Use gpg-agent as ssh agent
This commit is contained in:
parent
9107ce034c
commit
0318ca56f9
GPG key ID:
8D3C82F9F309F8EC
|
|
@ -98,10 +98,6 @@
|
||||||
# Support for exotic file systems
|
# Support for exotic file systems
|
||||||
boot.supportedFilesystems = lib.optional config.sbruder.full "ntfs";
|
boot.supportedFilesystems = lib.optional config.sbruder.full "ntfs";
|
||||||
|
|
||||||
# Authentication/Encryption agents
|
|
||||||
programs.gnupg.agent.enable = true;
|
|
||||||
programs.ssh.startAgent = true;
|
|
||||||
|
|
||||||
# When this is set to true (default), routing everything through a
|
# When this is set to true (default), routing everything through a
|
||||||
# wireguard tunnel does not work.
|
# wireguard tunnel does not work.
|
||||||
networking.firewall.checkReversePath = false;
|
networking.firewall.checkReversePath = false;
|
||||||
|
|
|
||||||
|
|
@ -52,4 +52,7 @@ lib.mkIf config.sbruder.gui.enable {
|
||||||
mode = "440";
|
mode = "440";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# required for pinentry-gnome3
|
||||||
|
services.dbus.packages = [ pkgs.gcr ];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
{ nixosConfig, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
programs.gpg = {
|
programs.gpg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
@ -5,4 +7,17 @@
|
||||||
default-key = "47E7559E037A35652DBBF8AA8D3C82F9F309F8EC";
|
default-key = "47E7559E037A35652DBBF8AA8D3C82F9F309F8EC";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.gpg-agent = rec {
|
||||||
|
enable = true;
|
||||||
|
enableZshIntegration = true;
|
||||||
|
enableSshSupport = true;
|
||||||
|
|
||||||
|
pinentryFlavor = if nixosConfig.sbruder.gui.enable then "gnome3" else "curses";
|
||||||
|
|
||||||
|
defaultCacheTtl = 300;
|
||||||
|
defaultCacheTtlSsh = defaultCacheTtl;
|
||||||
|
maxCacheTtl = 1800;
|
||||||
|
maxCacheTtlSsh = maxCacheTtl;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue