44 lines
1.0 KiB
Nix
44 lines
1.0 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
np = config.nathan.programs;
|
|
nc = config.nathan.config;
|
|
in
|
|
with lib;
|
|
{
|
|
config = mkIf np.gpg {
|
|
# Setup environment for gpg agent
|
|
environment.shellInit = ''
|
|
export GPG_TTY="$(tty)"
|
|
gpg-connect-agent /bye
|
|
export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
|
|
'';
|
|
|
|
environment.sessionVariables = {
|
|
SSH_AUTH_SOCK =
|
|
"/run/user/1000/gnupg/S.gpg-agent.ssh";
|
|
};
|
|
|
|
programs = {
|
|
# Disable ssh-agent, the gpg-agent will fill in
|
|
ssh.startAgent = false;
|
|
# Enable gpg-agent with ssh support
|
|
gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
enableExtraSocket = true;
|
|
};
|
|
};
|
|
|
|
# Enable ykpersonalize to work
|
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
|
# Enable smartcard service
|
|
services.pcscd.enable = true;
|
|
|
|
# install gnupg and yubikey personalization
|
|
environment.systemPackages = with pkgs; [
|
|
gnupg
|
|
yubikey-personalization
|
|
];
|
|
};
|
|
}
|