From 9a16036cc91571fd41233f30520a88818dabfa40 Mon Sep 17 00:00:00 2001
From: oddlama <oddlama@oddlama.org>
Date: Mon, 4 Sep 2023 16:27:21 +0200
Subject: [PATCH] fix: allow default identity on any host

---
 users/myuser/ssh.nix | 80 +++++++++-----------------------------------
 1 file changed, 16 insertions(+), 64 deletions(-)

diff --git a/users/myuser/ssh.nix b/users/myuser/ssh.nix
index ada0ea5..4593d8d 100644
--- a/users/myuser/ssh.nix
+++ b/users/myuser/ssh.nix
@@ -2,73 +2,25 @@
   home.file.".ssh/yubikey.pub".text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5Uq+CDy5Pmt3If5M6d8K/Q7HArU6sZ7sgoj3T521Wm cardno:15 209 174";
   programs.ssh = {
     enable = true;
-    matchBlocks = let
-      withYubikey = {identityFile = ["~/.ssh/yubikey.pub"];};
-    in {
+    matchBlocks = {
       "*" = {
+        identityFile = ["~/.ssh/yubikey.pub"];
         identitiesOnly = true;
       };
-      meister =
-        {
-          user = "root";
-          hostname = "meister.oddlama.org";
-        }
-        // withYubikey;
-      envoy =
-        {
-          user = "root";
-          hostname = "94.130.104.236";
-        }
-        // withYubikey;
-      vm-base =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.01";
-        }
-        // withYubikey;
-      vm-misc =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.16";
-        }
-        // withYubikey;
-      vm-samba =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.64";
-        }
-        // withYubikey;
-      vm-nginx =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.128";
-        }
-        // withYubikey;
-      vm-radicale =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.129";
-        }
-        // withYubikey;
-      vm-vaultwarden =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.130";
-        }
-        // withYubikey;
-      vm-test =
-        {
-          user = "root";
-          proxyJump = "meister";
-          hostname = "172.16.0.255";
-        }
-        // withYubikey;
+      # TODO more from secrets nixosConfiguration.repo.secrets.global
+      meister = {
+        user = "root";
+        hostname = "meister.oddlama.org";
+      };
+      envoy = {
+        user = "root";
+        hostname = "94.130.104.236";
+      };
+      vm-base = {
+        user = "root";
+        proxyJump = "meister";
+        hostname = "172.16.0.01";
+      };
     };
   };
 }