From 6b31c22be791b798952ec1a81457581d4298c4fa Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Fri, 26 Apr 2024 11:41:42 +0200 Subject: [PATCH] Do not use gpg-agent for ssh on headless systems --- modules/default.nix | 2 ++ users/simon/modules/gpg.nix | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/default.nix b/modules/default.nix index 9a4cbb6..3ffe4bf 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -110,6 +110,8 @@ # Support for exotic file systems boot.supportedFilesystems = lib.optional config.sbruder.full "ntfs"; + programs.ssh.startAgent = lib.mkDefault (!config.sbruder.gui.enable); + # When this is set to true (default), routing everything through a # wireguard tunnel does not work. networking.firewall.checkReversePath = false; diff --git a/users/simon/modules/gpg.nix b/users/simon/modules/gpg.nix index e4bdd24..b440afb 100644 --- a/users/simon/modules/gpg.nix +++ b/users/simon/modules/gpg.nix @@ -2,7 +2,7 @@ # # SPDX-License-Identifier: AGPL-3.0-or-later -{ nixosConfig, pkgs, ... }: +{ lib, nixosConfig, pkgs, ... }: { programs.gpg = { @@ -18,7 +18,7 @@ services.gpg-agent = rec { enable = true; enableZshIntegration = true; - enableSshSupport = true; + enableSshSupport = lib.mkDefault nixosConfig.sbruder.gui.enable; pinentryFlavor = if nixosConfig.sbruder.gui.enable then "gnome3" else "curses";