Compare commits
5 Commits
e9f75f73a2
...
94ef76d3f6
Author | SHA1 | Date | |
---|---|---|---|
94ef76d3f6 | |||
|
2974b4f18e | ||
66d369bbd9 | |||
af72169172 | |||
d64dea3dc3 |
@ -9,6 +9,7 @@
|
|||||||
./networking.nix
|
./networking.nix
|
||||||
./power.nix
|
./power.nix
|
||||||
./printing.nix
|
./printing.nix
|
||||||
|
./ssh.nix
|
||||||
./xserver.nix
|
./xserver.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -47,6 +47,9 @@
|
|||||||
"org/gnome/desktop/notifications" = {
|
"org/gnome/desktop/notifications" = {
|
||||||
show-in-lock-screen = false;
|
show-in-lock-screen = false;
|
||||||
};
|
};
|
||||||
|
"org/gnome/desktop/sound" = {
|
||||||
|
event-sounds = false;
|
||||||
|
};
|
||||||
"org/gnome/gnome-system-monitor" = {
|
"org/gnome/gnome-system-monitor" = {
|
||||||
network-in-bits = true;
|
network-in-bits = true;
|
||||||
network-total-in-bits = true;
|
network-total-in-bits = true;
|
||||||
|
39
configuration/desktop/ssh.nix
Normal file
39
configuration/desktop/ssh.nix
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
programs.gnupg.agent = {
|
||||||
|
enable = true;
|
||||||
|
enableSSHSupport = true;
|
||||||
|
pinentryPackage = pkgs.pinentry-gtk2;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Add wrapper around ssh that takes the gnupg ssh-agent
|
||||||
|
# instead of gnome-keyring
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
ssh-gpg
|
||||||
|
];
|
||||||
|
|
||||||
|
|
||||||
|
# Do not disable ssh-agent of gnome-keyring, because
|
||||||
|
# gnupg ssh-agent can't handle normal SSH keys properly
|
||||||
|
/*
|
||||||
|
# Disable ssh-agent of gnome-keyring
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(final: prev: {
|
||||||
|
gnome = prev.gnome // {
|
||||||
|
gnome-keyring = prev.runCommand "gnome-keyring-ssh-disabled-autostart" {} ''
|
||||||
|
mkdir -p $out
|
||||||
|
|
||||||
|
# Symlink all gnome-keyring binaries
|
||||||
|
${final.xorg.lndir}/bin/lndir -silent ${prev.gnome.gnome-keyring} $out
|
||||||
|
|
||||||
|
# Disable autostart for ssh
|
||||||
|
rm $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
|
||||||
|
cat ${prev.gnome.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop > $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
|
||||||
|
echo "Hidden=true" >> $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
*/
|
||||||
|
}
|
12
flake.lock
12
flake.lock
@ -216,11 +216,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs-krypton": {
|
"nixpkgs-krypton": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1707546158,
|
"lastModified": 1712791164,
|
||||||
"narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=",
|
"narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0",
|
"rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -232,11 +232,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1712791164,
|
"lastModified": 1712963716,
|
||||||
"narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=",
|
"narHash": "sha256-WKm9CvgCldeIVvRz87iOMi8CFVB1apJlkUT4GGvA0iM=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5",
|
"rev": "cfd6b5fc90b15709b780a5a1619695a88505a176",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -128,6 +128,7 @@
|
|||||||
nixfiles-generate-config
|
nixfiles-generate-config
|
||||||
nixfiles-update-ssh-host-keys
|
nixfiles-update-ssh-host-keys
|
||||||
print-afra
|
print-afra
|
||||||
|
ssh-gpg
|
||||||
update-from-hydra
|
update-from-hydra
|
||||||
uptimestatus;
|
uptimestatus;
|
||||||
});
|
});
|
||||||
|
@ -11,6 +11,7 @@ final: prev: {
|
|||||||
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
nixfiles-generate-config = final.callPackage ./nixfiles/nixfiles-generate-config.nix {};
|
||||||
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
nixfiles-update-ssh-host-keys = final.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
|
||||||
print-afra = final.callPackage ./print-afra {};
|
print-afra = final.callPackage ./print-afra {};
|
||||||
|
ssh-gpg = final.callPackage ./ssh-gpg {};
|
||||||
update-from-hydra = final.callPackage ./update-from-hydra {};
|
update-from-hydra = final.callPackage ./update-from-hydra {};
|
||||||
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
|
uptimestatus = final.python3.pkgs.callPackage ./uptimestatus {};
|
||||||
}
|
}
|
||||||
|
6
pkgs/ssh-gpg/default.nix
Normal file
6
pkgs/ssh-gpg/default.nix
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
{ pkgs, ... }:
|
||||||
|
|
||||||
|
pkgs.writeShellApplication {
|
||||||
|
name = "ssh-gpg";
|
||||||
|
text = builtins.readFile ./ssh-gpg.sh;
|
||||||
|
}
|
6
pkgs/ssh-gpg/ssh-gpg.sh
Executable file
6
pkgs/ssh-gpg/ssh-gpg.sh
Executable file
@ -0,0 +1,6 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
|
||||||
|
export SSH_AUTH_SOCK
|
||||||
|
|
||||||
|
exec ssh "$@"
|
Loading…
Reference in New Issue
Block a user