diff --git a/modules/services/ssh-agent.nix b/modules/services/ssh-agent.nix index 6a0e2f615..b3f7ccf77 100644 --- a/modules/services/ssh-agent.nix +++ b/modules/services/ssh-agent.nix @@ -46,91 +46,85 @@ in enableNushellIntegration = lib.hm.shell.mkNushellIntegrationOption { inherit config; }; }; - config = lib.mkIf cfg.enable ( - lib.mkMerge [ - { - programs = + config = lib.mkIf cfg.enable { + + programs = + let + socketPath = + if pkgs.stdenv.isDarwin then + "$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}" + else + "$XDG_RUNTIME_DIR/${cfg.socket}"; + + # Preserve $SSH_AUTH_SOCK only if it stems from a forwarded agent which + # is the case if both $SSH_AUTH_SOCK and $SSH_CONNECTION are set. + bashIntegration = '' + if [ -z "$SSH_AUTH_SOCK" -o -z "$SSH_CONNECTION" ]; then + export SSH_AUTH_SOCK=${socketPath} + fi + ''; + fishIntegration = '' + if test -z "$SSH_AUTH_SOCK"; or test -z "$SSH_CONNECTION" + set -x SSH_AUTH_SOCK ${socketPath} + end + ''; + nushellIntegration = let + unsetOrEmpty = var: ''("${var}" not-in $env) or ($env.${var} | is-empty)''; socketPath = if pkgs.stdenv.isDarwin then - "$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}" + ''$"(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"'' else - "$XDG_RUNTIME_DIR/${cfg.socket}"; - - # Preserve $SSH_AUTH_SOCK only if it stems from a forwarded agent, - # which is the case if both $SSH_AUTH_SOCK and $SSH_CONNECTION are - # set. - bashIntegration = '' - if [ -z "$SSH_AUTH_SOCK" -o -z "$SSH_CONNECTION" ]; then - export SSH_AUTH_SOCK=${socketPath} - fi - ''; - fishIntegration = '' - if test -z "$SSH_AUTH_SOCK"; or test -z "$SSH_CONNECTION" - set -x SSH_AUTH_SOCK ${socketPath} - end - ''; - nushellIntegration = - let - unsetOrEmpty = var: ''("${var}" not-in $env) or ($env.${var} | is-empty)''; - socketPath = - if pkgs.stdenv.isDarwin then - ''$"(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"'' - else - ''$"($env.XDG_RUNTIME_DIR)/${cfg.socket}"''; - in - '' - if ${unsetOrEmpty "SSH_AUTH_SOCK"} or ${unsetOrEmpty "SSH_CONNECTION"} { - $env.SSH_AUTH_SOCK = ${socketPath} - } - ''; + ''$"($env.XDG_RUNTIME_DIR)/${cfg.socket}"''; in - { - # $SSH_AUTH_SOCK has to be set early since other tools rely on it - bash.profileExtra = lib.mkIf cfg.enableBashIntegration (lib.mkOrder 900 bashIntegration); - fish.shellInit = lib.mkIf cfg.enableFishIntegration (lib.mkOrder 900 fishIntegration); - nushell.extraConfig = lib.mkIf cfg.enableNushellIntegration (lib.mkOrder 900 nushellIntegration); - zsh.envExtra = lib.mkIf cfg.enableZshIntegration (lib.mkOrder 900 bashIntegration); - }; - } + '' + if ${unsetOrEmpty "SSH_AUTH_SOCK"} or ${unsetOrEmpty "SSH_CONNECTION"} { + $env.SSH_AUTH_SOCK = ${socketPath} + } + ''; + in + { + # $SSH_AUTH_SOCK has to be set early since other tools rely on it + bash.profileExtra = lib.mkIf cfg.enableBashIntegration (lib.mkOrder 900 bashIntegration); + fish.shellInit = lib.mkIf cfg.enableFishIntegration (lib.mkOrder 900 fishIntegration); + nushell.extraConfig = lib.mkIf cfg.enableNushellIntegration (lib.mkOrder 900 nushellIntegration); + zsh.envExtra = lib.mkIf cfg.enableZshIntegration (lib.mkOrder 900 bashIntegration); + }; - (lib.mkIf pkgs.stdenv.isLinux { - systemd.user.services.ssh-agent = { - Install.WantedBy = [ "default.target" ]; - Unit = { - Description = "SSH authentication agent"; - Documentation = "man:ssh-agent(1)"; - }; - Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${ + systemd.user.services.ssh-agent = { + Install.WantedBy = [ "default.target" ]; + Unit = { + Description = "SSH authentication agent"; + Documentation = "man:ssh-agent(1)"; + }; + Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${ + lib.optionalString ( + cfg.defaultMaximumIdentityLifetime != null + ) " -t ${toString cfg.defaultMaximumIdentityLifetime}" + }"; + }; + + launchd.agents.ssh-agent = { + enable = true; + config = { + ProgramArguments = [ + (lib.getExe pkgs.bash) + "-c" + ''${lib.getExe' cfg.package "ssh-agent"} -D -a "$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"${ lib.optionalString ( cfg.defaultMaximumIdentityLifetime != null ) " -t ${toString cfg.defaultMaximumIdentityLifetime}" - }"; + }'' + ]; + KeepAlive = { + Crashed = true; + SuccessfulExit = false; }; - }) + ProcessType = "Background"; + RunAtLoad = true; + }; + }; + + }; - (lib.mkIf pkgs.stdenv.isDarwin { - launchd.agents.ssh-agent = { - enable = true; - config = { - ProgramArguments = [ - (lib.getExe pkgs.bash) - "-c" - ''${lib.getExe' cfg.package "ssh-agent"} -D -a "$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"${ - lib.optionalString ( - cfg.defaultMaximumIdentityLifetime != null - ) " -t ${toString cfg.defaultMaximumIdentityLifetime}" - }'' - ]; - KeepAlive = { - Crashed = true; - SuccessfulExit = false; - }; - ProcessType = "Background"; - RunAtLoad = true; - }; - }; - }) - ] - ); }