Clean up module exports and add module to allow Nix to use an SSH agent

2022-12-27 03:06:01 -07:00 · 2022-12-27 03:06:01 -07:00 · fa1a81c7f4
commit fa1a81c7f4
parent 526b6532a5
7 changed files with 81 additions and 77 deletions
--- a/modules/default.nix
+++ b/modules/default.nix
@ -1,18 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: {
-  imports = [
-    ./ezwg.nix
-    ./kiosk.nix
-    ./ezpassthru.nix
-    ./fuckingprint.nix
-    ./workstation.nix
-    ./ezpw.nix
-    ./de2.nix
-    ./de3.nix
-    ./ezpc.nix
-  ];
-}
--- a/modules/nix-ssh-agent.nix
+++ b/modules/nix-ssh-agent.nix
@ -0,0 +1,29 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  cfg = config.nix.ssh-agent;
+in {
+  options.nix.ssh-agent = {
+    sock = lib.mkOption {
+      description = "SSH agent socket for Nix to use";
+      default = "/run/user/1000/ssh-agent";
+      type = lib.types.str;
+    };
+  };
+
+  config = lib.mkIf (cfg.sock != null) {
+    systemd.services.ssh-agent-nix-proxy = {
+      wantedBy = [ "nix-daemon.service" ];
+      before = [ "nix-daemon.service" ];
+      partOf = [ "nix-daemon.service" ];
+      serviceConfig = {
+        ExecStart = "${pkgs.socat}/bin/socat UNIX-LISTEN:/run/nix-ssh-agent,mode=770,group=nixbld,user=root,reuseaddr UNIX-CONNECT:${cfg.sock}";
+      };
+    };
+
+    nix.envVars.SSH_AUTH_SOCK = "/run/nix-ssh-agent";
+  };
+}