Rid me of gpg-agent

2022-09-12 20:31:15 +02:00 · 2022-09-12 20:31:15 +02:00 · 78cd53df9b
parent 53fcb21a18
commit 78cd53df9b
4 changed files with 16 additions and 11 deletions
--- a/home/common-linux.nix
+++ b/home/common-linux.nix
@ -13,11 +13,11 @@ with lib; {
    ## Gnome-keyring
    services.gnome-keyring = {
      enable = true;
-      components = [ "pkcs11" "secrets" ];
+      components = [ "pkcs11" "secrets" "ssh" ];
    };
-    services.gpg-agent.enable = true;
-    services.gpg-agent.pinentryFlavor = "curses";
-    services.gpg-agent.enableSshSupport = true;
+    # services.gpg-agent.enable = true;
+    # services.gpg-agent.pinentryFlavor = "curses";
+    # services.gpg-agent.enableSshSupport = true;

    # Git "safe-directory"
    programs.git.extraConfig.safe.directory = [
--- a/home/modules/programs/my-sway/default.nix
+++ b/home/modules/programs/my-sway/default.nix
@ -197,7 +197,11 @@ in
      export SDL_VIDEODRIVER=wayland
      export QT_QPA_PLATFORM=wayland
      export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
-    '';
+    '' + (if config.services.gnome-keyring.enable then ''
+      # gnome-keyring
+      eval `${pkgs.gnome.gnome-keyring}/bin/gnome-keyring-daemon -r -d -c secrets,ssh,pkcs11`
+      export SSH_AUTH_SOCK
+    '' else "");
    # Extra
    wrapperFeatures.base = true;
    wrapperFeatures.gtk = true;
--- a/modules/services/pam/gnome-keyring.nix
+++ b/modules/services/pam/gnome-keyring.nix
@ -7,6 +7,6 @@ in
  options.nki.services.pam.enableGnomeKeyring = mkEnableOption "Enable gnome-keyring on login";
  config = mkIf cfg.enableGnomeKeyring {
    security.pam.services.login.enableGnomeKeyring = true;
-    security.pam.services.login.gnupg.enable = true;
+    # security.pam.services.login.gnupg.enable = true;
  };
 }
--- a/nki-home/configuration.nix
+++ b/nki-home/configuration.nix
@ -48,7 +48,7 @@
  networking.wireless.iwd.enable = true;

  # Set your time zone.
-  time.timeZone = "America/Toronto";
+  time.timeZone = "Europe/Zurich";

  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
  # Per-interface useDHCP will be mandatory in the future, so this generated config
@ -170,10 +170,10 @@
  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  programs.mtr.enable = true;
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };

  # List services that you want to enable:
  nki.services.edns.enable = true;
@ -183,6 +183,7 @@
    enable = true;
    wlr.enable = true;
  };
+  services.gnome.gnome-keyring.enable = true;

  # Enable the OpenSSH daemon.
  services.openssh.enable = true;