nix: Add GPG and SSH agent

This commit is contained in:
Geoffrey Frogeye 2023-11-08 12:23:30 +01:00
parent 77eef949b6
commit 87f5b30995
Signed by: geoffrey
GPG key ID: C72403E7F82E6AD8
3 changed files with 13 additions and 48 deletions

View file

@ -48,6 +48,7 @@ in
alias la="_colored_ls -a" alias la="_colored_ls -a"
'' ''
] ++ map (d: "mkdir -p ${d}") (builtins.attrValues direnv)); ] ++ map (d: "mkdir -p ${d}") (builtins.attrValues direnv));
# TODO Those directory creations should probably done on home-manager activation
commonSessionVariables = { commonSessionVariables = {
TIME_STYLE = "+%Y-%m-%d %H:%M:%S"; TIME_STYLE = "+%Y-%m-%d %H:%M:%S";
# Less colors # Less colors
@ -185,6 +186,17 @@ in
}; };
less.enable = true; less.enable = true;
}; };
services = {
gpg-agent = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableSshSupport = true;
pinentryFlavor = "gtk2"; # Falls back to curses when needed
sshKeys = ["72A5F2913026776593947CF00DFF330E820E731D"]; # TODO This seems to prevent other keys from being added?
# FIXME For g extension, as base is not supposed to have private keys
};
};
home = { home = {
stateVersion = "23.05"; stateVersion = "23.05";
language = { language = {
@ -278,7 +290,7 @@ in
} // direnv // { } // direnv // {
BOOT9_PATH = "${config.xdg.dataHome}/citra-emu/sysdata/boot9.bin"; BOOT9_PATH = "${config.xdg.dataHome}/citra-emu/sysdata/boot9.bin";
CCACHE_CONFIGPATH = "${config.xdg.configHome}/ccache.conf"; CCACHE_CONFIGPATH = "${config.xdg.configHome}/ccache.conf";
INPUTRC = "${config.xdg.configHome}/inputrc"; # INPUTRC = "${config.xdg.configHome}/inputrc"; # UPST Will use programs.readline, but doesn't allow path setting
LESSHISTFILE = "${config.xdg.stateHome}/lesshst"; LESSHISTFILE = "${config.xdg.stateHome}/lesshst";
NODE_REPL_HISTORY = "${config.xdg.cacheHome}/node_repl_history"; NODE_REPL_HISTORY = "${config.xdg.cacheHome}/node_repl_history";
PYTHONSTARTUP = "${config.xdg.configHome}/pythonstartup.py"; PYTHONSTARTUP = "${config.xdg.configHome}/pythonstartup.py";

View file

@ -4,44 +4,5 @@
# Shell common environment variables and functions (BusyBox compatible) # Shell common environment variables and functions (BusyBox compatible)
# #
# Favourite commands
# And for the rest, see aliases # And for the rest, see aliases
direnv JUNKHOME "$HOME/.cache/junkhome" direnv JUNKHOME "$HOME/.cache/junkhome"
# SSH Agent
# If GPG agent is configured for SSH
if grep -q ^enable-ssh-support$ $GNUPGHOME/gpg-agent.conf 2> /dev/null
then
# Load GPG agent
unset SSH_AGENT_PID
if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
fi
else
# Start regular SSH agent if not already started
SSH_ENV="$HOME/.ssh/agent"
start_agent() {
ssh-agent > "${SSH_ENV}"
chmod 600 "${SSH_ENV}"
. "${SSH_ENV}" > /dev/null
}
if [ -f "${SSH_ENV}" ]
then
. "${SSH_ENV}" > /dev/null
if [ ! -d "/proc/${SSH_AGENT_PID}" ] || [ "$(cat "/proc/${SSH_AGENT_PID}/comm")" != "ssh-agent" ]
then
start_agent
fi
else
start_agent
fi
fi
# TODO Service sytem that works without systemd,
# and can stop processes on logout

View file

@ -100,13 +100,5 @@ unset _i_prefer
# trysource ~/.local/bin/colorSchemeApply # trysource ~/.local/bin/colorSchemeApply
# Needed because xterm/urxvt won't use the last color, needed for vim # Needed because xterm/urxvt won't use the last color, needed for vim
## GPG
# Makes the last open terminal the ones that receives the pinentry message (if
# not run from a terminal with DESKTOP)
# TODO Only run if gpg-agent is started?
# TODO Make a command out of this for easy management (and maybe remove the below)
export GPG_TTY=$(tty)
gpg-connect-agent updatestartuptty /bye >/dev/null
## EXTENSIONS ## EXTENSIONS
trysource ~/.config/shell/extrc trysource ~/.config/shell/extrc