mirror of
https://github.com/kittywitch/nixfiles.git
synced 2026-02-09 20:39:18 -08:00
Working PGP and SSH for Chen
This commit is contained in:
parent
92719f88ce
commit
efa2f4a5e8
GPG key ID:
465E64DECEA8CF0F
1 changed files with 72 additions and 1 deletions
|
|
@ -1,16 +1,23 @@
|
|||
_: let
|
||||
<<<<<<< HEAD
|
||||
hostConfig = {
|
||||
lib,
|
||||
tree,
|
||||
inputs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib.modules) mkForce;
|
||||
hostConfig = {lib, tree, modulesPath, inputs, pkgs, ...}: let
|
||||
inherit (lib.modules) mkForce mkAfter;
|
||||
in {
|
||||
imports = with tree; [
|
||||
inputs.wsl.nixosModules.wsl
|
||||
kat.gui
|
||||
nixos.gui.fonts
|
||||
nixos.gui.gpg
|
||||
];
|
||||
|
||||
programs.dconf.enable = true;
|
||||
|
||||
networking.firewall.enable = mkForce false;
|
||||
|
||||
boot.kernel.sysctl = mkForce {};
|
||||
|
|
@ -62,6 +69,70 @@ _: let
|
|||
wslConf.automount.root = "/mnt";
|
||||
};
|
||||
|
||||
boot.isContainer = true;
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
home-manager.users.kat = {
|
||||
services.gpg-agent.enable = false;
|
||||
programs.git.signing.gpgPath = "/mnt/c/Program Files (x86)/GnuPG/bin/gpg.exe";
|
||||
programs.zsh.profileExtra = ''
|
||||
if [[ -n "$XDG_SESSION_ID" && "$TERM" == "dumb" &&
|
||||
"$(ps -p $PPID -o comm=)" == "login" ]]; then
|
||||
# Running in the background login process. Do nothing.
|
||||
return
|
||||
fi
|
||||
gpg-connect-agent killagent /bye &> /dev/null
|
||||
WIN_USER="kat"
|
||||
SSH_DIR="''${HOME}/.ssh" #
|
||||
mkdir -p "''${SSH_DIR}"
|
||||
wsl2_ssh_pageant_bin="''${SSH_DIR}/wsl2-ssh-pageant.exe"
|
||||
ln -sf "/mnt/c/Users/''${WIN_USER}/.ssh/wsl2-ssh-pageant.exe" "''${wsl2_ssh_pageant_bin}"
|
||||
|
||||
listen_socket() {
|
||||
sock_path="$1" && shift
|
||||
fork_args="''${sock_path},fork"
|
||||
exec_args="''${wsl2_ssh_pageant_bin} $@"
|
||||
|
||||
if ! ps x | grep -v grep | grep -q "''${fork_args}"; then
|
||||
rm -f "''${sock_path}"
|
||||
(setsid nohup socat "UNIX-LISTEN:''${fork_args}" "EXEC:''${exec_args}" &>/dev/null &)
|
||||
fi
|
||||
}
|
||||
|
||||
# SSH
|
||||
export SSH_AUTH_SOCK="''${SSH_DIR}/agent.sock"
|
||||
listen_socket "''${SSH_AUTH_SOCK}"
|
||||
|
||||
# GPG
|
||||
export GPG_AGENT_SOCK="''$(gpgconf --list-dirs socketdir)/S.gpg-agent"
|
||||
|
||||
if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then
|
||||
echo "1"
|
||||
rm -rf "$GPG_AGENT_SOCK"
|
||||
if test -x "$wsl2_ssh_pageant_bin"; then
|
||||
(setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin -gpg S.gpg-agent" >/dev/null 2>&1 &)
|
||||
else
|
||||
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
|
||||
fi
|
||||
fi
|
||||
export GPG_AGENT_SOCK="/home/kat/.gnupg/S.gpg-agent"
|
||||
|
||||
if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then
|
||||
echo "1"
|
||||
rm -rf "$GPG_AGENT_SOCK"
|
||||
if test -x "$wsl2_ssh_pageant_bin"; then
|
||||
(setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin -gpg S.gpg-agent" >/dev/null 2>&1 &)
|
||||
else
|
||||
echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable."
|
||||
fi
|
||||
fi
|
||||
unset wsl2_ssh_pageant_bin
|
||||
'';
|
||||
};
|
||||
|
||||
programs.gnupg.agent.pinentryFlavor = mkForce "curses";
|
||||
|
||||
networking = {
|
||||
hostId = "dddbb888";
|
||||
useDHCP = false;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue