Torjus Håkestad
b8e04eb338
Replace scattered osConfig.system.name comparisons with a declarative host.capabilities module. This improves maintainability and semantic clarity by expressing what capabilities a host has rather than checking its name. Changes: - Add system/host-capabilities.nix with options for hardware, form factor, UI behavior, services, and backup configuration - Configure capabilities in hosts/gunter and hosts/magicman - Migrate 6 files to use capabilities: packages, waybar, ssh, backup-home - Remove redundant host name check for pciutils in gunter config - Make backup-home service conditionally enabled based on capabilities Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
55 lines
1.3 KiB
Nix
55 lines
1.3 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
osConfig,
|
|
...
|
|
}:
|
|
let
|
|
eduroam-active = pkgs.writeShellApplication {
|
|
name = "eduroam-active";
|
|
runtimeInputs = with pkgs; [
|
|
networkmanager
|
|
];
|
|
text = ''
|
|
nmcli -g GENERAL.STATE c s interface|grep -q -E '\bactiv'
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
programs.ssh = {
|
|
enable = true;
|
|
enableDefaultConfig = false;
|
|
|
|
matchBlocks = {
|
|
"bmo.uio.no-on-eduroam" = (
|
|
lib.mkIf (osConfig.host.capabilities.hasEduroamAccess) (
|
|
lib.hm.dag.entryBefore [ "bmo.uio.no" "*" ] {
|
|
match = "host bmo.uio.no exec \"nmcli -g GENERAL.STATE c s eduroam|grep -q -E '\\bactiv'\"";
|
|
hostname = "bmo.uio.no";
|
|
forwardAgent = false;
|
|
serverAliveInterval = 30;
|
|
controlMaster = "auto";
|
|
controlPath = "/run/user/%i/ssh-cm-%C";
|
|
}
|
|
)
|
|
);
|
|
|
|
"bmo.uio.no" = lib.hm.dag.entryBefore [ "*" ] {
|
|
hostname = "bmo.uio.no";
|
|
forwardAgent = false;
|
|
proxyJump = "torjus@rlogin.uio.no";
|
|
serverAliveInterval = 30;
|
|
controlMaster = "auto";
|
|
controlPath = "/run/user/%i/ssh-cm-%C";
|
|
};
|
|
|
|
"*" = {
|
|
serverAliveInterval = 30;
|
|
controlMaster = "auto";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.ssh-agent.enable = true;
|
|
}
|