feat(ssh): use gpg agent for agent

2026-03-16 10:11:08 +01:00 · 2023-03-12 18:26:58 +01:00
parent 743a0f3239
commit 87ab995b82
1 changed files with 15 additions and 0 deletions
--- a/configs/ssh.nix
+++ b/configs/ssh.nix
@@ -18,10 +18,25 @@ in {
      maxCacheTtlSsh = 4 * defaultCacheTtlSsh;
      sshKeys = [
        "568047C91DE03A23883E340F15A9C24D313E847C"
+        "BB3EE102DB8CD45540A78A6B18B511B67061F6B4" # kfm@manakish ed25519
+        "3F8986755818B5762A096BE212777EAAC441DD9D" # fysiweb rsa
+        "0E4ABD229432486CC432639BB0986B2CDE365105" # agenix ed25519
      ];
    };
  };

+  environment.extraInit = ''
+    if [[ -z "$SSH_AUTH_SOCK" ]]; then
+      export SSH_AUTH_SOCK="$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket)"
+    fi
+  '';
+
+  environment.interactiveShellInit = ''
+    GPG_TTY="$(tty)"
+    export GPG_TTY
+    ${pkgs.gnupg}/bin/gpg-connect-agent updatestartuptty /bye > /dev/null
+  '';
+
  home-manager.users.me.programs.ssh = {
    enable = true;
    matchBlocks = rec {