summaryrefslogtreecommitdiff
path: root/vkraus
diff options
context:
space:
mode:
Diffstat (limited to 'vkraus')
-rw-r--r--vkraus/services/guix-wot.scm110
1 files changed, 110 insertions, 0 deletions
diff --git a/vkraus/services/guix-wot.scm b/vkraus/services/guix-wot.scm
index a6996a8..05dad75 100644
--- a/vkraus/services/guix-wot.scm
+++ b/vkraus/services/guix-wot.scm
@@ -3,6 +3,8 @@
#:use-module (gnu services shepherd)
#:use-module (gnu services ssh)
#:use-module (gnu services admin)
+ #:use-module (gnu home services)
+ #:use-module (gnu home services shells)
#:use-module (gnu system shadow)
#:use-module (guix gexp)
#:use-module (guix modules)
@@ -17,6 +19,7 @@
#:use-module (gnu packages minetest)
#:use-module (gnu packages admin)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages gnome)
#:use-module (srfi srfi-9)
#:use-module (srfi srfi-26)
#:use-module (ice-9 match)
@@ -36,6 +39,16 @@
guix-system-wot-openssh
guix-system-wot-service-type
+
+ <guix-home-wot-configuration>
+ make-guix-home-wot-configuration
+ guix-home-wot-configuration?
+ guix-home-wot-configuration-fingerprints
+
+ guix-home-wot-bash
+ guix-home-wot-zsh
+ guix-home-wot-home-files
+ guix-home-wot-service-type
))
;; This module defines a guix system service that converts GPG key
@@ -100,3 +113,100 @@
(description
(format #f "Add every available authentication keys for each user
as an auhorized SSH key."))))
+
+(define-record-type <guix-home-wot-configuration>
+ (make-guix-home-wot-configuration fingerprints)
+ guix-home-wot-configuration?
+ (fingerprints guix-home-wot-configuration-fingerprints))
+
+(define %.profile
+ (computed-file
+ "run-gpg-agent-.profile"
+ #~(call-with-output-file #$output
+ (lambda (port)
+ (let ((gpgconf
+ #$(file-append gnupg "/bin/gpgconf"))
+ (gpg-agent
+ #$(file-append gnupg "/bin/gpg-agent")))
+ (format port
+ "\
+eval $(~a --daemon --enable-ssh-support)
+export SSH_AUTH_SOCK=$(~a --list-dirs agent-ssh-socket --sh)
+"
+ gpg-agent
+ gpgconf))))))
+
+(define guix-home-wot-bash
+ (match-lambda
+ (($ <guix-home-wot-configuration> fingerprints)
+ (home-bash-extension
+ (bash-profile
+ (list %.profile))))))
+
+(define guix-home-wot-zsh
+ (match-lambda
+ (($ <guix-home-wot-configuration> fingerprints)
+ (home-zsh-extension
+ (zprofile
+ (list %.profile))))))
+
+(define guix-home-wot-home-files
+ (match-lambda
+ (($ <guix-home-wot-configuration> fingerprints)
+ `(("gnupg/sshcontrol"
+ ,(computed-file
+ "sshcontrol"
+ #~(call-with-output-file #$output
+ (lambda (port)
+ (for-each
+ (lambda (fingerprint)
+ (format port "~a\n" fingerprint))
+ '(#$@fingerprints))))))
+ ("gnupg/gpg-agent.conf"
+ ,(computed-file
+ "gpg-agent.conf"
+ #~(call-with-output-file #$output
+ (lambda (port)
+ (format port
+ "\
+debug-level basic
+pinentry-program ~a
+enable-ssh-support
+"
+ #$(file-append pinentry-gnome3 "/bin/pinentry"))))))
+ ("config/autostart/gnome-keyring-ssh.desktop"
+ ,(computed-file
+ "gnome-keyring-ssh.desktop"
+ #~(begin
+ (use-modules (ice-9 textual-ports))
+ (call-with-output-file #$output
+ (lambda (port)
+ (format port "\
+~a
+X-GNOME-Autostart-enabled=false
+"
+ (call-with-input-file
+ #$(file-append gnome-keyring
+ "/etc/xdg/autostart/gnome-keyring-ssh.desktop")
+ get-string-all
+ #:encoding "ISO-8859-1")))
+ #:encoding "ISO-8859-1"))))))))
+
+(define guix-home-wot-service-type
+ (service-type
+ (name 'guix-home-wot)
+ (extensions
+ (list
+ (service-extension home-bash-service-type guix-home-wot-bash)
+ (service-extension home-zsh-service-type guix-home-wot-zsh)
+ (service-extension home-files-service-type guix-home-wot-home-files)))
+ (compose
+ (lambda (extensions)
+ (apply append extensions)))
+ (extend
+ (lambda (base-configuration other-fingerprints)
+ (make-guix-home-wot-configuration
+ (append (guix-home-wot-configuration-fingerprints base-configuration)
+ other-fingerprints))))
+ (description
+ (format #f "Use the GPG agent to connect to SSH."))))