From 9a4e0af232e19e0c901637bc9dc24265dff542e8 Mon Sep 17 00:00:00 2001 From: Dmitriy Kholkin Date: Wed, 5 Aug 2020 22:51:19 +0400 Subject: [PATCH] update gpg-ssh --- modules/default.nix | 1 + modules/services.nix | 2 +- modules/workspace/misc.nix | 20 ++++++++++---------- modules/workspace/ssh.nix | 23 +++++++++++++++++++++++ 4 files changed, 35 insertions(+), 11 deletions(-) create mode 100644 modules/workspace/ssh.nix diff --git a/modules/default.nix b/modules/default.nix index dd02d23..aeef4fe 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -33,6 +33,7 @@ device: ./workspace/pulseeffects ./workspace/rofi.nix # ./workspace/spotifyd.nix + ./workspace/ssh.nix ./workspace/xresources.nix ./workspace/zsh.nix ]; diff --git a/modules/services.nix b/modules/services.nix index eb61538..6a2b7bf 100644 --- a/modules/services.nix +++ b/modules/services.nix @@ -50,7 +50,7 @@ in { services.upower.enable = true; - services.gnome3.gnome-keyring.enable = true; + services.gnome3.gnome-keyring.enable = false; virtualisation.docker.enable = device.enableVirtualisation; diff --git a/modules/workspace/misc.nix b/modules/workspace/misc.nix index 0e23a34..60fd7be 100644 --- a/modules/workspace/misc.nix +++ b/modules/workspace/misc.nix @@ -1,6 +1,5 @@ { pkgs, lib, config, ... }: { - # programs.ssh.askPassword = "${pkgs.plasma5.ksshaskpass}/bin/ksshaskpass"; environment.sessionVariables = { EDITOR = config.defaultApplications.editor.cmd; VISUAL = config.defaultApplications.editor.cmd; @@ -8,12 +7,6 @@ NIX_AUTO_RUN = "1"; }; - # GPG with SSH - environment.shellInit = '' - export GPG_TTY="$(tty)" - gpg-connect-agent /bye - ''; - services.atd.enable = true; home-manager.users.alukard = { @@ -26,6 +19,7 @@ package = pkgs.git-with-libsecret; userEmail = "alukard.develop@gmail.com"; userName = "Dmitriy Kholkin"; + signing.key = "922DA6E758A0FE4CFAB4E4B2FD266B810DF48DF2"; extraConfig = { credential = { helper = "libsecret"; @@ -37,19 +31,25 @@ }; # GPG with SSH + programs.gpg.enable = true; services.gpg-agent = { enable = true; enableSshSupport = true; pinentryFlavor = "gtk2"; sshKeys = [ "E6A6377C3D0827C36428A290199FDB3B91414AFE" ]; }; - programs.gpg.enable = true; - home.sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"; - # --END-- programs.direnv = { enable = true; enableZshIntegration = true; + # enable use_flake support + # stdlib = '' + # use_flake() { + # watch_file flake.nix + # watch_file flake.lock + # eval "$(nix print-dev-env --profile "$(direnv_layout_dir)/flake-profile")" + # } + # ''; }; news.display = "silent"; diff --git a/modules/workspace/ssh.nix b/modules/workspace/ssh.nix new file mode 100644 index 0000000..ef98662 --- /dev/null +++ b/modules/workspace/ssh.nix @@ -0,0 +1,23 @@ +{ pkgs, lib, config, ... }: { + + # services.openssh = { + # enable = true; + # passwordAuthentication = false; + # permitRootLogin = "yes"; + # forwardX11 = true; + # ports = [ 22 ]; + # }; + # home-manager.users.alukard.programs.ssh = { + # enable = true; + # matchBlocks = { + # "*" = { + # compression = false; + # }; + # }; + # }; + + users.users.alukard.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+xd8ClJPvJuAdYC9HlNnjiubEtYfvnKjYr9ROV+UmPVvI3ZITF24OaMI+fxgR0EqGfcUzSGom8528IB53Q3aFMIAaA0vKjW+jrByyB2l/k/+ttpLbH75c9WyOpAcUDTen8BhHKPyXOHoJ1jLu7GFmtPZ+mZo8thFB/VIRrwECHd8DnF0drsSCorkRp1bZC7bAHgztaYHNBUoAVGgJ7nLwW7DotlgbUEDiPJHXOxd/c/ZlXIB/cfUUqF+L5ThbMPhMcwRMspLy+nQdmHhih9k6SkvYqJoNqHT5/XeShb0RkIzvUWT2CYTPop5kAY5mMnatVTOY1FZPhHzk3G8MhOQ3r/elM/ecZxmjL8uozMN9kRGf1IL4DgQZfVqQRILdNSQGb0tfeiyirNZe1RlDw9UvMnZJOw0EkiC9lSSRhBWXXxAmxRrbNFTPQSp+/kiIGDmp2AsGhD11CfTDEU3wcLEUPBUqp1FYSzHncJyEKGy2Dpa5xaUJ0cuyGL4W3WHDXa4sTfY+AIXbQTD88Ujdsbfzyd6lrikG4D/crCurXissrh7q9DuYKWRI24cp5bw9lG33U1EXisnZqFyZNwMAmSj2QEGsHCwSevn0FgyRa2WYXgpZ9hfgY4le+ZSMo2JTosQ6DjGyxMDyQAHJ/ismTTzL67Q2p6U+73toYm62Qqdspw== (none)" + ]; + programs.ssh.askPassword = "${pkgs.plasma5.ksshaskpass}/bin/ksshaskpass"; +} \ No newline at end of file