diff options
| author | Timo Wilken | 2023-04-21 19:03:33 +0200 |
|---|---|---|
| committer | Timo Wilken | 2023-04-21 19:03:33 +0200 |
| commit | f1416214cf242c5e1148cd68cc79eefa431149a5 (patch) | |
| tree | 57d7ac34d9f4cbab2aa7843e89f52e3e3bbd981c /tw/home.scm | |
| parent | e52b0e713c21bcc024c14dbfcffd39a9aeaa9650 (diff) | |
Use new openssh-host-proxy field
The openssl-host-proxy-command field is deprecated by Guix.
Diffstat (limited to 'tw/home.scm')
| -rw-r--r-- | tw/home.scm | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/tw/home.scm b/tw/home.scm index e77b672d..e4bab36b 100644 --- a/tw/home.scm +++ b/tw/home.scm @@ -80,6 +80,7 @@ auto-expand-secmem (openssh-host (name host) (port port) (user "timo"))) (define-public (openssh-service proxy-to-cern?) + (define no-proxy (list (proxy-jump (host-name "none")))) (service home-openssh-service-type (home-openssh-configuration (hosts @@ -88,7 +89,7 @@ auto-expand-secmem ;; My own machines ,@(map make-own-ssh-host (map car %ssh-ports) (map cdr %ssh-ports)) ,@(map make-own-ssh-host (map (compose wireguardify car) %ssh-ports) (map cdr %ssh-ports)) - ,(openssh-host (name "*.fritz.box") (proxy-command "ssh -W '[%h]:%p' lud.twilken.net")) + ,(openssh-host (name "*.fritz.box") (proxy (list (proxy-jump (host-name "lud.twilken.net"))))) ;; Git hosts ,(openssh-host (name "github.com") (user "git")) ,(openssh-host (name "ssh.github.com") (user "git")) @@ -96,7 +97,7 @@ auto-expand-secmem (name "gitlab.cern.ch") (user "git") (port 7999) - (proxy-command "none")) + (proxy no-proxy)) ;; BitBucket apparently only supports ssh-rsa. ,(openssh-host (name "bitbucket.org") @@ -106,10 +107,10 @@ auto-expand-secmem ;; CERN stuff ,(openssh-host (name "lxtunnel.cern.ch") - (proxy-command "none")) ; avoid ProxyJump loops + (proxy no-proxy)) ; avoid ProxyJump loops ,(openssh-host (name "lxplus.cern.ch") - (proxy-command "none") ; no jump needed + (proxy no-proxy) ; no jump needed (extra-content "GSSAPIDelegateCredentials yes")) ; needed for EOS home mount ;; Needed for EOS home mount. ,@(map (lambda (host) @@ -140,9 +141,9 @@ auto-expand-secmem (name "*.cern.ch") (user "twilken") (identity-file "~/.local/share/ssh-keys/cern_id_rsa") - (proxy-command (if proxy-to-cern? - "ssh -W '[%h]:%p' -l twilken lxtunnel.cern.ch" - "none")) + (proxy (if proxy-to-cern? + (list (proxy-jump (host-name "lxtunnel.cern.ch"))) + no-proxy)) (extra-content "\ # Kerberos authentication GSSAPIAuthentication yes |