From c6eaf34e6a4e1e1e3b316b3edaa4ba39e3451ab8 Mon Sep 17 00:00:00 2001
From: Robby Zambito <contact@robbyzambito.me>
Date: Sun, 5 Apr 2026 19:57:28 -0400
Subject: refactor(config/ssh): extract SSH configuration into dedicated module
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Move SSH host definitions and authorized keys from home.scm into
config/ssh.scm following the Guix service record pattern.

Exports:
- ssh-hosts: openssh-host records for static hosts and dynamically
  generated Red Team Kali VMs (2 VCEs × 10 VMs each)
- ssh-authorized-keys: Imported from secrets.scm

Integrate into home.scm via renamed exports (rz/ssh-hosts,
rz/ssh-authorized-keys) consumed by home-openssh-service-type.

Files changed:
- config/ssh.scm: new module with SSH configuration
- home.scm: removed inline SSH block, added module imports
---
 home.scm | 94 +++-------------------------------------------------------------
 1 file changed, 4 insertions(+), 90 deletions(-)

(limited to 'home.scm')

diff --git a/home.scm b/home.scm
index 104f616..df44f69 100644
--- a/home.scm
+++ b/home.scm
@@ -44,6 +44,8 @@
 	(config foot)
 	(rename (config git) (git-config rz/git-config))
 	(rename (config emacs) (emacs-config rz/emacs-config))
+	(rename (config ssh) (ssh-hosts rz/ssh-hosts)
+		(ssh-authorized-keys rz/ssh-authorized-keys))
 
 	(ini))
 
@@ -60,32 +62,6 @@
 
 (define log-dir (or (getenv "XDG_LOG_HOME") "/home/robby/.local/var/log"))
 
-(define (generate-openssh-hosts num-vces num-vms-per-vce)
-  ;; Generate all VCE numbers from 1 to num-vces
-  (let ((vce-numbers (iota num-vces 1))
-        (vm-numbers (iota num-vms-per-vce 1)))
-    ;; For each VCE, generate configurations for all VMs
-    (append-map
-     (lambda (vce-num)
-       ;; For each VM number, create a configuration
-       (map
-        (lambda (vm-num)
-          (openssh-host (name (string-append "rt-vce" (number->string vce-num) 
-                                             "-kali" (number->string vm-num)))
-                        (user "redteam")
-                        (host-name (string-append "172.18.6." (number->string (+ 60 vm-num))))
-                        (identity-file "/home/robby/.ssh/redteam_key")
-                        (proxy (list
-                                (proxy-jump (host-name (string-append "vce" (number->string vce-num))))))
-                        (extra-content
-                         (string-append "  DynamicForward 8888\n"
-                                        "  StrictHostKeyChecking no\n"
-                                        "  UserKnownHostsFile=/dev/null"))))
-        vm-numbers))
-     vce-numbers)))
-
-(define redteam-kali-vms (generate-openssh-hosts 2 10))
-
 (home-environment
  ;; Below is the list of packages that will show up in your
  ;; Home profile, under ~/.guix-home/profile.
@@ -204,70 +180,8 @@
 			  ("MOZ_ENABLE_WAYLAND" . "1")))
 	(service home-openssh-service-type
 		 (home-openssh-configuration
-		  (hosts
-		   (append (list (openssh-host (name "not-a-pi")
-					       (host-name "10.69.0.1"))
-				 (openssh-host (name "zoinks")
-					       (host-name "zoinks.one"))
-				 (openssh-host (name "lowell-makes")
-					       (host-name "96.81.79.90")
-					       (port 1122))
-				 (openssh-host (name "lowell-makes-cameo2")
-					       (host-name "cameo2")
-					       (port 22)
-					       (proxy (list
-						       (proxy-jump (host-name "lowell-makes")))))
-				 (openssh-host (name "lowell-makes-cameo")
-					       (host-name "cameo")
-					       (port 22)
-					       (proxy (list
-						       (proxy-jump (host-name "lowell-makes")))))
-				 (openssh-host (name "lowell-makes-mogan")
-					       (host-name "mogan")
-					       (port 22)
-					       (proxy (list
-						       (proxy-jump (host-name "lowell-makes")))))
-				 (openssh-host (name "bustelo")
-					       (host-name "10.5.10.187")
-					       (port 22)
-					       (proxy (list
-						       (proxy-jump (host-name "lowell-makes")))))
-				 (openssh-host (name "moja")
-					       (host-name "45.77.97.44"))
-				 (openssh-host (name "babel")
-					       (host-name "10.80.80.162"))
-				 (openssh-host (name "alpha.apex")
-					       (host-name "149.28.47.99"))
-				 (openssh-host (name "cnyhackathon-jump")
-					       (host-name "vce.cnyhackathon.org")
-					       (user "rz")
-					       (port 2210)
-					       (extra-content
-						(string-append " DynamicForward 8888\n")))
-				 (openssh-host (name "kali")
-					       (user "redteam")
-					       (host-name (string-append "172.18.6." (number->string (+ 60 7))))
-					       (identity-file "/home/robby/.ssh/redteam_key")
-					       (proxy (list
-						       (proxy-jump (host-name "cnyhackathon-jump"))))
-					       (extra-content
-						(string-append "  DynamicForward 8888\n"
-							       "  StrictHostKeyChecking no\n"
-							       "  UserKnownHostsFile=/dev/null")))
-				 (openssh-host (name "vce1")
-					       (host-name "vce1.ncaecybergames.org")
-					       (user "rz")
-					       (port 2210)
-					       (extra-content
-						(string-append "  DynamicForward 8888\n")))
-				 (openssh-host (name "vce2")
-					       (host-name "vce2.ncaecybergames.org")
-					       (user "rz")
-					       (port 2210)
-					       (extra-content
-						(string-append "  DynamicForward 8888\n"))))
-			   redteam-kali-vms))
-		  (authorized-keys (cdr (assq 'ssh-authorized-keys secrets)))))
+		  (hosts rz/ssh-hosts)
+		  (authorized-keys rz/ssh-authorized-keys)))
 	;; (simple-service 'variant-packages-service
 	;; 		home-channels-service-type
 	;; 		(cons*
-- 
cgit