add ssh-agent service and session variable, figure out how to find XDG_DATA_DIR in the config, add known hosts

1 files changed, 22 insertions, 0 deletions

diff --git a/profiles/user.nix b/profiles/user.nix
index 637c15d..0a3bebe 100644
--- a/profiles/user.nix
+++ b/profiles/user.nix
@@ -46,14 +46,36 @@
         stateVersion = "22.05";
         username = "tzlil";
         homeDirectory = "/home/tzlil";
+        sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/ssh-agent";
       };
       programs.ssh = {
         enable = true;
         userKnownHostsFile = builtins.toFile "known_hosts" "
           pc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINu5lRKb1Ao4uj1tAV10QHKIvXfC8ncQ65b+oJtxrd1e
+          vm ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS6LK6rCmJCR/rKVJYVmJTL8fAdyJSLlgC3mesd6QVS
+          vps ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdOuj27GB703ZRKRqhytlaLJsKucaRa//yswxijAZT7
         ";
         matchBlocks."*".identityFile = config.age.secrets."id_ed25519".path;
       };
+      systemd.user.services.ssh-agent = let
+        agentTimeout = "1h";
+      in {
+        Unit = {
+          Description = "SSH Agent";
+          After = ["default.target"];
+        };
+        Service = {
+          ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
+          ExecStart =
+            "${pkgs.openssh}/bin/ssh-agent "
+            + "-t ${agentTimeout} "
+            + "-a %t/ssh-agent";
+          StandardOutput = "null";
+          Type = "forking";
+          Restart = "on-failure";
+          SuccessExitStatus = "0 2";
+        };
+      };
     };
   };
 }