Gitiles
Code Review Sign In
git.clicks.codes / Chimera / NixFiles / e5084c5616fc1d51a8546d187282f5cb642c793d^! / . / modules
commite5084c5616fc1d51a8546d187282f5cb642c793d[log] [tgz]
authorSkyler Grey <sky@a.starrysky.fyi>Sun Jul 21 12:27:18 2024 +0000
committerSkyler Grey <minion@clicks.codes>Sat Sep 14 23:02:51 2024 +0000
tree3d01a52f5ec4de8d3f1dce18caff9a72d25ff118
parent70698fd5272bab5b72b091a21d877f430ded15ba [diff]
feat(ssh): enable ssh-agent

ssh-agent is useful for jj, as it doesn't support using openssh so can't
use keys in another way, and radicle, which when unlocked uses the
ssh-agent to store keys. It may also be nicer to use the agent than to
mess with keys in our '~/.ssh/config's

To start with, we can enable the systemd service. We should also have
a service to add all keys with known names to the agent.

Additionally, we need to start niri in a different way for it to use the
agent: for services that set variables, such as ssh-agent.service, we
can't use systemd-cat and capture them. Running niri with systemd-run
allows it to pick them up, letting us have access to SSH_AUTH_SOCK when
started with systemd

Change-Id: I1486e173f357d743172ec738bd3939dd619a003f
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/828
Reviewed-by: Samuel Shuert <coded@clicks.codes>
Tested-by: Skyler Grey <minion@clicks.codes>

diff --git a/modules/home/ssh/default.nix b/modules/home/ssh/default.nix
new file mode 100644
index 0000000..28eb5e6
--- /dev/null
+++ b/modules/home/ssh/default.nix

@@ -0,0 +1,20 @@
+{ pkgs
+, ...
+}: {
+  services.ssh-agent.enable = true;
+
+  systemd.user.services.ssh-agent-add = {
+    Unit = {
+      Description = "Automatically add ssh keys to the ssh-agent";
+      After = "ssh-agent.service";
+      Requires = "ssh-agent.service";
+    };
+
+    Service = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.bash}/bin/sh -c 'SSH_AUTH_SOCK=%t/ssh-agent ${pkgs.openssh}/bin/ssh-add'";
+    };
+
+    Install.WantedBy = [ "default.target" ];
+  };
+}

diff --git a/modules/home/wayland/niri/default.nix b/modules/home/wayland/niri/default.nix
index cdace11..571fe93 100644
--- a/modules/home/wayland/niri/default.nix
+++ b/modules/home/wayland/niri/default.nix

@@ -104,7 +104,7 @@
     programs.zsh.profileExtra = lib.mkIf config.chimera.shell.zsh.enable (
       lib.mkBefore ''
         if [ -z $WAYLAND_DISPLAY ] && [ "$(tty)" = "/dev/tty1" ]; then
-          exec ${pkgs.systemd}/bin/systemd-cat -t niri ${pkgs.dbus}/bin/dbus-run-session ${config.programs.niri.package}/bin/niri --session
+          exec ${pkgs.systemd}/bin/systemd-run --user -u niri ${pkgs.dbus}/bin/dbus-run-session ${config.programs.niri.package}/bin/niri --session
         fi
       ''
     );