nixos-configs/hosts/pinwheel/modules/ssh/default.nix

{ pkgs, ... }:
{
  home-manager.users.alex = {
    programs.ssh = {
      enable = true;

      matchBlocks = {
        "backwards" = {
          hostname = "backwards";
          user = "alex";
          identityFile = "/home/alex/.ssh/alex.pinwheel-backwards";
          port = 1122;
        };

        "andromeda" = {
          hostname = "andromeda.a2x.se";
          user = "alex";
          identityFile = "/home/alex/.ssh/alex.pinwheel-andromeda";
        };

        "tadpole" = {
          hostname = "65.21.106.222";
          user = "alex";
          identityFile = "/home/alex/.ssh/alex.pinwheel-tadpole";
          port = 1122;
        };

        "github.com" = {
          hostname = "github.com";
          identityFile = "/home/alex/.ssh/alex.pinwheel-github.com";
        };

        "codeberg.org" = {
          hostname = "codeberg.org";
          identityFile = "/home/alex/.ssh/alex.pinwheel-codeberg.org";
        };

        "git.ppp.pm" = {
          hostname = "git.ppp.pm";
          identityFile = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm";
        };
      };
    };

    home.packages = [ pkgs.sshfs ];
  };

  age.secrets = {
    "alex.pinwheel-backwards" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.age;
      path = "/home/alex/.ssh/alex.pinwheel-backwards";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-backwards.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-backwards.pub";
      owner = "alex";
      group = "users";
    };

    "alex.pinwheel-github.com" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-github.com.age;
      path = "/home/alex/.ssh/alex.pinwheel-github.com";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-github.com.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-github.com.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-github.com.pub";
      owner = "alex";
      group = "users";
    };

    "alex.pinwheel-codeberg.org" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-codeberg.org.age;
      path = "/home/alex/.ssh/alex.pinwheel-codeberg.org";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-codeberg.org.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-codeberg.org.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-codeberg.org.pub";
      owner = "alex";
      group = "users";
    };

    "alex.pinwheel-git.ppp.pm" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-git.ppp.pm.age;
      path = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-git.ppp.pm.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-git.ppp.pm.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm.pub";
      owner = "alex";
      group = "users";
    };

    "alex.pinwheel-andromeda" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-andromeda.age;
      path = "/home/alex/.ssh/alex.pinwheel-andromeda";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-andromeda.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-andromeda.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-andromeda.pub";
      owner = "alex";
      group = "users";
    };

    "alex.pinwheel-tadpole" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-tadpole.age;
      path = "/home/alex/.ssh/alex.pinwheel-tadpole";
      owner = "alex";
      group = "users";
    };
    "alex.pinwheel-tadpole.pub" = {
      file = ../../../../secrets/pinwheel/alex.pinwheel-tadpole.pub.age;
      path = "/home/alex/.ssh/alex.pinwheel-tadpole.pub";
      owner = "alex";
      group = "users";
    };
  };

  services.openssh = {
    enable = true;
    ports = [ 1122 ];

    hostKeys = [
      {
        path = "/etc/ssh/pinwheel";
        type = "ed25519";
      }
    ];
  };
}