nix: Add GPG and SSH agent
This commit is contained in:
parent
77eef949b6
commit
87f5b30995
|
@ -48,6 +48,7 @@ in
|
|||
alias la="_colored_ls -a"
|
||||
''
|
||||
] ++ map (d: "mkdir -p ${d}") (builtins.attrValues direnv));
|
||||
# TODO Those directory creations should probably done on home-manager activation
|
||||
commonSessionVariables = {
|
||||
TIME_STYLE = "+%Y-%m-%d %H:%M:%S";
|
||||
# Less colors
|
||||
|
@ -185,6 +186,17 @@ in
|
|||
};
|
||||
less.enable = true;
|
||||
};
|
||||
services = {
|
||||
gpg-agent = {
|
||||
enable = true;
|
||||
enableBashIntegration = true;
|
||||
enableZshIntegration = true;
|
||||
enableSshSupport = true;
|
||||
pinentryFlavor = "gtk2"; # Falls back to curses when needed
|
||||
sshKeys = ["72A5F2913026776593947CF00DFF330E820E731D"]; # TODO This seems to prevent other keys from being added?
|
||||
# FIXME For g extension, as base is not supposed to have private keys
|
||||
};
|
||||
};
|
||||
home = {
|
||||
stateVersion = "23.05";
|
||||
language = {
|
||||
|
@ -278,7 +290,7 @@ in
|
|||
} // direnv // {
|
||||
BOOT9_PATH = "${config.xdg.dataHome}/citra-emu/sysdata/boot9.bin";
|
||||
CCACHE_CONFIGPATH = "${config.xdg.configHome}/ccache.conf";
|
||||
INPUTRC = "${config.xdg.configHome}/inputrc";
|
||||
# INPUTRC = "${config.xdg.configHome}/inputrc"; # UPST Will use programs.readline, but doesn't allow path setting
|
||||
LESSHISTFILE = "${config.xdg.stateHome}/lesshst";
|
||||
NODE_REPL_HISTORY = "${config.xdg.cacheHome}/node_repl_history";
|
||||
PYTHONSTARTUP = "${config.xdg.configHome}/pythonstartup.py";
|
||||
|
|
|
@ -4,44 +4,5 @@
|
|||
# Shell common environment variables and functions (BusyBox compatible)
|
||||
#
|
||||
|
||||
# Favourite commands
|
||||
|
||||
# And for the rest, see aliases
|
||||
direnv JUNKHOME "$HOME/.cache/junkhome"
|
||||
|
||||
# SSH Agent
|
||||
|
||||
|
||||
# If GPG agent is configured for SSH
|
||||
if grep -q ^enable-ssh-support$ $GNUPGHOME/gpg-agent.conf 2> /dev/null
|
||||
then
|
||||
# Load GPG agent
|
||||
unset SSH_AGENT_PID
|
||||
if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
|
||||
export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
||||
fi
|
||||
|
||||
else
|
||||
# Start regular SSH agent if not already started
|
||||
SSH_ENV="$HOME/.ssh/agent"
|
||||
|
||||
start_agent() {
|
||||
ssh-agent > "${SSH_ENV}"
|
||||
chmod 600 "${SSH_ENV}"
|
||||
. "${SSH_ENV}" > /dev/null
|
||||
}
|
||||
|
||||
if [ -f "${SSH_ENV}" ]
|
||||
then
|
||||
. "${SSH_ENV}" > /dev/null
|
||||
if [ ! -d "/proc/${SSH_AGENT_PID}" ] || [ "$(cat "/proc/${SSH_AGENT_PID}/comm")" != "ssh-agent" ]
|
||||
then
|
||||
start_agent
|
||||
fi
|
||||
else
|
||||
start_agent
|
||||
fi
|
||||
fi
|
||||
|
||||
# TODO Service sytem that works without systemd,
|
||||
# and can stop processes on logout
|
||||
|
|
|
@ -100,13 +100,5 @@ unset _i_prefer
|
|||
# trysource ~/.local/bin/colorSchemeApply
|
||||
# Needed because xterm/urxvt won't use the last color, needed for vim
|
||||
|
||||
## GPG
|
||||
# Makes the last open terminal the ones that receives the pinentry message (if
|
||||
# not run from a terminal with DESKTOP)
|
||||
# TODO Only run if gpg-agent is started?
|
||||
# TODO Make a command out of this for easy management (and maybe remove the below)
|
||||
export GPG_TTY=$(tty)
|
||||
gpg-connect-agent updatestartuptty /bye >/dev/null
|
||||
|
||||
## EXTENSIONS
|
||||
trysource ~/.config/shell/extrc
|
||||
|
|
Loading…
Reference in a new issue