xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos-config/modules/nixos/ssh-tpm-agent.nix

53 lines
1.3 KiB
Nix
Raw Blame History

# Temporary workaround
{
config,
pkgs,
lib,
...
}:
let
cfg = config.services.ssh-tpm-agent;
in
{
options = {
services.ssh-tpm-agent.enable = lib.mkEnableOption "TPM supported ssh agent in go";
};
config = lib.mkIf cfg.enable {
systemd.user.services.ssh-tpm-agent = {
enable = true;
unitConfig = {
Description = "SSH TPM agent service";
Documentation = "man:ssh-agent(1) man:ssh-add(1) man:ssh(1)";
Requires = "ssh-tpm-agent.socket";
ConditionEnvironment = "!SSH_AGENT_PID";
};
serviceConfig = {
Environment = "SSH_AUTH_SOCK=%t/ssh-tpm-agent.socket";
ExecStart = "${pkgs.ssh-tpm-agent}/bin/ssh-tpm-agent";
PassEnvironment = "SSH_AGENT_PID";
SuccessExitStatus = 2;
Type = "simple";
};
wants = [ "ssh-tpm-agent.socket" ];
};
systemd.user.sockets.ssh-tpm-agent = {
enable = true;
description = "SSH TPM agent socket";
socketConfig = {
ListenStream = "%t/ssh-tpm-agent.sock";
SocketMode = "0600";
Service = "ssh-tpm-agent.service";
};
wantedBy = [ "sockets.target" ];
};
environment = {
systemPackages = [ pkgs.ssh-tpm-agent ];
extraInit = ''
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-tpm-agent.sock"
'';
};
};
}
Reference in a new issue View git blame Copy permalink