Only proxy SSH git remotes via hut in xeon

Other machines like raccoon have direct access. Reviewed-by: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
2024-09-10 15:03:03 +02:00 · 2024-09-10 15:03:03 +02:00 · fb8b4defa7
commit fb8b4defa7
parent 1bcfbf8cd6
3 changed files with 10 additions and 5 deletions
--- a/m/common/base/ssh.nix
+++ b/m/common/base/ssh.nix
@ -13,10 +13,6 @@ in
    Host bscpm02.bsc.es bscpm03.bsc.es bscpm04.bsc.es gitlab-internal.bsc.es alya.gitlab.bsc.es
      User git
      ProxyCommand nc -X connect -x hut:23080 %h %p
-
-    # Connect to BSC machines via hut proxy too
-    Host amdlogin1.bsc.es armlogin1.bsc.es hualogin1.bsc.es glogin1.bsc.es glogin2.bsc.es fpgalogin1.bsc.es
-      ProxyCommand nc -X connect -x hut:23080 %h %p
  '';

  programs.ssh.knownHosts = hostsKeys // {
--- a/m/common/xeon.nix
+++ b/m/common/xeon.nix
@ -2,8 +2,9 @@
  # Provides the base system for a xeon node.
  imports = [
    ./base.nix
-    ./xeon/fs.nix
    ./xeon/console.nix
+    ./xeon/fs.nix
    ./xeon/net.nix
+    ./xeon/ssh.nix
  ];
 }
--- a/m/common/xeon/ssh.nix
+++ b/m/common/xeon/ssh.nix
@ -0,0 +1,8 @@
+{
+  # Connect to intranet git hosts via proxy
+  programs.ssh.extraConfig = ''
+    # Connect to BSC machines via hut proxy too
+    Host amdlogin1.bsc.es armlogin1.bsc.es hualogin1.bsc.es glogin1.bsc.es glogin2.bsc.es fpgalogin1.bsc.es
+      ProxyCommand nc -X connect -x hut:23080 %h %p
+  '';
+}