1
0

Compare commits

...

7 Commits

8 changed files with 56 additions and 19 deletions

View File

@ -1,19 +1,14 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [
../../configuration/gpg-ssh
];
programs.gnupg.agent = { programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = pkgs.pinentry-gtk2; pinentryPackage = pkgs.pinentry-gtk2;
}; };
# Add wrapper around ssh that takes the gnupg ssh-agent
# instead of gnome-keyring
environment.systemPackages = with pkgs; [
ssh-gpg
];
# Do not disable ssh-agent of gnome-keyring, because # Do not disable ssh-agent of gnome-keyring, because
# gnupg ssh-agent can't handle normal SSH keys properly # gnupg ssh-agent can't handle normal SSH keys properly
/* /*

View File

@ -0,0 +1,25 @@
{ pkgs, lib, ... }:
{
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = lib.mkDefault pkgs.pinentry-curses;
};
environment.systemPackages = with pkgs; [
gnupg
yubikey-personalization
# Add wrapper around ssh that takes the gnupg ssh-agent
# instead of gnome-keyring
ssh-gpg
];
services.pcscd.enable = true;
services.udev.packages = with pkgs; [
yubikey-personalization
];
}

View File

@ -43,9 +43,7 @@
}, },
"chaosevents": { "chaosevents": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": "nixpkgs"
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1708189846, "lastModified": 1708189846,
@ -107,7 +105,7 @@
"fieldpoc": { "fieldpoc": {
"inputs": { "inputs": {
"mitel-ommclient2": "mitel-ommclient2", "mitel-ommclient2": "mitel-ommclient2",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1711287766, "lastModified": 1711287766,
@ -200,11 +198,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1665732960, "lastModified": 1686501370,
"narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=", "narHash": "sha256-G0WuM9fqTPRc2URKP9Lgi5nhZMqsfHGrdEbrLvAPJcg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4428e23312933a196724da2df7ab78eb5e67a88e", "rev": "75a5ebf473cd60148ba9aec0d219f72e5cf52519",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -231,6 +229,22 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1665732960,
"narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4428e23312933a196724da2df7ab78eb5e67a88e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1712963716, "lastModified": 1712963716,
"narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=", "narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
@ -255,7 +269,7 @@
"fieldpoc": "fieldpoc", "fieldpoc": "fieldpoc",
"nixos-exporter": "nixos-exporter", "nixos-exporter": "nixos-exporter",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_3",
"nixpkgs-krypton": "nixpkgs-krypton", "nixpkgs-krypton": "nixpkgs-krypton",
"solid-xmpp-alarm": "solid-xmpp-alarm" "solid-xmpp-alarm": "solid-xmpp-alarm"
} }

View File

@ -13,7 +13,7 @@
}; };
chaosevents = { chaosevents = {
url = "git+https://git.clerie.de/clerie/chaosevents.git"; url = "git+https://git.clerie.de/clerie/chaosevents.git";
inputs.nixpkgs.follows = "nixpkgs"; #inputs.nixpkgs.follows = "nixpkgs";
}; };
fernglas = { fernglas = {
url = "github:wobcom/fernglas"; url = "github:wobcom/fernglas";

View File

@ -3,6 +3,7 @@
{ {
imports = [ imports = [
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix") (modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
../../configuration/gpg-ssh
]; ];
networking.hostName = "isowo"; networking.hostName = "isowo";

View File

@ -3,4 +3,4 @@
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
export SSH_AUTH_SOCK export SSH_AUTH_SOCK
exec ssh "$@" exec "$@"

View File

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC17V4z147CtKGMvnAEC8BATO2Dttut9T8q0eIxGwmCVO96s/E2ZbxQSjqp9FOuAhD7xJH4kUf4uwlM8yU6sFnWPLbawFxlbyLChTurv2GV5polkqP7awHU7WP2DpO8vhPYcoo5w2GI/q/IfL1+6KHqAuqenQw6H/fERllMkYnqyLcJqfoyfFXD6r/TJfhpB5ryoIeX45sakZvjtrIYpGjjHMjlHu8RG8zuad6UHTg7NqLnYCk2aGcvvA8H1OP/vfuAElhwwVEekKD2VvDcARmXyRyzKl7qCoqXZLRHrlDH+oqKzQLctTjDmGJtETW2Oca3NM6fp6xuuI8NHQhNq1SghoIQDu4LcdHQtclc5a8oOV3C6O6fpgTZI99gp6OcvRGuyAO43uKOg/BmegRDs7AapVsm1+um5hwLdI5wFzMvhpWJw7j7D9hfIS9K8VmLULKy6q+G4fg4s9QklxOg5ExgxUnWnANsgXvct6k8dr0IkZtcVzLGc86XPP0Qd5Rgtcb6JYITSezssL7Gn+rLnNhvKQZVoeOCJ4vyB9OFwcv0ESs9Cx8tg2ZDZpYSkVMoIhoi3LUCinozineRypy3+ItrMRm+PD8wEPZGlwcAaFhDSAML+xpKSCt0c1EqLsF8CtadbXuyNn3DsNaOzWWQha+47HiVl8QipSfF751hVtTH9Q== openpgp:0xDEC2998F

View File

@ -9,6 +9,7 @@
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
(builtins.readFile ./ssh.pub) (builtins.readFile ./ssh.pub)
(builtins.readFile ./clerie_id-2024.pub)
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnUBblmmVoMMBftn4EnwnzqR12m9zill51LpO124hHb10K2rqxNoq8tYSc2pMkV/3briZovffpe5SzB+m2MnXbtOBstIEXkrPZQ78vaZ/nLh7+eWg30lCmMPwjf2wIjlTXkcbxbsi7FbPW7FsolGkU/0mqGhqK1Xft/g7SnCXIoGPSSrHMXEv5dPPofCa1Z0Un+98wQTVfOSKek6TnIsfLbG01UFQVkN7afE4dqSmMiWwEm2PK9l+OiBA2/QzDpbtu9wsfTol4c192vFEWR9crB2YZ1JlMbjVWHjYmB7NFsS0A6lUOikss0Y+LUWS2/QuM/kqybSo4rasZMAIazM6D clerie" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnUBblmmVoMMBftn4EnwnzqR12m9zill51LpO124hHb10K2rqxNoq8tYSc2pMkV/3briZovffpe5SzB+m2MnXbtOBstIEXkrPZQ78vaZ/nLh7+eWg30lCmMPwjf2wIjlTXkcbxbsi7FbPW7FsolGkU/0mqGhqK1Xft/g7SnCXIoGPSSrHMXEv5dPPofCa1Z0Un+98wQTVfOSKek6TnIsfLbG01UFQVkN7afE4dqSmMiWwEm2PK9l+OiBA2/QzDpbtu9wsfTol4c192vFEWR9crB2YZ1JlMbjVWHjYmB7NFsS0A6lUOikss0Y+LUWS2/QuM/kqybSo4rasZMAIazM6D clerie"
]; ];
}; };