Compare commits

...

4 Commits

Author SHA1 Message Date
Sam W 98a3416191 fix 2024-09-28 20:16:19 +01:00
Sam W 665403ee0f maybe don't clobber sessionvariables 2024-09-28 20:06:13 +01:00
Sam W c0978d2186 add tpmssh 2024-09-28 19:57:44 +01:00
Sam W b3b9941c9b remove boron 2024-09-28 19:19:59 +01:00
5 changed files with 44 additions and 10 deletions

View File

@ -19,10 +19,14 @@
outputs = inputs: let
overlays = [
# Add our own local packages
(final: prev: rec {
(final: prev: {
# Make my local packages available as pkgs.mypkgs.<foo>
mypkgs = prev.callPackage ./pkgs {};
})
# more up to date ssh-tpm-agent. Can probably ditch this post-24.05
(final: prev: {
ssh-tpm-agent = (import inputs.nixpkgs-unstable { system = prev.system; }).ssh-tpm-agent;
})
];
in (rec {
profiles = import ./home/profiles.nix;
@ -68,11 +72,6 @@
# Standalone home-manager configurations
homeConfigurations = {
boron = lib.mkHome {
system = "aarch64-darwin";
profiles = with profiles; [default dev dev-gui sensitive mac docker aws];
username = "samuel.willcocks";
};
zinc = lib.mkHome {
system = "aarch64-darwin";
profiles = with profiles; [default dev dev-gui sensitive mac];

View File

@ -6,9 +6,8 @@
in {
home.packages = packages.all;
home.sessionVariables = {
"PATH" = "$HOME/.local/bin:$PATH";
"EDITOR" = "vim";
"WORDCHARS" = "\${WORDCHARS//[\\/.=]/}"; # ctrl-w on paths without make angery
EDITOR = "vim"; # is overriden to nvim in vim.nix if needed
WORDCHARS = "\${WORDCHARS//[\\/.=]/}"; # ctrl-w on paths without make angery
};
/*
# For some reason this doesn't play nice when using home manager config from inside

View File

@ -10,6 +10,7 @@
dev-gui = {...}: {
imports = [./vscode.nix];
};
tpmssh = ./tpmssh.nix;
# Sensitive stuff
sensitive = {...}: {
imports = [

35
home/tpmssh.nix Normal file
View File

@ -0,0 +1,35 @@
# Enable tpm-ssh-agent in a systemd user service
{pkgs, config, lib, ...}: {
home.packages = [ pkgs.ssh-tpm-agent ];
home.sessionVariables = {
SSH_AUTH_SOCK = let
maybeProxy = lib.strings.optionalString config.services.gpg-agent.enableSshSupport " -A $(${config.programs.gpg.package}/bin/gpgconf --list-dirs agent-ssh-socket)";
cmd = "${pkgs.ssh-tpm-agent}/bin/ssh-tpm-agent --print-socket${maybeProxy}";
in "$(${cmd})";
TESTIFICLES = "hello";
};
systemd.user.sockets.ssh-tpm-agent = {
Unit.WantedBy = [ "sockets.target" ];
Socket = {
ListenStream = "%t/ssh-tpm-agent.sock";
SocketMode = "0600";
Service = "ssh-tpm-agent.service";
};
};
systemd.user.services.ssh-tpm-agent = {
Unit = {
Requires = [ "ssh-tpm-agent.socket" ];
ConditionEnvironment = "!SSH_AGENT_PID";
};
Service = {
Environment = ''
SSH_AUTH_SOCK="%t/ssh-tpm-agent.sock"
'';
ExecStart = "${pkgs.ssh-tpm-agent}";
PassEnvironment = "SSH_AGENT_PID";
SuccessExitStatus = 2;
Type = "simple";
};
};
}

View File

@ -5,7 +5,7 @@
lib,
...
}: {
home.sessionVariables = lib.mkForce {"EDITOR" = "nvim";};
home.sessionVariables.EDITOR = lib.mkForce "nvim";
home.packages = with pkgs; [ripgrep];
programs.neovim = {
enable = true;