Update from updated-inputs-2024-04-15-01-03

configuration/desktop/default.nix

@@ -9,6 +9,7 @@
     ./networking.nix
     ./power.nix
     ./printing.nix
+    ./ssh.nix
     ./xserver.nix
   ];
 

configuration/desktop/gnome.nix

@@ -47,6 +47,9 @@
           "org/gnome/desktop/notifications" = {
             show-in-lock-screen = false;
           };
+          "org/gnome/desktop/sound" = {
+            event-sounds = false;
+          };
           "org/gnome/gnome-system-monitor" = {
             network-in-bits = true;
             network-total-in-bits = true;

configuration/desktop/ssh.nix

@@ -0,0 +1,39 @@
+{ pkgs, ... }:
+
+{
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+    pinentryPackage = pkgs.pinentry-gtk2;
+  };
+
+  # Add wrapper around ssh that takes the gnupg ssh-agent
+  # instead of gnome-keyring
+  environment.systemPackages = with pkgs; [
+    ssh-gpg
+  ];
+
+
+  # Do not disable ssh-agent of gnome-keyring, because
+  # gnupg ssh-agent can't handle normal SSH keys properly
+  /*
+  # Disable ssh-agent of gnome-keyring
+  nixpkgs.overlays = [
+    (final: prev: {
+      gnome = prev.gnome // {
+        gnome-keyring = prev.runCommand "gnome-keyring-ssh-disabled-autostart" {} ''
+          mkdir -p $out
+
+          # Symlink all gnome-keyring binaries
+          ${final.xorg.lndir}/bin/lndir -silent ${prev.gnome.gnome-keyring} $out
+
+          # Disable autostart for ssh
+          rm $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
+          cat ${prev.gnome.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop > $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
+          echo "Hidden=true" >> $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
+        '';
+      };
+    })
+  ];
+  */
+}

flake.lock

@@ -216,11 +216,11 @@
     },
     "nixpkgs-krypton": {
       "locked": {
-        "lastModified": 1707546158,
-        "narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=",
+        "lastModified": 1712791164,
+        "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0",
+        "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5",
         "type": "github"
       },
       "original": {
@@ -232,11 +232,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1712791164,
-        "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=",
+        "lastModified": 1712963716,
+        "narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5",
+        "rev": "cfd6b5fc90b15709b780a5a1619695a88505a176",
         "type": "github"
       },
       "original": {

flake.nix

@@ -128,6 +128,7 @@
         nixfiles-generate-config
         nixfiles-update-ssh-host-keys
         print-afra
+        ssh-gpg
         update-from-hydra
         uptimestatus;
     });

pkgs/overlay.nix

@@ -11,6 +11,7 @@ final: prev: {
   nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
   nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
   print-afra = final.callPackage ./print-afra {};
+  ssh-gpg = final.callPackage ./ssh-gpg {};
   update-from-hydra = final.callPackage ./update-from-hydra {};
   uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
 }

pkgs/ssh-gpg/default.nix

@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+
+pkgs.writeShellApplication {
+  name = "ssh-gpg";
+  text = builtins.readFile ./ssh-gpg.sh;
+}

pkgs/ssh-gpg/ssh-gpg.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
+export SSH_AUTH_SOCK
+
+exec ssh "$@"