From 26384a73ed63d413e3766b2958c9e6bb7b66dd5e Mon Sep 17 00:00:00 2001
From: Ryan Yin <xiaoyin_c@qq.com>
Date: Fri, 16 May 2025 00:28:40 +0800
Subject: [PATCH] refactor(ssh): system-level ssh known_hosts & ssh config

---
 modules/base.nix           | 2 ++
 modules/darwin/ssh.nix     | 4 +---
 modules/nixos/base/ssh.nix | 9 +--------
 3 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/modules/base.nix b/modules/base.nix
index a4674e95..56d492bc 100644
--- a/modules/base.nix
+++ b/modules/base.nix
@@ -85,6 +85,8 @@
     openssh.authorizedKeys.keys = myvars.mainSshAuthorizedKeys;
   };
 
+  programs.ssh = myvars.networking.ssh;
+
   nix.settings = {
     # enable flakes globally
     experimental-features = ["nix-command" "flakes"];
diff --git a/modules/darwin/ssh.nix b/modules/darwin/ssh.nix
index dabf42c7..474300a8 100644
--- a/modules/darwin/ssh.nix
+++ b/modules/darwin/ssh.nix
@@ -1,5 +1,3 @@
-{myvars, ...}: {
+{
   services.openssh.enable = false;
-
-  programs.ssh = myvars.networking.ssh;
 }
diff --git a/modules/nixos/base/ssh.nix b/modules/nixos/base/ssh.nix
index e30bdb7e..ea77050c 100644
--- a/modules/nixos/base/ssh.nix
+++ b/modules/nixos/base/ssh.nix
@@ -1,15 +1,8 @@
-{
-  lib,
-  myvars,
-  ...
-}: {
+{lib, ...}: {
   # networking.firewall.allowedTCPPorts = [ ... ];
   # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
   networking.firewall.enable = lib.mkDefault false;
-
-  programs.ssh = myvars.networking.ssh;
-
   # Enable the OpenSSH daemon.
   services.openssh = {
     enable = true;