From 4d7e0d23aa7eecac9a81b37142db9ada08ff73d3 Mon Sep 17 00:00:00 2001
From: Nikolaos Karaolidis <nick@karaolidis.com>
Date: Mon, 10 Mar 2025 09:43:15 +0000
Subject: [PATCH] Add sas private build flag

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
---
 hosts/elara/configs/git/default.nix            | 18 +++++++++++++-----
 hosts/elara/default.nix                        |  4 ++++
 hosts/elara/options.nix                        |  9 +++++++++
 .../nikara/configs/console/git/default.nix     | 14 +++++++++-----
 .../nikara/configs/console/ssh/default.nix     |  5 ++++-
 5 files changed, 39 insertions(+), 11 deletions(-)
 create mode 100644 hosts/elara/options.nix

diff --git a/hosts/elara/configs/git/default.nix b/hosts/elara/configs/git/default.nix
index 894ee2a..e6bbb82 100644
--- a/hosts/elara/configs/git/default.nix
+++ b/hosts/elara/configs/git/default.nix
@@ -1,4 +1,10 @@
-{ inputs, system, ... }:
+{
+  config,
+  inputs,
+  system,
+  lib,
+  ...
+}:
 let
   selfPkgs = inputs.self.packages.${system};
 in
@@ -22,9 +28,11 @@ in
         IdentityFile /root/.ssh/ssh_sas_ed25519_key
     '';
 
-    knownHostsFiles = with selfPkgs; [
-      ssh-known-hosts-github
-      ssh-known-hosts-sas-gitlab
-    ];
+    knownHostsFiles =
+      with selfPkgs;
+      (
+        [ ssh-known-hosts-github ]
+        ++ lib.lists.optionals config.sas.build.private [ ssh-known-hosts-sas-gitlab ]
+      );
   };
 }
diff --git a/hosts/elara/default.nix b/hosts/elara/default.nix
index 946c085..a517bd1 100644
--- a/hosts/elara/default.nix
+++ b/hosts/elara/default.nix
@@ -1,6 +1,8 @@
 { config, inputs, ... }:
 {
   imports = [
+    ./options.nix
+
     inputs.disko.nixosModules.disko
     ./format.nix
 
@@ -51,6 +53,8 @@
     ./users/nikara
   ];
 
+  sas.build.private = true;
+
   networking.hostName = "elara";
   i18n.defaultLocale = "en_US.UTF-8";
   sops.defaultSopsFile = ./secrets/secrets.yaml;
diff --git a/hosts/elara/options.nix b/hosts/elara/options.nix
new file mode 100644
index 0000000..f1b7a78
--- /dev/null
+++ b/hosts/elara/options.nix
@@ -0,0 +1,9 @@
+{ lib, ... }:
+with lib;
+{
+  options.sas.build.private = mkOption {
+    type = types.bool;
+    description = "Whether to build private SAS derivations (must be connected to the company VPN).";
+    default = false;
+  };
+}
diff --git a/hosts/elara/users/nikara/configs/console/git/default.nix b/hosts/elara/users/nikara/configs/console/git/default.nix
index d3163e4..503a632 100644
--- a/hosts/elara/users/nikara/configs/console/git/default.nix
+++ b/hosts/elara/users/nikara/configs/console/git/default.nix
@@ -86,11 +86,15 @@ in
           };
         };
 
-        userKnownHostsFiles = with selfPkgs; [
-          ssh-known-hosts-github
-          ssh-known-hosts-sas-gitlab
-          ssh-known-hosts-sas-gerrit
-        ];
+        userKnownHostsFiles =
+          with selfPkgs;
+          (
+            [ ssh-known-hosts-github ]
+            ++ lib.lists.optionals config.sas.build.private [
+              ssh-known-hosts-sas-gitlab
+              ssh-known-hosts-sas-gerrit
+            ]
+          );
       };
     };
   };
diff --git a/hosts/elara/users/nikara/configs/console/ssh/default.nix b/hosts/elara/users/nikara/configs/console/ssh/default.nix
index cc8243f..3db90fa 100644
--- a/hosts/elara/users/nikara/configs/console/ssh/default.nix
+++ b/hosts/elara/users/nikara/configs/console/ssh/default.nix
@@ -6,6 +6,7 @@
   config,
   inputs,
   system,
+  lib,
   ...
 }:
 let
@@ -48,7 +49,9 @@ in
           };
         };
 
-        userKnownHostsFiles = with selfPkgs; [ ssh-known-hosts-sas-cldlgn ];
+        userKnownHostsFiles =
+          with selfPkgs;
+          lib.lists.optionals config.sas.build.private [ ssh-known-hosts-sas-cldlgn ];
       };
 
       clipbook.bookmarks = {