Add nice SSH config for esrf machines

Also remove unused netrc config
2022-02-06 21:41:26 +01:00 · 2022-02-06 21:41:26 +01:00 · 09976d2967
commit 09976d2967
parent f645553b0d
1 changed files with 21 additions and 62 deletions
--- a/config.org
+++ b/config.org
@ -2,38 +2,41 @@
 #+SETUPFILE: ./setup/org-setup-file.org

 * SSH
-:PROPERTIES:
-:header-args: :tangle ~/.ssh/config
-:header-args+: :comments none :mkdirp yes
-:END:
-
-#+begin_src conf :noweb yes
+#+begin_src conf :noweb yes :tangle ~/.ssh/config :comments none :mkdirp yes
 AddKeysToAgent  yes

+Host *
+   ControlMaster auto
+   ControlPath ~/.ssh/master-%r@%h:%p.socket
+
 Host homelab
    hostname <<get-password(passname="ip/homelab")>>
    Port 22
    user thomas
    IdentityFile ~/.ssh/id_rsa

-Host router
-    hostname 192.168.1.1
-    Port 22
-    user root
+Host *.esrf.fr
+    User dehaeze
    IdentityFile ~/.ssh/id_rsa

-Host smarttv
-    hostname 192.168.1.73
-    Port 22
-    user thomas
-    IdentityFile ~/.ssh/id_rsa
+Host firewall.esrf.fr
+    Port 5022
+    Compression yes

-Host oneplus
-    hostname 192.168.1.101
-    Port 8022
+Match host *.esrf.fr !host firewall.esrf.fr !exec "~/.ssh/esrf-test"
+    ProxyJump firewall.esrf.fr
+
+
+Host rnice
+    Port 22
+    user dehaeze
    IdentityFile ~/.ssh/id_rsa
 #+end_src

+#+begin_src bash :tangle ~/.ssh/esrf-test :comments none :mkdirp yes :shebang "#!/usr/bin/env bash" :tangle-mode (identity #o555)
+test -n "$(timeout 1s dig +short proxy.esrf.fr.)"
+#+end_src
+
 * Font
 :PROPERTIES:
 :header-args: :tangle ~/.config/fontconfig/fonts.conf
@ -721,51 +724,7 @@ include "/usr/share/X11/locale/en_US.UTF-8/Compose"
 It is very important that =~/.netrc= as =600= permissions.

 #+begin_src conf :comments none :mkdirp yes :noweb yes :tangle ~/.netrc :tangle-mode (identity #o600)
-machine traefik.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="traefik.tdehaeze.xyz/tdehaeze")>>
-
-machine portainer.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="portainer.tdehaeze.xyz/tdehaeze")>>
-
-machine cloud.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="cloud.tdehaeze.xyz/tdehaeze")>>
-
-machine syncthing.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="syncthing.tdehaeze.xyz/tdehaeze")>>
-
 machine torrent.tdehaeze.xyz
 login tdehaeze
 password <<get-password(passname="nas/transmission")>>
-
-machine dl.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="dl.tdehaeze.xyz/tdehaeze")>>
-
-machine deemix.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="deemix.tdehaeze.xyz/tdehaeze")>>
-
-machine octoprint.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="octoprint.tdehaeze.xyz/tdehaeze")>>
-
-machine adguardhome.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="adguardhome.tdehaeze.xyz/tdehaeze")>>
-
-machine qobuz.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="qobuz.tdehaeze.xyz/tdehaeze")>>
-
-machine down.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="down.tdehaeze.xyz/tdehaeze")>>
-
-machine joal.tdehaeze.xyz
-login tdehaeze
-password <<get-password(passname="joal.tdehaeze.xyz/tdehaeze")>>
 #+end_src