From 2dab06345eb4486b9af05e13cd82c5b02523b165 Mon Sep 17 00:00:00 2001 From: tzlil Date: Tue, 21 Feb 2023 18:28:20 +0200 Subject: add ssh-agent service and session variable, figure out how to find XDG_DATA_DIR in the config, add known hosts --- profiles/user.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'profiles') diff --git a/profiles/user.nix b/profiles/user.nix index 637c15d..0a3bebe 100644 --- a/profiles/user.nix +++ b/profiles/user.nix @@ -46,14 +46,36 @@ stateVersion = "22.05"; username = "tzlil"; homeDirectory = "/home/tzlil"; + sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/ssh-agent"; }; programs.ssh = { enable = true; userKnownHostsFile = builtins.toFile "known_hosts" " pc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINu5lRKb1Ao4uj1tAV10QHKIvXfC8ncQ65b+oJtxrd1e + vm ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS6LK6rCmJCR/rKVJYVmJTL8fAdyJSLlgC3mesd6QVS + vps ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdOuj27GB703ZRKRqhytlaLJsKucaRa//yswxijAZT7 "; matchBlocks."*".identityFile = config.age.secrets."id_ed25519".path; }; + systemd.user.services.ssh-agent = let + agentTimeout = "1h"; + in { + Unit = { + Description = "SSH Agent"; + After = ["default.target"]; + }; + Service = { + ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; + ExecStart = + "${pkgs.openssh}/bin/ssh-agent " + + "-t ${agentTimeout} " + + "-a %t/ssh-agent"; + StandardOutput = "null"; + Type = "forking"; + Restart = "on-failure"; + SuccessExitStatus = "0 2"; + }; + }; }; }; } -- cgit 1.4.1