ssh config

2026-04-15 10:05:17 +00:00 · 2026-03-29 14:32:56 -04:00 · 2026-03-29 14:32:56 -04:00 · 0e6d9a341a
commit 0e6d9a341a
parent 9d9df025d6
5 changed files with 54 additions and 33 deletions
--- a/flake.lock
+++ b/flake.lock
@ -8,8 +8,8 @@
        ]
      },
      "locked": {
-        "lastModified": 1774656030,
-        "narHash": "sha256-9wurVeFSma2w1sFb/ybWKORCWH+TZRuBmE5k+czKLxk=",
+        "lastModified": 1774760219,
+        "narHash": "sha256-FDFj3u5KSiT0Ak6TMpn4ajk9mSlijOq7OoqVet6ATEI=",
        "path": "/Users/rathi/Documents/GitHub/companion/agentcomputer/apps/cli",
        "type": "path"
      },
--- a/home/common.nix
+++ b/home/common.nix
@ -15,6 +15,7 @@
    ./nvim.nix
    ./skills.nix
    ./scripts.nix
+    ./ssh.nix
    ./tmux.nix
    ./zsh.nix
  ];
--- a/home/ssh.nix
+++ b/home/ssh.nix
@ -0,0 +1,40 @@
+{...}: {
+  programs.ssh = {
+    enable = true;
+    enableDefaultConfig = false;
+
+    includes = [
+      "/Users/rathi/.config/colima/ssh_config"
+    ];
+
+    matchBlocks = {
+      aurelius = {
+        hostname = "100.71.160.102";
+        user = "nixos";
+        identityFile = "~/.ssh/id_ed25519";
+      };
+
+      netty = {
+        hostname = "152.53.195.59";
+        user = "rathi";
+        identityFile = "~/.ssh/id_ed25519";
+      };
+
+      "agentcomputer.ai" = {
+        hostname = "ssh.agentcomputer.ai";
+        port = 443;
+        user = "agentcomputer";
+        identityFile = "~/.ssh/id_ed25519";
+        identitiesOnly = true;
+        serverAliveInterval = 30;
+        serverAliveCountMax = 4;
+      };
+
+      "*" = {
+        setEnv = {
+          TERM = "xterm-256color";
+        };
+      };
+    };
+  };
+}
--- a/hosts/linux/configuration.nix
+++ b/hosts/linux/configuration.nix
@ -22,7 +22,7 @@ in {
  };

  networking = {
-    hostName = "rathi-vps";
+    hostName = "netty";
    useDHCP = true;
    firewall.allowedTCPPorts = [22 80 443];
  };
--- a/scripts/restore-bw-files.sh
+++ b/scripts/restore-bw-files.sh
@ -115,46 +115,26 @@ restore_gcloud_adc() {
 restore_ssh_key() {
  local item_name="$1"
  local rel_path="$2"
-  local note
+  local item_json
  local private_key
  local public_key

-  note="$(read_note "${item_name}")"
+  item_json="$(bw list items --session "${BW_SESSION}" | jq -r --arg n "${item_name}" '.[] | select(.name == $n)')"
+  if [[ -z "${item_json}" ]]; then
+    echo "Bitwarden item not found: ${item_name}" >&2
+    exit 1
+  fi

-  private_key="$(
-    printf '%s\n' "${note}" | awk '
-      BEGIN {section="p"; started=0}
-      /^path=/ {next}
-      started==0 && /^$/ {started=1; next}
-      started==1 && /^public_key:$/ {section="u"; next}
-      started==1 && section=="p" {print}
-    '
-  )"
-
-  public_key="$(
-    printf '%s\n' "${note}" | awk '
-      BEGIN {capture=0}
-      /^public_key:$/ {capture=1; next}
-      capture==1 {print}
-    '
-  )"
+  private_key="$(printf '%s' "${item_json}" | jq -r '.sshKey.privateKey')"
+  public_key="$(printf '%s' "${item_json}" | jq -r '.sshKey.publicKey')"

  write_file "${HOME}/.ssh/${rel_path}" 600 "${private_key}"
-  if [[ -n "${public_key}" ]]; then
+  if [[ -n "${public_key}" && "${public_key}" != "null" ]]; then
    write_file "${HOME}/.ssh/${rel_path}.pub" 644 "${public_key}"
  fi
 }

-restore_plain_note 'Machine: SSH Config' "${HOME}/.ssh/config" 600
-restore_plain_note 'Machine: SSH CSB Config' "${HOME}/.ssh/csb/config" 600
-
-restore_ssh_key 'Machine: SSH Key atlas-ssh.txt' 'atlas-ssh.txt'
-restore_ssh_key 'Machine: SSH Key csb_id_rsa_5m2zg4' 'csb/csb_id_rsa_5m2zg4'
-restore_ssh_key 'Machine: SSH Key google_compute_engine' 'google_compute_engine'
-restore_ssh_key 'Machine: SSH Key id_ed25519' 'id_ed25519'
-restore_ssh_key 'Machine: SSH Key id_ed25519_uvacompute' 'id_ed25519_uvacompute'
-restore_ssh_key 'Machine: SSH Key id_rsa_1024' 'id_rsa_1024'
-restore_ssh_key 'Machine: SSH Key phinsta_ciuser' 'phinsta_ciuser'
+restore_ssh_key 'SSH Key - id_ed25519' 'id_ed25519'

 restore_aws_credentials
 restore_gcloud_adc