1
0
Fork 0

Compare commits

...

2 commits

Author SHA1 Message Date
4c4fe60679
styx: update ssh-agent setup
All checks were successful
Build / build-amd64-linux (push) Successful in 29s
Build / build-arm64-linux (push) Successful in 5m30s
2024-02-16 23:06:54 +01:00
9d6a555ccb
Update deps 2024-02-16 20:19:02 +01:00
2 changed files with 24 additions and 11 deletions

View file

@ -355,11 +355,11 @@
},
"nixos-unstable": {
"locked": {
"lastModified": 1708015737,
"narHash": "sha256-wJmOLO9LruqgwcI3JpTd+8lzWt4jW7p73axqkx4R2vQ=",
"lastModified": 1708057191,
"narHash": "sha256-O3M5EGAeKZdEzfFIjqah0d8M44A4QCSVwvkbz4cbC2s=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "cdbfd603de28a39ba532d9285e0045c505ce21c8",
"rev": "5e55f0bb65124b05d0a52e164514c03596023634",
"type": "github"
},
"original": {
@ -405,11 +405,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1708055921,
"narHash": "sha256-GDwp8KVykefTmXCJOsEgcqHVkGVc6SP5v4DoGwcW4H0=",
"lastModified": 1708085864,
"narHash": "sha256-pQ6Xki/tqw5vZkOxYwWJSG4Xmhvp+GbRZolr4qJ+r4U=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1e9717151a29946cfbd43a2f5035f4f22b1ffd36",
"rev": "f5a4d49bfd4569024630de517f9b074390c2c82f",
"type": "github"
},
"original": {

View file

@ -4,7 +4,7 @@ let
secret = import ../../../secret/hosts/Styx.nix;
ssh-directory = "${config.home.homeDirectory}/.ssh";
auth-socket = "${ssh-directory}/1password.sock";
auth-socket = "${config.home.homeDirectory}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock";
signers-directory = "${ssh-directory}/allowed_signers";
shared-private = import ./shared/private.nix;
@ -24,8 +24,7 @@ in
serverAliveInterval = 60;
extraConfig = ''
IdentityAgent "${auth-socket}"
UpdateHostKeys ask
# VerifyHostKeyDNS yes
VerifyHostKeyDNS yes
'';
matchBlocks = shared-private.matchBlocks // shared-work.matchBlocks;
@ -35,8 +34,6 @@ in
];
};
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
home.file = {
"${ssh-directory}/GitHub.pub".text = ssh-keys.GitHub;
"${ssh-directory}/GitLab.pub".text = ssh-keys.GitLab;
@ -48,4 +45,20 @@ in
recursive = true;
};
};
# Make agent available to all programs
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
launchd.agents.SSH_AUTH_SOCK = {
enable = true;
config = {
ProgramArguments = [
"/bin/sh"
"-c"
"/bin/ln -sf \"${auth-socket}\" $SSH_AUTH_SOCK"
];
RunAtLoad = true;
};
};
}