From 3227363b37f9a8225331d8feaf8e993ddf9ffefc Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 15 Nov 2022 00:36:30 +0100 Subject: [PATCH 1/2] home: ssh: setup gpg ssh agent socket forwarding --- home/ssh.nix | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/home/ssh.nix b/home/ssh.nix index 4b65ea9..3f80b3b 100644 --- a/home/ssh.nix +++ b/home/ssh.nix @@ -19,10 +19,23 @@ in { programs.ssh = { enable = true; - matchBlocks = { - boreal = {hostname = "boreal.alarsyo.net";}; - poseidon = {hostname = "poseidon.alarsyo.net";}; - pi = { + matchBlocks = let + addGPGAgentForwarding = hostConf: + { + remoteForwards = [ + { + # shhhh this is a path but it works + bind.address = "/run/user/1000/gnupg/S.gpg-agent.ssh"; + host.address = "/run/user/1000/gnupg/S.gpg-agent.ssh"; + } + ]; + } + // hostConf; + in { + boreal = addGPGAgentForwarding {hostname = "boreal.alarsyo.net";}; + hades = addGPGAgentForwarding {hostname = "hades.alarsyo.net";}; + poseidon = addGPGAgentForwarding {hostname = "poseidon.alarsyo.net";}; + pi = addGPGAgentForwarding { hostname = "pi.alarsyo.net"; user = "pi"; }; From 7bd7c0a44fd93bd0cbede4f17a6cf9eb984886a7 Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 15 Nov 2022 00:37:38 +0100 Subject: [PATCH 2/2] home: setup ssh_auth_sock --- home/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/home/default.nix b/home/default.nix index fa7f6ea..4c103a6 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,4 +1,4 @@ -{...}: { +{config, ...}: { imports = [ ./alacritty.nix ./bat.nix @@ -25,7 +25,10 @@ home.username = "alarsyo"; - home.sessionVariables = { + home.sessionVariables = let + gpgPackage = config.programs.gpg.package; + in { BROWSER = "firefox"; + SSH_AUTH_SOCK = "$(${gpgPackage}/bin/gpgconf --list-dirs agent-ssh-socket)"; }; }