add support for managed knownHostsLines

modules/home/default/default.nix

@@ -97,6 +97,14 @@ in {
       };
     })
   ] ++ (lib.optionals hostPlatform.isDarwin [ ./darwin ]);
+  options = {
+    davids.ssh.enable = mkEnableOption "SSH goodies";
+    davids.ssh.knownHostsLines = with types; mkOption {
+      description = "Managed known_host file lines";
+      type = lines;
+      default = "";
+    };
+  };
   config = {
     home = {
       packages = lists.flatten [ adm av net files dev nix ];
@@ -107,6 +115,9 @@ in {
         EDITOR = "vim";
         LANG = "en_US.UTF-8";
       };
+      file.".ssh/davids.known_hosts" = mkIf config.davids.ssh.enable {
+        text = config.davids.ssh.knownHostsLines;
+      };
     };
     programs = {
       vim = {
@@ -133,10 +144,13 @@ in {
         nix-direnv.enable = true;
       };
 
-      ssh = {
+      ssh = mkIf config.davids.ssh.enable {
         enable = true;
         # Unmanaged local overrides
         includes = [ "~/.local/share/ssh/config" ];
+
+        # default ~/.ssh/known_hosts is unmanaged. ~/.ssh/davids.known_hosts is managed by this module
+        userKnownHostsFile = "~/.ssh/known_hosts ~/.ssh/davids.known_hosts";
       };
 
       bash = {

users/davidszakallas/default.nix

@@ -29,5 +29,6 @@
     davids.k8stools.enable = true;
     davids.emacs.enable = true;
     davids.jupiter.enable = true;
+    davids.ssh.enable = true;
   };
 }

users/dszakallas/default.nix

@@ -30,5 +30,6 @@
     davids.k8stools.enable = true;
     davids.emacs.enable = true;
     davids.pure.enable = true;
+    davids.ssh.enable = true;
   };
 }