some apps, and GPG/SSH

2026-03-24 07:34:30 +01:00
parent 2e0bc0bae2
commit acf2b21f72
5 changed files with 75 additions and 43 deletions
--- a/modules/shared/home-manager.nix
+++ b/modules/shared/home-manager.nix
@@ -11,6 +11,16 @@ let
 in
 {

+  gpg = {
+    enable = true;
+    settings = {
+      default-key = "01B157D574FEDBB2" ;
+      no-emit-version = true;
+      auto-key-retrieve = true;
+      personal-digest-preferences= "SHA512 SHA384 SHA256 SHA224";
+    };
+  };
+

  # Shared shell configuration
  zsh = {
@@ -34,6 +44,10 @@ in
            . /nix/var/nix/profiles/default/etc/profile.d/nix.sh
          fi

+
+          # GPGAgent for SSH
+          export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
+
          # Define variables for directories
          export PATH=$HOME/.pnpm-packages/bin:$HOME/.pnpm-packages:$PATH
          export PATH=$HOME/.npm-packages/bin:$HOME/bin:$PATH
@@ -292,36 +306,26 @@ in

  ssh = {
    enable = true;
-    
+
    enableDefaultConfig = false;
-    matchBlocks."*" = { 
-      forwardAgent = false; 
-      addKeysToAgent = "no"; 
-      compression = false; 
-      serverAliveInterval = 0; 
-      serverAliveCountMax = 3; 
-      hashKnownHosts = false; 
-      userKnownHostsFile = "~/.ssh/known_hosts"; 
-      controlMaster = "no"; 
-      controlPath = "~/.ssh/master-%r@%n:%p"; 
-      controlPersist = "no"; 
-      };
+    matchBlocks."*" = {
+      forwardAgent = false;
+      addKeysToAgent = "no";
+      compression = false;
+      serverAliveInterval = 0;
+      serverAliveCountMax = 3;
+      hashKnownHosts = false;
+      userKnownHostsFile = "~/.ssh/known_hosts";
+      controlMaster = "no";
+      controlPath = "~/.ssh/master-%r@%n:%p";
+      controlPersist = "no";
+    };
    includes = [
      (lib.mkIf pkgs.stdenv.hostPlatform.isLinux "/home/${user}/.ssh/config_external")
      (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin "/Users/${user}/.ssh/config_external")
    ];
    matchBlocks = {
-      "Host *" = {
-        identityAgent = "\"~/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock\"";
-      };
-      "github.com" = {
-        identitiesOnly = true;
-        identityFile = [
-          (lib.mkIf pkgs.stdenv.hostPlatform.isLinux "/home/${user}/.ssh/id_github")
-          (lib.mkIf pkgs.stdenv.hostPlatform.isDarwin "/Users/${user}/.ssh/id_github")
-        ];
-      };
-      "moonunit.kolkman.org" = {
+     "moonunit.kolkman.org" = {
        hostname = "moonunit.kolkman.org";
        user = "root";
        port = 2222;
@@ -412,4 +416,7 @@ in
      bind-key -T copy-mode-vi 'C-\' select-pane -l
    '';
  };
+
+
+
 }
--- a/modules/shared/packages.nix
+++ b/modules/shared/packages.nix
@@ -11,12 +11,14 @@ with pkgs;
  firefox 
 #  google-chrome. #stopped working

-
+  # security and some such
  bitwarden-desktop
-  bitwarden-cli
+#  bitwarden-cli
+  yubikey-manager   # provides ykman
+  pinentry_mac

  # General packages for development and system management
-  #alacritty
+  alacritty
  ansible
  aspell
  aspellDicts.en
@@ -90,7 +92,7 @@ with pkgs;
  htop
  hunspell
  iftop
-  inetutils # includes Telnet
+#  inetutils # includes Telnet
  jetbrains-mono
  jq
  ripgrep