aviallon/nixos-lib
1
0
Fork 0
mirror of https://github.com/aviallon/nixos-lib.git synced 2026-04-05 17:27:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[Services + General] Improve GPG support (especially over SSH)

Browse source 
Also add SmartCard support
This commit is contained in:
Antoine Viallon 2022-03-21 00:04:33 +01:00
parent c64f9cb86f
commit 42bbfa7979
Signed by: aviallon
GPG key ID: 186FC35EDEB25716
2 changed files with 12 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
general.nix
View file

@ -93,6 +93,13 @@ in
documentation.man.generateCaches = true; documentation.man.generateCaches = true;
environment.shellInit = concatStringsSep "\n" [
''export GPG_TTY="$(tty)"''
''gpg-connect-agent /bye''
''export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"''
];
nixpkgs.localSystem.system = builtins.currentSystem; nixpkgs.localSystem.system = builtins.currentSystem;
nixpkgs.localSystem.platform = lib.systems.platforms.pc // { nixpkgs.localSystem.platform = lib.systems.platforms.pc // {
gcc.arch = cfg.cpuArch; gcc.arch = cfg.cpuArch;

5
services.nix
View file

@ -173,10 +173,15 @@ in {
programs.gnupg = { programs.gnupg = {
agent.enable = true; agent.enable = true;
dirmngr.enable = true; dirmngr.enable = true;
agent.pinentryFlavor = "curses";
agent.enableSSHSupport = true; agent.enableSSHSupport = true;
agent.enableExtraSocket = true; agent.enableExtraSocket = true;
agent.enableBrowserSocket = true; agent.enableBrowserSocket = true;
}; };
programs.ssh.startAgent = false;
# SmartCards
services.pcscd.enable = true;
services.avahi.enable = true; # .lan/.local resolution services.avahi.enable = true; # .lan/.local resolution
services.avahi.nssmdns = true; # .lan/.local resolution services.avahi.nssmdns = true; # .lan/.local resolution