From f141207f6ec4bd757a2d95ed35248818b7b8059f Mon Sep 17 00:00:00 2001
From: Thilo Billerbeck <thilo.billerbeck@officerent.de>
Date: Wed, 29 May 2024 16:35:45 +0200
Subject: [PATCH 1/3] flake.lock: Update
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Flake lock file updates:

• Updated input 'home-manager':
    'github:nix-community/home-manager/373ead20606efa9181cd15ba19a5deac7ead1492?narHash=sha256-Zl6e/sEVDh07K47XxDGPsXTYT4nI6llUDbQ4xMIwp7k%3D' (2024-05-28)
  → 'github:nix-community/home-manager/a9b36cbe9292a649222b89fdb9ae9907e9c74086?narHash=sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo%3D' (2024-05-28)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/bfb7a882678e518398ce9a31a881538679f6f092?narHash=sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8%3D' (2024-05-24)
  → 'github:NixOS/nixpkgs/9ca3f649614213b2aaf5f1e16ec06952fe4c2632?narHash=sha256-7EXDb5WBw%2Bd004Agt%2BJHC/Oyh/KTUglOaQ4MNjBbo5w%3D' (2024-05-27)
---
 flake.lock | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/flake.lock b/flake.lock
index fe57175..e1d118e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -93,11 +93,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1716908526,
-        "narHash": "sha256-Zl6e/sEVDh07K47XxDGPsXTYT4nI6llUDbQ4xMIwp7k=",
+        "lastModified": 1716930911,
+        "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "373ead20606efa9181cd15ba19a5deac7ead1492",
+        "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086",
         "type": "github"
       },
       "original": {
@@ -303,11 +303,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1716509168,
-        "narHash": "sha256-4zSIhSRRIoEBwjbPm3YiGtbd8HDWzFxJjw5DYSDy1n8=",
+        "lastModified": 1716769173,
+        "narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "bfb7a882678e518398ce9a31a881538679f6f092",
+        "rev": "9ca3f649614213b2aaf5f1e16ec06952fe4c2632",
         "type": "github"
       },
       "original": {

From ed12b67cb9e1703d99b9b306c117203cd77ca37c Mon Sep 17 00:00:00 2001
From: Thilo Billerbeck <thilo.billerbeck@officerent.de>
Date: Tue, 4 Jun 2024 20:55:23 +0200
Subject: [PATCH 2/3] flake.lock: Update
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Flake lock file updates:

• Updated input 'dagger':
    'github:dagger/nix/9e26b2f73eebf9e3b9fbc1a31c378ccb2daf84cd?narHash=sha256-n1UnQ7RbJwDAUX1fq4%2BhUNVVIWDlZKvAsUp/muSkV3g%3D' (2024-05-28)
  → 'github:dagger/nix/b806c06b83310040821771278fc5bcd745c8934a?narHash=sha256-6hJbR3t2qZi/ozZpfTB9eZRuE5BxtNOR9pTxEm7bYbY%3D' (2024-05-30)
• Updated input 'home-manager':
    'github:nix-community/home-manager/a9b36cbe9292a649222b89fdb9ae9907e9c74086?narHash=sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo%3D' (2024-05-28)
  → 'github:nix-community/home-manager/a7117efb3725e6197dd95424136f79147aa35e5b?narHash=sha256-5z2422pzWnPXHgq2ms8lcCfttM0dz%2Bhg%2Bx1pCcNkAws%3D' (2024-06-04)
• Updated input 'nix-index-database':
    'github:nix-community/nix-index-database/ff80cb4a11bb87f3ce8459be6f16a25ac86eb2ac?narHash=sha256-Idcye44UW%2BEgjbjCoklf2IDF%2BXrehV6CVYvxR1omst4%3D' (2024-05-27)
  → 'github:nix-community/nix-index-database/972a52bee3991ae1f1899e6452e0d7c01ee566d9?narHash=sha256-43UmlS1Ifx17y93/Vc258U7bOlAAIZbu8dsGDHOIIr0%3D' (2024-06-02)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/9ca3f649614213b2aaf5f1e16ec06952fe4c2632?narHash=sha256-7EXDb5WBw%2Bd004Agt%2BJHC/Oyh/KTUglOaQ4MNjBbo5w%3D' (2024-05-27)
  → 'github:NixOS/nixpkgs/57610d2f8f0937f39dbd72251e9614b1561942d8?narHash=sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0%3D' (2024-05-31)
---
 flake.lock | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/flake.lock b/flake.lock
index e1d118e..f57675d 100644
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1716892732,
-        "narHash": "sha256-n1UnQ7RbJwDAUX1fq4+hUNVVIWDlZKvAsUp/muSkV3g=",
+        "lastModified": 1717104796,
+        "narHash": "sha256-6hJbR3t2qZi/ozZpfTB9eZRuE5BxtNOR9pTxEm7bYbY=",
         "owner": "dagger",
         "repo": "nix",
-        "rev": "9e26b2f73eebf9e3b9fbc1a31c378ccb2daf84cd",
+        "rev": "b806c06b83310040821771278fc5bcd745c8934a",
         "type": "github"
       },
       "original": {
@@ -93,11 +93,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1716930911,
-        "narHash": "sha256-t4HT5j3Jy7skRB5PINnxcEBCkgE89rGBpwTI7YS4Ffo=",
+        "lastModified": 1717525419,
+        "narHash": "sha256-5z2422pzWnPXHgq2ms8lcCfttM0dz+hg+x1pCcNkAws=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "a9b36cbe9292a649222b89fdb9ae9907e9c74086",
+        "rev": "a7117efb3725e6197dd95424136f79147aa35e5b",
         "type": "github"
       },
       "original": {
@@ -214,11 +214,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1716772633,
-        "narHash": "sha256-Idcye44UW+EgjbjCoklf2IDF+XrehV6CVYvxR1omst4=",
+        "lastModified": 1717297675,
+        "narHash": "sha256-43UmlS1Ifx17y93/Vc258U7bOlAAIZbu8dsGDHOIIr0=",
         "owner": "nix-community",
         "repo": "nix-index-database",
-        "rev": "ff80cb4a11bb87f3ce8459be6f16a25ac86eb2ac",
+        "rev": "972a52bee3991ae1f1899e6452e0d7c01ee566d9",
         "type": "github"
       },
       "original": {
@@ -303,11 +303,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1716769173,
-        "narHash": "sha256-7EXDb5WBw+d004Agt+JHC/Oyh/KTUglOaQ4MNjBbo5w=",
+        "lastModified": 1717196966,
+        "narHash": "sha256-yZKhxVIKd2lsbOqYd5iDoUIwsRZFqE87smE2Vzf6Ck0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "9ca3f649614213b2aaf5f1e16ec06952fe4c2632",
+        "rev": "57610d2f8f0937f39dbd72251e9614b1561942d8",
         "type": "github"
       },
       "original": {

From e87963f9d7f998bb7692fc5b562a8ef1d7b5c618 Mon Sep 17 00:00:00 2001
From: Thilo Billerbeck <thilo.billerbeck@officerent.de>
Date: Tue, 4 Jun 2024 22:26:37 +0200
Subject: [PATCH 3/3] switch over to generative ssh config

---
 home-manager/modules/machine.nix |  5 +-
 home-manager/programs/ssh.nix    | 91 ++++++++++++++++++++++++++++++++
 2 files changed, 92 insertions(+), 4 deletions(-)
 create mode 100644 home-manager/programs/ssh.nix

diff --git a/home-manager/modules/machine.nix b/home-manager/modules/machine.nix
index 70c15ab..3a680f3 100644
--- a/home-manager/modules/machine.nix
+++ b/home-manager/modules/machine.nix
@@ -29,6 +29,7 @@ with lib;
     ./../programs/syncthing.nix
     ./../programs/hstr.nix
     ./../programs/thefuck.nix
+    ./../programs/ssh.nix
     ./../../nix.nix
     ./packages.nix
   ];
@@ -84,10 +85,6 @@ with lib;
         ".config/nano/nanorc".text = ''
           set linenumbers
         '';
-        ".ssh/config_source" = {
-          source = ./../dotfiles/ssh-config;
-          onChange = "cat ~/.ssh/config_source > ~/.ssh/config && chmod 600 ~/.ssh/config";
-        };
         ".gitignore".source = ./../dotfiles/.gitignore;
         ".config/pipewire/pipewire.conf.d/99-noise-suppression.conf".text = ''
           context.modules = [{
diff --git a/home-manager/programs/ssh.nix b/home-manager/programs/ssh.nix
new file mode 100644
index 0000000..d536942
--- /dev/null
+++ b/home-manager/programs/ssh.nix
@@ -0,0 +1,91 @@
+{ lib, ... }:
+
+let
+  ownDomains = [
+    "thilo-billerbeck.com"
+    "avocadoom.de"
+    "officerent.de"
+  ];
+  thiloBillerbeckHosts = [
+    "lisa"
+    "bart"
+    "burns"
+    "homer"
+    "marge"
+    "apu"
+    "krusty"
+    "skinner"
+  ];
+  manualMatchBlocks = {
+    "github.com" = {
+      identityFile = "~/.ssh/id_github-com";
+      user = "git";
+      identitiesOnly = true;
+    };
+    "mail" = { hostname = "mail.officerent.de"; };
+    "*.tu-darmstadt.de" = {
+      identityFile = "~/.ssh/id_tu-darmstadt-de";
+    };
+    "*.rwth-aachen.de" = {
+      identityFile = "~/.ssh/id_tu-darmstadt-de";
+    };
+    "*.tobias-neidig.de" = {
+      identityFile = "~/.ssh/id_tobias-neidig-de";
+    };
+    "*.darmstadt.ccc.de" = {
+      identityFile = "~/.ssh/id_darmstadt-ccc-de";
+    };
+    "*.relaix.net" = {
+      identityFile = "~/.ssh/id_relaix-net";
+      user = "tbillerbeck";
+    };
+    "*.w17.io" = {
+      user = "chaos";
+      identityFile = "~/.ssh/id_w17";
+    };
+    "*.tailscale.net" = {
+      user = "thilo";
+      identityFile = "~/.ssh/id_tailscale";
+    };
+    "ssh.dev.azure.com" = {
+      identityFile = "~/.ssh/id_azure-com";
+      identitiesOnly = true;
+      extraOptions = {
+        HostkeyAlgorithms = "+ssh-rsa";
+        PubkeyAcceptedKeyTypes = "+ssh-rsa";
+      };
+    };
+  };
+  catchAlls = builtins.listToAttrs (
+    builtins.map (host: {
+      name = "*.${host}";
+      value = {
+        identityFile = "~/.ssh/id_thilo-billerbeck-com";
+        user = "root";
+      };
+    }) ownDomains
+  );
+  hostnameAliasses = builtins.listToAttrs (
+    builtins.map (host: {
+      name = "${host}";
+      value = {
+        hostname = "${host}.thilo-billerbeck.com";
+      };
+    }) thiloBillerbeckHosts
+  );
+  buildersCCCDA = builtins.listToAttrs (
+    builtins.map (host: {
+      name = "build${host}.darmstadt.ccc.de";
+      value = {
+        	user = "avocadoom";
+          identityFile = "~/.ssh/id_darmstadt-ccc-de";
+      };
+    }) ["1" "2" "3" "4"]
+  );
+in
+{
+  programs.ssh = {
+    enable = true;
+    matchBlocks = manualMatchBlocks // catchAlls // hostnameAliasses // buildersCCCDA;
+  };
+}