\n" (mapAttrsToList hostStr cfg.hosts)} + ${concatStringsSep "\n\n" (map matchBlockStr cfg.matchBlocks)} ''; }; }