Commit Graph

18 Commits

Author SHA1 Message Date
Philip Potter
e4029c34fc yubikey-agent: init at 0.1.3
This adds yubikey-agent as a package and a nixos module.

On macOS, we use `wrapProgram` to set pinentry_mac as default in PATH;
on Linux we rely on the user to set their preferred pinentry in PATH.
In particular, we use a systemd override to prefix PATH to select a
chosen pinentry program if specified.

On Linux, we need libnotify to provide the notify-send utility for
desktop notifications (such as "Waiting for Yubikey touch...").

This might work on other flavors of unix, but I haven't tested.

We reuse the programs.gnupg.agent.pinentryFlavor option for
yubikey-agent, but in doing so I hit a problem: pinentryFlavour's
default value is specified in a mkDefault, but only conditionally.  We
ought to be able to pick up the pinentryFlavour whether or not gpg-agent
is running.  As a result, this commit moves the default value to the
definition of programs.gnupg.agent.enable.
2020-07-16 15:29:33 +01:00
edef
bfe1c69ede nixos/gnupg: actually use the configured gpg package
Previously, this would ignore the `package` option if `pinentryFlavor`
was set.
2020-01-24 15:54:57 +00:00
Yury G. Kudryashov
7240566f74 nixos/gnupg: add dbus dependencies for gnome3 pinentry 2019-11-01 08:58:11 -04:00
Yury G. Kudryashov
1105cec98d gnupg: fix pinentry in sway (fix a typo in 3c39093c0d) 2019-10-30 02:00:39 -04:00
Robin Gloster
3c39093c0d
gnupg: fix pinentry on sway 2019-10-29 20:30:23 +01:00
Franz Pletz
3d832dee59 gnupg: disable gui/pinentry support by default
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.

NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.

Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:16 -04:00
Franz Pletz
c2576266ba nixos/gnupg: add option for setting pinentry flavours
Co-authored-by: Florian Klink <flokli@flokli.de>
2019-10-16 20:31:05 -04:00
Daniel Hirschberger
9a6adc1619 nixos/gnupg: Add gpg to systemPackages 2019-08-24 21:30:49 +02:00
Bastian Köcher
c0deb007fc programs.gnupg: Support setting the gnupg package 2019-04-05 08:49:53 +02:00
Emanuel Evans
ddabdc0a1e
nixos/gnupg: set SSH_AUTH_SOCK in non-interactive settings
`SSH_AUTH_SOCK` is useful in some non-interactive settings, for instance
daemonized Emacs. Fixes #55733.
2019-02-23 10:49:32 -08:00
Heitham Omar
433ea7bf3a gnupg: Fix, set current tty in interactive shell
GPG_TTY was not being set to the current tty, breaking pinentry-tty/pinentry-curses.
2018-10-21 10:19:04 +01:00
Franz Pletz
32e7904624
gnupg agent module: fix ssh agent assertion logic 2017-08-04 02:07:49 +02:00
Robin Gloster
b8d92a7840
programs.gnupg: use extraInit instead of interactiveShellInit
Otherwise some programmes cannot use the GPG agent, e.g. applications
started from dmenu.

Behaviour was changed in #26888, this reverts that part.
2017-07-17 18:45:37 +02:00
Daniel Fullmer
627260ddbf gnupg agent module: Only set tty for interactive shells 2017-07-14 00:22:20 +02:00
Daniel Fullmer
38e971d2e1 gnupg agent module: Fix dirmngr.enable option 2017-07-14 00:22:20 +02:00
Daniel Fullmer
3d360a5ffb gnupg agent module: Remove unnecessary unit configuration
These just seem to duplicate upstream systemd units, which are already
included in nixos configuration by systemd.packages
2017-07-14 00:22:20 +02:00
Roger Qiu
1b6176e45b gnupg module: Added extra and browser sockets (#26295)
Also added dirmngr and made SSH support false by default
due to programs.ssh.startAgent defaulting to true.
2017-06-15 19:40:09 +02:00
Franz Pletz
04158d9aba
gnupg agent module: init
Creates a systemd user service and updates the tty on new logins so
that gpg-agent may find the current tty even if the SSH agent mode
is used.
2017-05-29 15:05:29 +02:00