From 16c710d4a510774df9cfd42686171e421f241f2d Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Tue, 16 Feb 2021 15:54:22 +0100
Subject: [PATCH] shell/unlock: Make unlock work if agent is locked

---
 shell.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/shell.nix b/shell.nix
index df9d51a..d8c1d75 100644
--- a/shell.nix
+++ b/shell.nix
@@ -34,6 +34,8 @@ let
       set -eo pipefail
       machine="$1"
       hostname="$(nix-instantiate --eval --json machines -A "$1".target | ${pkgs.jq}/bin/jq -r . | cut -d@ -f2)"
+      # opening luks fails if gpg-agent is not unlocked yet
+      pass "devices/$machine/luks" >/dev/null
       ssh \
           -oStrictHostKeyChecking=no \
           -oGlobalKnownHostsFile=<(echo "[$hostname]:2222 ssh-ed25519 $(ssh-keygen -l -f <(ssh-keygen -y -f<(pass "nixos/machines/$machine/initrd-ssh-host-key")) | cut -d' ' -f2)") \