From e0df153079b759f67b17ed1508dba53a51c231ef Mon Sep 17 00:00:00 2001
From: Sridhar Ratnakumar <srid@srid.ca>
Date: Thu, 20 Nov 2025 14:08:04 -0500
Subject: [PATCH] identityFile not required

---
 modules/home/all/juspay.nix | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/modules/home/all/juspay.nix b/modules/home/all/juspay.nix
index 2e4a5b2..26317b4 100644
--- a/modules/home/all/juspay.nix
+++ b/modules/home/all/juspay.nix
@@ -13,15 +13,17 @@ in
       type = lib.types.str;
       default = "vanjaram.tail12b27.ts.net";
       description = ''
-        Jump host for Juspay work (used as SSH proxy jump and SOCKS5 tunnel endpoint)
+        Jump host (a machine in Juspay office) used to access Juspay services without VPN.
+        Used as SSH proxy jump for Bitbucket and as SOCKS5 tunnel endpoint.
       '';
     };
 
     identityFile = lib.mkOption {
-      type = lib.types.str;
-      default = "~/.ssh/juspay.pub";
+      type = lib.types.nullOr lib.types.str;
+      default = null;
       description = ''
-        Path to SSH identity file used for authenticating to Juspay's Bitbucket (ssh.bitbucket.juspay.net)
+        Optional path to SSH identity file used for authenticating to Juspay's Bitbucket (ssh.bitbucket.juspay.net).
+        If not specified, SSH will use default authentication methods.
       '';
     };
 
@@ -68,8 +70,7 @@ in
           # through the other machine
           proxyJump = cfg.jumpHost;
 
-          # Download this from 1Password
-          identityFile = cfg.identityFile;
+          identityFile = lib.mkIf (cfg.identityFile != null) cfg.identityFile;
         };
         "${cfg.jumpHost}" = {
           forwardAgent = true;
@@ -90,6 +91,7 @@ in
     };
 
     # SOCKS5 proxy via SSH tunnel to jump host
+    # TODO: Linux systemd service
     launchd.agents.juspay-socks5-proxy = lib.mkIf cfg.socks5Proxy.enable {
       enable = true;
       config = {