gpg-agent: add sshcontrol configuration

This lets gpg-agent serve specific keys with authentication capability
as SSH keys
This commit is contained in:
Kai Wohlfahrt 2019-06-18 12:59:40 +01:00
parent cf0aad391c
commit f83c49baa3

View file

@ -70,6 +70,14 @@ in
'';
};
sshKeys = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
Which GPG keys (by keygrip) to expose as SSH keys.
'';
};
enableExtraSocket = mkOption {
type = types.bool;
default = false;
@ -157,6 +165,11 @@ in
programs.zsh.initExtra = gpgInitStr;
}
(mkIf (cfg.sshKeys != null) {
# Trailing newlines are important
home.file.".gnupg/sshcontrol".text = concatMapStrings (s: "${s}\n") cfg.sshKeys;
})
# The systemd units below are direct translations of the
# descriptions in the
#