Update from updated-inputs-2024-04-16-01-03

pkgs/ssh-gpg: Execute arbitrary commands with ssh-gpg
users/clerie: Add new SSH key for clerie
2024-04-16 03:03:05 +02:00 · 2024-04-15 20:01:20 +02:00 · 2024-04-15 19:28:01 +02:00 · 2024-04-15 19:11:07 +02:00 · 2024-04-15 19:09:55 +02:00 · 2024-04-15 09:13:57 +02:00
8 changed files with 56 additions and 19 deletions
--- a/configuration/desktop/ssh.nix
+++ b/configuration/desktop/ssh.nix
@ -1,19 +1,14 @@
 { pkgs, ... }:
 {
  imports = [
    ../../configuration/gpg-ssh
  ];
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
    pinentryPackage = pkgs.pinentry-gtk2;
  };
  # Add wrapper around ssh that takes the gnupg ssh-agent
  # instead of gnome-keyring
  environment.systemPackages = with pkgs; [
    ssh-gpg
  ];
  # Do not disable ssh-agent of gnome-keyring, because
  # gnupg ssh-agent can't handle normal SSH keys properly
  /*
--- a/configuration/gpg-ssh/default.nix
+++ b/configuration/gpg-ssh/default.nix
@ -0,0 +1,25 @@
 { pkgs, lib, ... }:
 {
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
    pinentryPackage = lib.mkDefault pkgs.pinentry-curses;
  };
  environment.systemPackages = with pkgs; [
    gnupg
    yubikey-personalization
    # Add wrapper around ssh that takes the gnupg ssh-agent
    # instead of gnome-keyring
    ssh-gpg
  ];
  services.pcscd.enable = true;
  services.udev.packages = with pkgs; [
    yubikey-personalization
  ];
 }
--- a/flake.lock
+++ b/flake.lock
@ -43,9 +43,7 @@
    },
    "chaosevents": {
      "inputs": {
-        "nixpkgs": [
+        "nixpkgs": "nixpkgs"
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1708189846,
@ -107,7 +105,7 @@
    "fieldpoc": {
      "inputs": {
        "mitel-ommclient2": "mitel-ommclient2",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
        "lastModified": 1711287766,
@ -200,11 +198,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1665732960,
+        "lastModified": 1686501370,
-        "narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=",
+        "narHash": "sha256-G0WuM9fqTPRc2URKP9Lgi5nhZMqsfHGrdEbrLvAPJcg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "4428e23312933a196724da2df7ab78eb5e67a88e",
+        "rev": "75a5ebf473cd60148ba9aec0d219f72e5cf52519",
        "type": "github"
      },
      "original": {
@ -231,6 +229,22 @@
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1665732960,
        "narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "4428e23312933a196724da2df7ab78eb5e67a88e",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1712963716,
        "narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
@ -255,7 +269,7 @@
        "fieldpoc": "fieldpoc",
        "nixos-exporter": "nixos-exporter",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
        "nixpkgs-krypton": "nixpkgs-krypton",
        "solid-xmpp-alarm": "solid-xmpp-alarm"
      }
--- a/flake.nix
+++ b/flake.nix
@ -13,7 +13,7 @@
    };
    chaosevents = {
      url = "git+https://git.clerie.de/clerie/chaosevents.git";
-      inputs.nixpkgs.follows = "nixpkgs";
+      #inputs.nixpkgs.follows = "nixpkgs";
    };
    fernglas = {
      url = "github:wobcom/fernglas";
--- a/hosts/_iso/configuration.nix
+++ b/hosts/_iso/configuration.nix
@ -3,6 +3,7 @@
 {
  imports = [
    (modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
    ../../configuration/gpg-ssh
  ];
  networking.hostName = "isowo";
--- a/pkgs/ssh-gpg/ssh-gpg.sh
+++ b/pkgs/ssh-gpg/ssh-gpg.sh
@ -3,4 +3,4 @@
 SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
 export SSH_AUTH_SOCK
-exec ssh "$@"
+exec "$@"
--- a/users/clerie/clerie_id-2024.pub
+++ b/users/clerie/clerie_id-2024.pub
@ -0,0 +1 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC17V4z147CtKGMvnAEC8BATO2Dttut9T8q0eIxGwmCVO96s/E2ZbxQSjqp9FOuAhD7xJH4kUf4uwlM8yU6sFnWPLbawFxlbyLChTurv2GV5polkqP7awHU7WP2DpO8vhPYcoo5w2GI/q/IfL1+6KHqAuqenQw6H/fERllMkYnqyLcJqfoyfFXD6r/TJfhpB5ryoIeX45sakZvjtrIYpGjjHMjlHu8RG8zuad6UHTg7NqLnYCk2aGcvvA8H1OP/vfuAElhwwVEekKD2VvDcARmXyRyzKl7qCoqXZLRHrlDH+oqKzQLctTjDmGJtETW2Oca3NM6fp6xuuI8NHQhNq1SghoIQDu4LcdHQtclc5a8oOV3C6O6fpgTZI99gp6OcvRGuyAO43uKOg/BmegRDs7AapVsm1+um5hwLdI5wFzMvhpWJw7j7D9hfIS9K8VmLULKy6q+G4fg4s9QklxOg5ExgxUnWnANsgXvct6k8dr0IkZtcVzLGc86XPP0Qd5Rgtcb6JYITSezssL7Gn+rLnNhvKQZVoeOCJ4vyB9OFwcv0ESs9Cx8tg2ZDZpYSkVMoIhoi3LUCinozineRypy3+ItrMRm+PD8wEPZGlwcAaFhDSAML+xpKSCt0c1EqLsF8CtadbXuyNn3DsNaOzWWQha+47HiVl8QipSfF751hVtTH9Q== openpgp:0xDEC2998F
--- a/users/clerie/default.nix
+++ b/users/clerie/default.nix
@ -9,6 +9,7 @@
    ];
    openssh.authorizedKeys.keys = [
      (builtins.readFile ./ssh.pub)
      (builtins.readFile ./clerie_id-2024.pub)
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnUBblmmVoMMBftn4EnwnzqR12m9zill51LpO124hHb10K2rqxNoq8tYSc2pMkV/3briZovffpe5SzB+m2MnXbtOBstIEXkrPZQ78vaZ/nLh7+eWg30lCmMPwjf2wIjlTXkcbxbsi7FbPW7FsolGkU/0mqGhqK1Xft/g7SnCXIoGPSSrHMXEv5dPPofCa1Z0Un+98wQTVfOSKek6TnIsfLbG01UFQVkN7afE4dqSmMiWwEm2PK9l+OiBA2/QzDpbtu9wsfTol4c192vFEWR9crB2YZ1JlMbjVWHjYmB7NFsS0A6lUOikss0Y+LUWS2/QuM/kqybSo4rasZMAIazM6D clerie"
    ];
  };
Author	SHA1	Message	Date
clerie	f84b363547	Update from updated-inputs-2024-04-16-01-03	2024-04-16 03:03:05 +02:00
clerie	e2795716c1	pkgs/ssh-gpg: Execute arbitrary commands with ssh-gpg	2024-04-15 20:01:20 +02:00
clerie	a7dbbba01d	users/clerie: Add new SSH key for clerie	2024-04-15 19:28:01 +02:00
clerie	699fc69bd3	flake.nix: Rollback nixpkgs for chaosevents input because of broken python deps in newer versions	2024-04-15 19:11:07 +02:00
clerie	1e54967cfd	flake.lock: Update nixpkgs	2024-04-15 19:09:55 +02:00
clerie	823d700f1f	configuration/gpg-ssh: Enable YubiKey support	2024-04-15 09:13:57 +02:00
clerie	2ae649af80	configuration/gpg-ssh: Move GPG and SSH integration to seperate module	2024-04-15 08:44:09 +02:00
		`@ -0,0 +1 @@`
							ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC17V4z147CtKGMvnAEC8BATO2Dttut9T8q0eIxGwmCVO96s/E2ZbxQSjqp9FOuAhD7xJH4kUf4uwlM8yU6sFnWPLbawFxlbyLChTurv2GV5polkqP7awHU7WP2DpO8vhPYcoo5w2GI/q/IfL1+6KHqAuqenQw6H/fERllMkYnqyLcJqfoyfFXD6r/TJfhpB5ryoIeX45sakZvjtrIYpGjjHMjlHu8RG8zuad6UHTg7NqLnYCk2aGcvvA8H1OP/vfuAElhwwVEekKD2VvDcARmXyRyzKl7qCoqXZLRHrlDH+oqKzQLctTjDmGJtETW2Oca3NM6fp6xuuI8NHQhNq1SghoIQDu4LcdHQtclc5a8oOV3C6O6fpgTZI99gp6OcvRGuyAO43uKOg/BmegRDs7AapVsm1+um5hwLdI5wFzMvhpWJw7j7D9hfIS9K8VmLULKy6q+G4fg4s9QklxOg5ExgxUnWnANsgXvct6k8dr0IkZtcVzLGc86XPP0Qd5Rgtcb6JYITSezssL7Gn+rLnNhvKQZVoeOCJ4vyB9OFwcv0ESs9Cx8tg2ZDZpYSkVMoIhoi3LUCinozineRypy3+ItrMRm+PD8wEPZGlwcAaFhDSAML+xpKSCt0c1EqLsF8CtadbXuyNn3DsNaOzWWQha+47HiVl8QipSfF751hVtTH9Q== openpgp:0xDEC2998F