Compare commits
7 Commits
94ef76d3f6
...
f84b363547
Author | SHA1 | Date | |
---|---|---|---|
f84b363547 | |||
e2795716c1 | |||
a7dbbba01d | |||
699fc69bd3 | |||
1e54967cfd | |||
823d700f1f | |||
2ae649af80 |
@ -1,19 +1,14 @@
|
|||||||
{ pkgs, ... }:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
|
imports = [
|
||||||
|
../../configuration/gpg-ssh
|
||||||
|
];
|
||||||
programs.gnupg.agent = {
|
programs.gnupg.agent = {
|
||||||
enable = true;
|
|
||||||
enableSSHSupport = true;
|
|
||||||
pinentryPackage = pkgs.pinentry-gtk2;
|
pinentryPackage = pkgs.pinentry-gtk2;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Add wrapper around ssh that takes the gnupg ssh-agent
|
|
||||||
# instead of gnome-keyring
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
ssh-gpg
|
|
||||||
];
|
|
||||||
|
|
||||||
|
|
||||||
# Do not disable ssh-agent of gnome-keyring, because
|
# Do not disable ssh-agent of gnome-keyring, because
|
||||||
# gnupg ssh-agent can't handle normal SSH keys properly
|
# gnupg ssh-agent can't handle normal SSH keys properly
|
||||||
/*
|
/*
|
||||||
|
25
configuration/gpg-ssh/default.nix
Normal file
25
configuration/gpg-ssh/default.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{ pkgs, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
programs.gnupg.agent = {
|
||||||
|
enable = true;
|
||||||
|
enableSSHSupport = true;
|
||||||
|
pinentryPackage = lib.mkDefault pkgs.pinentry-curses;
|
||||||
|
};
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
gnupg
|
||||||
|
yubikey-personalization
|
||||||
|
|
||||||
|
# Add wrapper around ssh that takes the gnupg ssh-agent
|
||||||
|
# instead of gnome-keyring
|
||||||
|
ssh-gpg
|
||||||
|
];
|
||||||
|
|
||||||
|
services.pcscd.enable = true;
|
||||||
|
|
||||||
|
services.udev.packages = with pkgs; [
|
||||||
|
yubikey-personalization
|
||||||
|
];
|
||||||
|
}
|
30
flake.lock
30
flake.lock
@ -43,9 +43,7 @@
|
|||||||
},
|
},
|
||||||
"chaosevents": {
|
"chaosevents": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": "nixpkgs"
|
||||||
"nixpkgs"
|
|
||||||
]
|
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1708189846,
|
"lastModified": 1708189846,
|
||||||
@ -107,7 +105,7 @@
|
|||||||
"fieldpoc": {
|
"fieldpoc": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"mitel-ommclient2": "mitel-ommclient2",
|
"mitel-ommclient2": "mitel-ommclient2",
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1711287766,
|
"lastModified": 1711287766,
|
||||||
@ -200,11 +198,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1665732960,
|
"lastModified": 1686501370,
|
||||||
"narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=",
|
"narHash": "sha256-G0WuM9fqTPRc2URKP9Lgi5nhZMqsfHGrdEbrLvAPJcg=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "4428e23312933a196724da2df7ab78eb5e67a88e",
|
"rev": "75a5ebf473cd60148ba9aec0d219f72e5cf52519",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -231,6 +229,22 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1665732960,
|
||||||
|
"narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "4428e23312933a196724da2df7ab78eb5e67a88e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1712963716,
|
"lastModified": 1712963716,
|
||||||
"narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
|
"narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
|
||||||
@ -255,7 +269,7 @@
|
|||||||
"fieldpoc": "fieldpoc",
|
"fieldpoc": "fieldpoc",
|
||||||
"nixos-exporter": "nixos-exporter",
|
"nixos-exporter": "nixos-exporter",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_2",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nixpkgs-krypton": "nixpkgs-krypton",
|
"nixpkgs-krypton": "nixpkgs-krypton",
|
||||||
"solid-xmpp-alarm": "solid-xmpp-alarm"
|
"solid-xmpp-alarm": "solid-xmpp-alarm"
|
||||||
}
|
}
|
||||||
|
@ -13,7 +13,7 @@
|
|||||||
};
|
};
|
||||||
chaosevents = {
|
chaosevents = {
|
||||||
url = "git+https://git.clerie.de/clerie/chaosevents.git";
|
url = "git+https://git.clerie.de/clerie/chaosevents.git";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
#inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
fernglas = {
|
fernglas = {
|
||||||
url = "github:wobcom/fernglas";
|
url = "github:wobcom/fernglas";
|
||||||
|
@ -3,6 +3,7 @@
|
|||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
|
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
|
||||||
|
../../configuration/gpg-ssh
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "isowo";
|
networking.hostName = "isowo";
|
||||||
|
@ -3,4 +3,4 @@
|
|||||||
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
||||||
export SSH_AUTH_SOCK
|
export SSH_AUTH_SOCK
|
||||||
|
|
||||||
exec ssh "$@"
|
exec "$@"
|
||||||
|
1
users/clerie/clerie_id-2024.pub
Normal file
1
users/clerie/clerie_id-2024.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC17V4z147CtKGMvnAEC8BATO2Dttut9T8q0eIxGwmCVO96s/E2ZbxQSjqp9FOuAhD7xJH4kUf4uwlM8yU6sFnWPLbawFxlbyLChTurv2GV5polkqP7awHU7WP2DpO8vhPYcoo5w2GI/q/IfL1+6KHqAuqenQw6H/fERllMkYnqyLcJqfoyfFXD6r/TJfhpB5ryoIeX45sakZvjtrIYpGjjHMjlHu8RG8zuad6UHTg7NqLnYCk2aGcvvA8H1OP/vfuAElhwwVEekKD2VvDcARmXyRyzKl7qCoqXZLRHrlDH+oqKzQLctTjDmGJtETW2Oca3NM6fp6xuuI8NHQhNq1SghoIQDu4LcdHQtclc5a8oOV3C6O6fpgTZI99gp6OcvRGuyAO43uKOg/BmegRDs7AapVsm1+um5hwLdI5wFzMvhpWJw7j7D9hfIS9K8VmLULKy6q+G4fg4s9QklxOg5ExgxUnWnANsgXvct6k8dr0IkZtcVzLGc86XPP0Qd5Rgtcb6JYITSezssL7Gn+rLnNhvKQZVoeOCJ4vyB9OFwcv0ESs9Cx8tg2ZDZpYSkVMoIhoi3LUCinozineRypy3+ItrMRm+PD8wEPZGlwcAaFhDSAML+xpKSCt0c1EqLsF8CtadbXuyNn3DsNaOzWWQha+47HiVl8QipSfF751hVtTH9Q== openpgp:0xDEC2998F
|
@ -9,6 +9,7 @@
|
|||||||
];
|
];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
(builtins.readFile ./ssh.pub)
|
(builtins.readFile ./ssh.pub)
|
||||||
|
(builtins.readFile ./clerie_id-2024.pub)
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnUBblmmVoMMBftn4EnwnzqR12m9zill51LpO124hHb10K2rqxNoq8tYSc2pMkV/3briZovffpe5SzB+m2MnXbtOBstIEXkrPZQ78vaZ/nLh7+eWg30lCmMPwjf2wIjlTXkcbxbsi7FbPW7FsolGkU/0mqGhqK1Xft/g7SnCXIoGPSSrHMXEv5dPPofCa1Z0Un+98wQTVfOSKek6TnIsfLbG01UFQVkN7afE4dqSmMiWwEm2PK9l+OiBA2/QzDpbtu9wsfTol4c192vFEWR9crB2YZ1JlMbjVWHjYmB7NFsS0A6lUOikss0Y+LUWS2/QuM/kqybSo4rasZMAIazM6D clerie"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnUBblmmVoMMBftn4EnwnzqR12m9zill51LpO124hHb10K2rqxNoq8tYSc2pMkV/3briZovffpe5SzB+m2MnXbtOBstIEXkrPZQ78vaZ/nLh7+eWg30lCmMPwjf2wIjlTXkcbxbsi7FbPW7FsolGkU/0mqGhqK1Xft/g7SnCXIoGPSSrHMXEv5dPPofCa1Z0Un+98wQTVfOSKek6TnIsfLbG01UFQVkN7afE4dqSmMiWwEm2PK9l+OiBA2/QzDpbtu9wsfTol4c192vFEWR9crB2YZ1JlMbjVWHjYmB7NFsS0A6lUOikss0Y+LUWS2/QuM/kqybSo4rasZMAIazM6D clerie"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user