From 608b392e5699bad3dd1785f5738d78b870054b66 Mon Sep 17 00:00:00 2001
From: CDaut <git@cdaut.de>
Date: Thu, 30 Oct 2025 11:57:07 +0100
Subject: [PATCH 1/2] jumphost for infra

---
 configuration.nix | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/configuration.nix b/configuration.nix
index 81b73b2..6a43dab 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -81,6 +81,20 @@
   };
 
 
+  # Jumphost for deployment on infra
+  programs.ssh = {
+    extraConfig = "
+      Host jumphost
+              hostname infra.cdaut.de
+              user clara
+      
+      Host internal
+              hostname 10.0.0.0/16
+              user clara
+              proxyJump jumphost
+    ";
+  };
+
   services.gvfs.enable = true;
 
   # VPN services

From 946fb56e4921ff24476e6c99ac4be7399cda6b2e Mon Sep 17 00:00:00 2001
From: CDaut <git@cdaut.de>
Date: Thu, 30 Oct 2025 12:22:07 +0100
Subject: [PATCH 2/2] moved ssh config to home manager

---
 configuration.nix | 15 ---------------
 home.nix          | 29 +++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 15 deletions(-)

diff --git a/configuration.nix b/configuration.nix
index 6a43dab..e5b6c26 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -80,21 +80,6 @@
     dnsovertls = "true";
   };
 
-
-  # Jumphost for deployment on infra
-  programs.ssh = {
-    extraConfig = "
-      Host jumphost
-              hostname infra.cdaut.de
-              user clara
-      
-      Host internal
-              hostname 10.0.0.0/16
-              user clara
-              proxyJump jumphost
-    ";
-  };
-
   services.gvfs.enable = true;
 
   # VPN services
diff --git a/home.nix b/home.nix
index 3209cef..fe80b53 100644
--- a/home.nix
+++ b/home.nix
@@ -120,6 +120,35 @@ in
     sway-contrib.grimshot
   ]);
 
+  # Jumphost for deployment on infra
+  programs.ssh = {
+    enable = true;
+    enableDefaultConfig = false;
+    matchBlocks = {
+    "infra.cdaut.de" = {
+      hostname = "infra.cdaut.de";
+      user = "clara";
+      forwardAgent = true;
+    };
+    
+    "10.0.0.2" = {
+      hostname = "10.0.0.2";
+      proxyJump = "infra.cdaut.de";
+    };
+    "*" = {
+      forwardAgent = true;
+      addKeysToAgent = "no";
+      compression = false;
+      serverAliveInterval = 0;
+      serverAliveCountMax = 3;
+      hashKnownHosts = false;
+      userKnownHostsFile = "~/.ssh/known_hosts";
+      controlMaster = "no";
+      controlPath = "~/.ssh/master-%r@%n:%p";
+      controlPersist = "no";
+    };
+    };
+  };
 
 
   fonts.fontconfig.enable = true;