From d39f5c9752645f913bdaeb51acbc35518be43540 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sun, 16 Mar 2025 17:49:46 +0100
Subject: ...

---
 accounts/gkleen@sif/ssh-hosts.nix | 40 ++++++++++++++++++++-------------------
 1 file changed, 21 insertions(+), 19 deletions(-)

(limited to 'accounts/gkleen@sif/ssh-hosts.nix')

diff --git a/accounts/gkleen@sif/ssh-hosts.nix b/accounts/gkleen@sif/ssh-hosts.nix
index 4ca9e052..871b7350 100644
--- a/accounts/gkleen@sif/ssh-hosts.nix
+++ b/accounts/gkleen@sif/ssh-hosts.nix
@@ -1,5 +1,7 @@
-{ pkgs, ... }:
-{
+{ lib, pkgs, ... }:
+let
+  autosshProxy = port: "${lib.getExe pkgs.socat} - SOCKS4A:127.0.0.1:%h:%p,socksport=${toString port}";
+in {
   "git.ymir" =
     { hostname = "ymir.yggdrasil.li";
       user = "gitolite";
@@ -290,15 +292,15 @@
     };
   "mathw0d" =
     { hostname = "mathw0d.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "mathw0e" =
     { hostname = "mathw0e.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "mathw0f" =
     { hostname = "mathw0f.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "mathw0g" =
     { hostname = "mathw0g.mathinst.loc";
@@ -381,31 +383,31 @@
     };
   "tts-www01" =
     { hostname = "tts-www01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       user = "root";
     };
   "vpn-wg01" =
     { hostname = "vpn-wg01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       user = "root";
     };
   "repo-apt01" =
     { hostname = "repo-apt01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       user = "root";
     };
   "ldap-lmumr01" =
     { hostname = "ldap-lmumr01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       user = "root";
     };
   "mail-mi01" =
     { hostname = "mail-mi01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "mail-www02" =
     { hostname = "mail-www02.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "dpl-fai01" =
     { hostname = "dpl-fai01.mathinst.loc";
@@ -413,7 +415,7 @@
     };
   "math05" =
     { hostname = "math05.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       extraOptions.KexAlgorithms = "+diffie-hellman-group1-sha1";
     };
   "switch01" =
@@ -439,20 +441,20 @@
     };
   "www-mi01" =
     { hostname = "www-mi01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "cip04" =
     { hostname = "cip04.cipmath.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "mgmt-cls01" =
     { user = "root";
       hostname = "mgmt-cls01.cipmath.loc";
-      proxyJump = "ssh.math.lmu.de";
+      proxyCommand = autosshProxy 8118;
     };
   "mgmt01" =
     { hostname = "mgmt01.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
       user = "root";
     };
   "ssh-lb01" =
@@ -471,17 +473,17 @@
   "rdlx02" = { hostname = "rdlx02.mathinst.loc"; proxyJump = "mgmt01"; };
   "math0d" =
     { hostname = "math0d.mathinst.loc";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "dhcp01" =
     { hostname = "dhcp01.mathinst.loc";
       user = "root";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "dhcp02" =
     { hostname = "dhcp02.mathinst.loc";
       user = "root";
-      proxyJump = "mathw0h";
+      proxyCommand = autosshProxy 8122;
     };
   "cc-gpu-l01" =
     { hostname = "cc-gpu-l01.mathinst.loc";
-- 
cgit v1.2.3