summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorAlan Pearce2023-06-16 17:00:05 +0200
committerAlan Pearce2023-06-16 17:03:04 +0200
commitaec14387c6651a4a067ef2ece4105210feeb4bc9 (patch)
tree9310d30d92481b76b28682f9ea4e038fc1a5e062
parentbaef3925a7a9efecd1c666c0cbb8b3a9b7e19d34 (diff)
downloadnixfiles-aec14387c6651a4a067ef2ece4105210feeb4bc9.tar.lz
nixfiles-aec14387c6651a4a067ef2ece4105210feeb4bc9.tar.zst
nixfiles-aec14387c6651a4a067ef2ece4105210feeb4bc9.zip
Use Strongbox as an SSH agent instead of Secretive
-rw-r--r--flake.lock8
m---------private0
-rw-r--r--system/settings/configuration/user.nix2
-rw-r--r--user/settings/darwin.nix14
4 files changed, 18 insertions, 6 deletions
diff --git a/flake.lock b/flake.lock
index 34a9a879..09c5de7c 100644
--- a/flake.lock
+++ b/flake.lock
@@ -141,11 +141,11 @@
     "secrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1686549813,
-        "narHash": "sha256-PUlxkCDkEHFEI1kKoL3Hqyt0uGJAn02SfZ0d3iVXpMw=",
+        "lastModified": 1686927539,
+        "narHash": "sha256-NYua7jXxZapXU742HTKbrJc5UT+Z56EVDPKZ1y6xRro=",
         "ref": "refs/heads/main",
-        "rev": "c12bb9e097a58e53f0b7bb517e0973a34dce0ac6",
-        "revCount": 47,
+        "rev": "b98f4200cbe76a0f4809b5c5b0e9f3d11845db28",
+        "revCount": 48,
         "type": "git",
         "url": "file:///home/alan/projects/alanpearce.eu/nixfiles/private"
       },
diff --git a/private b/private
-Subproject c12bb9e097a58e53f0b7bb517e0973a34dce0ac
+Subproject b98f4200cbe76a0f4809b5c5b0e9f3d11845db2
diff --git a/system/settings/configuration/user.nix b/system/settings/configuration/user.nix
index 3fb06cc8..070d75a3 100644
--- a/system/settings/configuration/user.nix
+++ b/system/settings/configuration/user.nix
@@ -11,7 +11,7 @@
     home = "/home/alan";
     uid = 1000;
     openssh.authorizedKeys.keys = [
-      "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGzM6PoCJxMZk2qbBznZG2V+/yC+8MlF7SAc5LCp5fVeWnAMa1C1ZJ+l8EYnCPLjAq6SaM1Qxw6fTyurajdtnPM= lan@secretive.mba.local"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvcW4Z9VxOQgEJjsRC1uSMwEJ4vru9BwjT+Z50nawp4 alan"
     ];
   };
 }
diff --git a/user/settings/darwin.nix b/user/settings/darwin.nix
index 99c71326..1ffac101 100644
--- a/user/settings/darwin.nix
+++ b/user/settings/darwin.nix
@@ -1,5 +1,6 @@
 { config
 , pkgs
+, lib
 , ...
 }: {
   nixpkgs.overlays = [
@@ -141,7 +142,18 @@
     path+=($HOME/Library/Python/3.9/bin)
   '';
   programs.ssh.extraConfig = ''
-    IdentityAgent /Users/alan/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/socket.ssh
+    IdentityAgent ~/.strongbox/agent.sock
+  '';
+  home.activation.linkStrongboxSSHAgentSocket = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
+    if [[ ! -d ~/.strongbox ]]
+    then
+      $DRY_RUN_CMD mkdir ~/.strongbox
+    fi
+    if [[ ! -S ~/.strongbox/agent.sock ]]
+    then
+      $DRY_RUN_CMD ln -s $VERBOSE_ARG \
+        ~/Library/Group\ Containers/group.strongbox.mac.mcguill/agent.sock ~/.strongbox/agent.sock
+    fi
   '';
 
   # Use GPG from  GPGTools