From 7180d265c40cf9eab8af4253063c1a220e44889c Mon Sep 17 00:00:00 2001
From: Jack O'Sullivan <jackos1998@gmail.com>
Date: Mon, 21 Feb 2022 13:19:21 +0000
Subject: [PATCH] home-manager/configs: Add macsimum and use SSH extraConfig

---
 flake.lock                        |  6 +--
 flake.nix                         |  1 +
 home-manager/configs/castle.nix   |  5 +-
 home-manager/configs/macsimum.nix | 19 ++++++++
 home-manager/modules/common.nix   | 76 +++++++++++++++----------------
 5 files changed, 64 insertions(+), 43 deletions(-)
 create mode 100644 home-manager/configs/macsimum.nix

diff --git a/flake.lock b/flake.lock
index 2470002..aeba6b0 100644
--- a/flake.lock
+++ b/flake.lock
@@ -210,11 +210,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1644613700,
-        "narHash": "sha256-wLRPJclMH8vsHuFtyI78aF09lw5mbi3lMB6uiK5S2wE=",
+        "lastModified": 1645334861,
+        "narHash": "sha256-We9ECiMglthzbZ5S6Myqqf+RHzBFZPoM2qL5/jDkUjs=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "23d785aa6f853e6cf3430119811c334025bbef55",
+        "rev": "d5f237872975e6fb6f76eef1368b5634ffcd266f",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 5a46e4d..7126840 100644
--- a/flake.nix
+++ b/flake.nix
@@ -97,6 +97,7 @@
 
         # Homes
         home-manager/configs/castle.nix
+        home-manager/configs/macsimum.nix
       ];
 
       nixfiles = evalModules {
diff --git a/home-manager/configs/castle.nix b/home-manager/configs/castle.nix
index 2a0368d..8116299 100644
--- a/home-manager/configs/castle.nix
+++ b/home-manager/configs/castle.nix
@@ -15,6 +15,9 @@
             hostname = "h.nul.ie";
             sshOpts = [ "-4" "-p" "8022" ];
           };
+        };
+
+        programs = {
           ssh.matchBlocks = {
             home = {
               host =
@@ -23,9 +26,7 @@
               user = "root";
             };
           };
-        };
 
-        programs = {
           kakoune.enable = true;
         };
       };
diff --git a/home-manager/configs/macsimum.nix b/home-manager/configs/macsimum.nix
new file mode 100644
index 0000000..350df10
--- /dev/null
+++ b/home-manager/configs/macsimum.nix
@@ -0,0 +1,19 @@
+{
+  home-manager.homes."jack@macsimum" = {
+    system = "x86_64-darwin";
+    nixpkgs = "unstable";
+    homeDirectory = "/Users/jack";
+    username = "jack";
+
+    configuration = { pkgs, ... }:
+      {
+        my = {
+          deploy.enable = false;
+        };
+
+        programs = {
+          ssh.enable = false;
+        };
+      };
+  };
+}
diff --git a/home-manager/modules/common.nix b/home-manager/modules/common.nix
index d618586..fa80f6f 100644
--- a/home-manager/modules/common.nix
+++ b/home-manager/modules/common.nix
@@ -24,7 +24,6 @@ in
           literal = mkOpt' (listOf singleLineStr) [ ] "List of OpenSSH keys to allow";
           files = mkOpt' (listOf str) [ ] "List of OpenSSH key files to allow";
         };
-        matchBlocks = mkOpt' (attrsOf anything) { } "SSH match blocks";
       };
     };
 
@@ -48,35 +47,6 @@ in
         isStandalone = !(args ? osConfig);
 
         shell = mkDefault "${config.programs.fish.package}/bin/fish";
-
-        ssh = {
-          matchBlocks = {
-            nix-dev-vm = {
-              user = "dev";
-              hostname = "localhost";
-              port = 2222;
-              extraOptions = {
-                StrictHostKeyChecking = "no";
-                UserKnownHostsFile = "/dev/null";
-              };
-            };
-
-            "rsync.net" = {
-              host = "rsyncnet";
-              user = "16413";
-              hostname = "ch-s010.rsync";
-            };
-
-            shoe = {
-              host = "shoe.netsoc.tcd.ie shoe";
-              user = "netsoc";
-            };
-            netsocBoxes = {
-              host = "cube spoon napalm gandalf saruman";
-              user = "root";
-            };
-          };
-        };
       };
 
       home.file.".ssh/authorized_keys" = with config.my.ssh.authKeys;
@@ -152,16 +122,38 @@ in
 
         ssh = {
           enable = mkDefault true;
-          matchBlocks = (mapAttrs (_: b: dag.entryBefore [ "all" ] b) config.my.ssh.matchBlocks) // {
-            all = {
-              host = "*";
-              identityFile = [
-                "~/.ssh/id_rsa"
-                "~/.ssh/netsoc"
-                "~/.ssh/borg"
-              ];
+          matchBlocks = {
+            nix-dev-vm = {
+              user = "dev";
+              hostname = "localhost";
+              port = 2222;
+              extraOptions = {
+                StrictHostKeyChecking = "no";
+                UserKnownHostsFile = "/dev/null";
+              };
+            };
+
+            "rsync.net" = {
+              host = "rsyncnet";
+              user = "16413";
+              hostname = "ch-s010.rsync";
+            };
+
+            shoe = {
+              host = "shoe.netsoc.tcd.ie shoe";
+              user = "netsoc";
+            };
+            netsocBoxes = {
+              host = "cube spoon napalm gandalf saruman";
+              user = "root";
             };
           };
+          extraConfig =
+            ''
+              IdentityFile ~/.ssh/id_rsa
+              IdentityFile ~/.ssh/netsoc
+              IdentityFile ~/.ssh/borg
+            '';
         };
 
         direnv = {
@@ -197,6 +189,7 @@ in
           file
           tree
           iperf3
+          mosh
         ];
 
         sessionVariables = {
@@ -256,5 +249,12 @@ in
         };
       })
     ]))
+    (mkIf (pkgs.stdenv.isDarwin && config.my.isStandalone) {
+      home = {
+        packages = with pkgs; [
+          cacert
+        ];
+      };
+    })
   ];
 }