From 7103a257ce15afcaf03c636ae783f2a12b7a8fea Mon Sep 17 00:00:00 2001
From: Julien Moutinho <julm+julm-nix@sourcephile.fr>
Date: Sun, 7 Sep 2025 01:32:21 +0200
Subject: [PATCH] julm: ssh: manage keys imperatively

---
 homes/julm.nix | 70 +++++++++++++++++++-------------------------------
 1 file changed, 26 insertions(+), 44 deletions(-)

diff --git a/homes/julm.nix b/homes/julm.nix
index 8ccf8b2..23ac7e5 100644
--- a/homes/julm.nix
+++ b/homes/julm.nix
@@ -88,25 +88,8 @@
     # julm@sourcephile.fr (2021-08-12)
     trusted-key 0xA58CD81C3863926F
   '';
-  services.gpg-agent.sshKeys = [
-    # julm@autogeree.net
-    "D275EBA09C7E1FFBFB47F6EEF164E6D56FB24AB2"
-    # julm@sourcephile.fr (2021-08-12)
-    "3D94D14514F1EA2B6D62F1275D888897B082415D"
-    # julm@oignon
-    # Ed25519 key added on: 2021-10-31 06:48:49
-    # Fingerprints:  MD5:fe:fe:81:79:d8:7f:e4:ff:64:ac:f3:1c:bd:65:24:3a
-    #                SHA256:bCfwfC8MQTjm6c1HcMLtzvGpnWRdqLwe/bvbh2jsNaA
-    "F6CCA60CF05FADAE911CFBEC0BCDED22F40A19FD"
-    # Radicle key added on 2024-05-21 23:24:10
-    # Fingerprints:  SHA256:yhSIWvGFqN0oM/oTE1hMhEdhlSSEeCMcp/g/3TdNKYY
-    "1D6AF2BF857201D98413475AE022F8A4CFC34BF0"
-    # julm@pumpkin
-    # Ed25519 key added on: 2025-01-08 21:16:22
-    # Fingerprints:  MD5:f5:d0:fe:37:c3:54:47:cf:17:ec:9b:f5:15:3e:b3:15
-    #                SHA256:EDzxI3g1w+iPf1WUovsbuZckU/tseEGVdXmkGYcvhas
-    "C399CC38D6AACFF9FD1BF608AFC4D117A46331D0"
-  ];
+  # ExplanationNote: manage SSH keys imperatively for more flexibility
+  #services.gpg-agent.sshKeys = [ ];
   programs.irssi.extraConfig = lib.readFile julm/irssi/irssi.conf;
   xdg.configFile."doom/config.el".text = lib.readFile julm/emacs/config.el;
   home.file.".irssi/passwd" = lib.mkIf config.programs.irssi.enable {
@@ -119,34 +102,33 @@
       ToileLibre : ${pkgs.pass}/bin/pass toile-libre.org/irc/julm
     '';
   };
-  programs.ssh.matchBlocks =
-    {
-      "aubergine.sp" = {
-        #compression = true; # Helps to get a better framerate with forwardX11
-        forwardAgent = true;
-        forwardX11 = true;
-        forwardX11Trusted = true;
-        serverAliveInterval = 15;
-        extraOptions = {
-          Ciphers = "aes128-gcm@openssh.com";
-        };
-      };
-      "blackberry.sp" = {
-        user = "julm";
-      };
-      "courge.sp" = {
-        user = "mo";
-      };
-      "patate.sp" = {
-        user = "sevy";
-      };
-    }
-    // lib.genAttrs [ "lan.losurdo.sourcephile.fr" "losurdo.sp" ] (_: {
-      compression = true; # Helps to get a better framerate with forwardX11
+  programs.ssh.matchBlocks = {
+    "aubergine.sp" = {
+      #compression = true; # Helps to get a better framerate with forwardX11
+      forwardAgent = true;
       forwardX11 = true;
       forwardX11Trusted = true;
       serverAliveInterval = 15;
-    });
+      extraOptions = {
+        Ciphers = "aes128-gcm@openssh.com";
+      };
+    };
+    "blackberry.sp" = {
+      user = "julm";
+    };
+    "courge.sp" = {
+      user = "mo";
+    };
+    "patate.sp" = {
+      user = "sevy";
+    };
+  }
+  // lib.genAttrs [ "lan.losurdo.sourcephile.fr" "losurdo.sp" ] (_: {
+    compression = true; # Helps to get a better framerate with forwardX11
+    forwardX11 = true;
+    forwardX11Trusted = true;
+    serverAliveInterval = 15;
+  });
   programs.git = {
     userName = "Julien Moutinho";
     userEmail = "julm@sourcephile.fr";
-- 
2.47.2