ssh: use list for conditional blocks

Sets do not guarantee order which is necessary for SSH configuration
file semantics. Instead use a list of conditional block. Each
conditional block must contain a `host` field, which will be used for
the block condition.
This commit is contained in:
Robert Helgesson 2017-05-13 01:11:06 +02:00
parent 5770af8fd8
commit a78f9f9d1c
No known key found for this signature in database
GPG key ID: C3DB11069E65DC86

View file

@ -8,8 +8,15 @@ let
yn = flag: if flag then "yes" else "no"; yn = flag: if flag then "yes" else "no";
hostModule = types.submodule ({...}: { matchBlockModule = types.submodule ({...}: {
options = { options = {
host = mkOption {
type = types.str;
example = "*.example.org";
description = ''
The host pattern used by this conditional block.
'';
};
port = mkOption { port = mkOption {
type = types.nullOr types.int; type = types.nullOr types.int;
@ -80,8 +87,8 @@ let
}; };
}); });
hostStr = host: cf: concatStringsSep "\n" ( matchBlockStr = cf: concatStringsSep "\n" (
["Host ${host}"] ["Host ${cf.host}"]
++ optional (cf.port != null) " Port ${toString cf.port}" ++ optional (cf.port != null) " Port ${toString cf.port}"
++ optional cf.forwardX11 " ForwardX11 yes" ++ optional cf.forwardX11 " ForwardX11 yes"
++ optional cf.forwardX11Trusted " ForwardX11Trusted yes" ++ optional cf.forwardX11Trusted " ForwardX11Trusted yes"
@ -125,9 +132,9 @@ in
''; '';
}; };
hosts = mkOption { matchBlocks = mkOption {
type = types.attrsOf hostModule; type = types.listOf matchBlockModule;
default = {}; default = [];
description = '' description = ''
Specify per-host settings. Specify per-host settings.
''; '';
@ -140,7 +147,7 @@ in
ControlMaster ${cfg.controlMaster} ControlMaster ${cfg.controlMaster}
ControlPath ${cfg.controlPath} ControlPath ${cfg.controlPath}
${concatStringsSep "\n\n" (mapAttrsToList hostStr cfg.hosts)} ${concatStringsSep "\n\n" (map matchBlockStr cfg.matchBlocks)}
''; '';
}; };
} }