1
0
Fork 0
mirror of https://github.com/nix-community/home-manager synced 2024-11-14 15:19:45 +01:00
Commit graph

28 commits

Author SHA1 Message Date
midchildan
17dc593930
modules: add platform assertions 2023-02-07 21:54:24 +01:00
Dixon Sean Low Yan Feng
7026e1a934
gpg-agent: fix SSH support for fish 2023-01-18 23:49:05 +01:00
Jim Fowler
7b512c94ff
gpg-agent: invert grab and no-grab behavior
The GNU Privacy Guard 2.3 man page for `gpg-agent` describes the
`--grab` and `--no-grab` options as follows:

> Tell the pinentry to grab the keyboard and mouse. This option should
> be used on X-Servers to avoid X-sniffing attacks. Any use of the
> option --grab overrides an used option --no-grab. The default is
> --no-grab.

Therefore Home Manager should explicitly output `grab` when
`cfg.grabKeyboardAndMouse` is true. Previously Home Manager emitted
`no-grab` when `cfg.grabKeyboardAndMouse` was false.

PR #3192
2022-09-05 12:12:48 +02:00
Nick Cao
1e66e035e1
gpg-agent: set Environment to a list 2022-07-12 12:26:36 +02:00
crazymanjinn
df6010551d
gpg-agent: make shell integrations optional (#2927)
In esoteric setups, automatically setting GPG_TTY to current tty is not
desired on every shell startup. This change adds configuration options
to allow user to disable that if desired.
2022-04-30 18:38:36 -06:00
Robert Helgesson
2499b91692
treewide: apply nixfmt to a few more files 2022-02-27 02:19:44 +01:00
oxalica
736581f113
gpg-agent: rewrite hash algo in Nix to avoid IFD 2021-12-08 00:01:29 +01:00
Naïm Favier
371576cdc2
gpg-agent: remove unnecessary IFD
Make `gpgconf` only perform an import from derivation when the GPG
`homedir` is set to a non-default value, which probably isn't the case
for most users.
2021-09-15 23:09:02 +02:00
John Ericson
4367119ca3
local gpg-agent acting as ssh-agent should yield (#667) (#2253)
* gpg-agent: local agent acting as ssh-agent should yield

This happens commonly if someone using home manager with gpg-agent
acting as ssh-agent on both machines.

@rycee brought up how gpg-itself has some support for agents on both
ends, but in that case one is forwarding the gpg-agent socket rather
than forwardning the gpg-agent-as-ssh-agent socket. There is no need to
forward both.

So I think this is a good default:

 - Forward just gpg-agent socket and this doesn't matter.

 - Forward just the ssh-agent socket and this does the right thing.

 - Forward both sockets and now the ssh one takes priority instead, but
   forwarding both was always a silly thing to do.

Fix #667

* Update modules/services/gpg-agent.nix

Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>

Co-authored-by: Nicolas Berbiche <nic.berbiche@gmail.com>
2021-08-21 01:43:41 -04:00
Cole Mickens
d437baa41c
gnupg/gpg-agent: gnupg package is configurable (#1949) 2021-04-27 16:40:05 -04:00
fricklerhandwerk
6aa6556bca
gpg-agent: add GNUPG_HOMEDIR to environment (#1932)
otherwise, if `programs.gpg.homedir` is not set to default, calls to
`gpg` will fail to pick up anything related to secrets
2021-04-19 01:52:31 +02:00
fricklerhandwerk
348b5a5a69
gpg: make homedir configurable 2021-04-14 23:44:34 +02:00
Nicolas Berbiche
ddee030dc7
gpg: export GPG_TTY for fish (#1846) 2021-03-03 21:59:13 +01:00
jD91mZM2
ebf1df58da
gpg-agent: fix GnuPG by adding pinentry flavor option
See https://github.com/NixOS/nixpkgs/pull/71095.

Fixes #908
2020-01-01 13:26:21 +01:00
Kai Wohlfahrt
f83c49baa3 gpg-agent: add sshcontrol configuration
This lets gpg-agent serve specific keys with authentication capability
as SSH keys
2019-06-18 13:37:19 +01:00
Tad Fisher
26342588ab
gpg-agent: add extraConfig option 2018-08-19 21:46:25 +02:00
jD91mZM2
97ee4578c9
gpg-agent: Add maxCacheTtl(Ssh) options 2018-06-29 00:39:14 +02:00
Gleb Peregud
9bf9e7ac5c
gpg-agent: add enableExtraSocket and verbose options.
This option enables a GPG Agent restricted socket (aka "extra-socket"), which
can be used to forward GPG Agent over SSH.

Additionally `verbose` option enables verbose output of an `gpg-agent.service`
unit for easier debugging.

See: https://wiki.gnupg.org/AgentForwarding
2018-03-13 22:36:30 +01:00
Robert Helgesson
bc50202d0d
gpg-agent: do updatestartuptty only when SSH is enabled
Inspired by #163.
2018-03-04 22:20:35 +01:00
Robert Helgesson
9ea353569a
Remove deprecated option home.sessionVariableSetter 2018-02-08 22:54:29 +01:00
Robert Helgesson
576217d33a
gpg-agent: use gpgconf to set SSH socket path
Inspired by #163.
2018-01-14 15:58:59 +01:00
Roman Volosatovs
c023b0532a
gpg-agent: add missing options 2017-12-02 19:44:53 +01:00
Robert Helgesson
3aca8a938c
gpg-agent: use full path to gpg-connect-agent 2017-10-05 19:54:09 +02:00
Robert Helgesson
a8e08d14bb
Mark rycee as maintainer for a bunch of modules 2017-09-26 23:40:31 +02:00
Nikita Uvarov
42ae135d38
gpg-agent: add zsh support 2017-08-22 10:10:13 +02:00
Robert Helgesson
196db18f5b
gpg-agent: use systemd socket activation 2017-06-29 23:33:28 +02:00
Robert Helgesson
75bb0c8efb
gpg-agent: remove deprecated argument 2017-01-15 23:42:47 +01:00
Robert Helgesson
d7d02c3ce8
Initial import 2017-01-14 13:15:24 +01:00