From 38cf533faf609006f42b42e8c91753c63b45d5d1 Mon Sep 17 00:00:00 2001 From: Vivien Date: Mon, 1 Nov 2021 16:14:01 +0100 Subject: Add a companion home service --- vkraus/services/guix-wot.scm | 110 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) diff --git a/vkraus/services/guix-wot.scm b/vkraus/services/guix-wot.scm index a6996a8..05dad75 100644 --- a/vkraus/services/guix-wot.scm +++ b/vkraus/services/guix-wot.scm @@ -3,6 +3,8 @@ #:use-module (gnu services shepherd) #:use-module (gnu services ssh) #:use-module (gnu services admin) + #:use-module (gnu home services) + #:use-module (gnu home services shells) #:use-module (gnu system shadow) #:use-module (guix gexp) #:use-module (guix modules) @@ -17,6 +19,7 @@ #:use-module (gnu packages minetest) #:use-module (gnu packages admin) #:use-module (gnu packages gnupg) + #:use-module (gnu packages gnome) #:use-module (srfi srfi-9) #:use-module (srfi srfi-26) #:use-module (ice-9 match) @@ -36,6 +39,16 @@ guix-system-wot-openssh guix-system-wot-service-type + + + make-guix-home-wot-configuration + guix-home-wot-configuration? + guix-home-wot-configuration-fingerprints + + guix-home-wot-bash + guix-home-wot-zsh + guix-home-wot-home-files + guix-home-wot-service-type )) ;; This module defines a guix system service that converts GPG key @@ -100,3 +113,100 @@ (description (format #f "Add every available authentication keys for each user as an auhorized SSH key.")))) + +(define-record-type + (make-guix-home-wot-configuration fingerprints) + guix-home-wot-configuration? + (fingerprints guix-home-wot-configuration-fingerprints)) + +(define %.profile + (computed-file + "run-gpg-agent-.profile" + #~(call-with-output-file #$output + (lambda (port) + (let ((gpgconf + #$(file-append gnupg "/bin/gpgconf")) + (gpg-agent + #$(file-append gnupg "/bin/gpg-agent"))) + (format port + "\ +eval $(~a --daemon --enable-ssh-support) +export SSH_AUTH_SOCK=$(~a --list-dirs agent-ssh-socket --sh) +" + gpg-agent + gpgconf)))))) + +(define guix-home-wot-bash + (match-lambda + (($ fingerprints) + (home-bash-extension + (bash-profile + (list %.profile)))))) + +(define guix-home-wot-zsh + (match-lambda + (($ fingerprints) + (home-zsh-extension + (zprofile + (list %.profile)))))) + +(define guix-home-wot-home-files + (match-lambda + (($ fingerprints) + `(("gnupg/sshcontrol" + ,(computed-file + "sshcontrol" + #~(call-with-output-file #$output + (lambda (port) + (for-each + (lambda (fingerprint) + (format port "~a\n" fingerprint)) + '(#$@fingerprints)))))) + ("gnupg/gpg-agent.conf" + ,(computed-file + "gpg-agent.conf" + #~(call-with-output-file #$output + (lambda (port) + (format port + "\ +debug-level basic +pinentry-program ~a +enable-ssh-support +" + #$(file-append pinentry-gnome3 "/bin/pinentry")))))) + ("config/autostart/gnome-keyring-ssh.desktop" + ,(computed-file + "gnome-keyring-ssh.desktop" + #~(begin + (use-modules (ice-9 textual-ports)) + (call-with-output-file #$output + (lambda (port) + (format port "\ +~a +X-GNOME-Autostart-enabled=false +" + (call-with-input-file + #$(file-append gnome-keyring + "/etc/xdg/autostart/gnome-keyring-ssh.desktop") + get-string-all + #:encoding "ISO-8859-1"))) + #:encoding "ISO-8859-1")))))))) + +(define guix-home-wot-service-type + (service-type + (name 'guix-home-wot) + (extensions + (list + (service-extension home-bash-service-type guix-home-wot-bash) + (service-extension home-zsh-service-type guix-home-wot-zsh) + (service-extension home-files-service-type guix-home-wot-home-files))) + (compose + (lambda (extensions) + (apply append extensions))) + (extend + (lambda (base-configuration other-fingerprints) + (make-guix-home-wot-configuration + (append (guix-home-wot-configuration-fingerprints base-configuration) + other-fingerprints)))) + (description + (format #f "Use the GPG agent to connect to SSH.")))) -- cgit v1.2.3