ssh-agent: add option for the socket name

2025-11-08 19:46:05 +01:00 · 2025-08-14 00:05:07 +02:00 · 2025-08-14 00:05:07 +02:00 · 94a238f9c1
commit 94a238f9c1
parent af03309c12
3 changed files with 23 additions and 24 deletions
--- a/modules/services/ssh-agent.nix
+++ b/modules/services/ssh-agent.nix
@ -6,7 +6,6 @@
 }:

 let
-
  cfg = config.services.ssh-agent;

 in
@ -16,11 +15,18 @@ in
    lib.hm.maintainers.lheckemann
  ];

-  options = {
-    services.ssh-agent = {
-      enable = lib.mkEnableOption "OpenSSH private key agent";
+  options.services.ssh-agent = {
+    enable = lib.mkEnableOption "OpenSSH private key agent";

-      package = lib.mkPackageOption pkgs "openssh" { };
+    package = lib.mkPackageOption pkgs "openssh" { };
+
+    socket = lib.mkOption {
+      type = lib.types.str;
+      default = "ssh-agent";
+      example = "ssh-agent/socket";
+      description = ''
+        The agent's socket; interpreted as a suffix to {env}`$XDG_RUNTIME_DIR`.
+      '';
    };
  };

@ -31,21 +37,17 @@ in

    home.sessionVariablesExtra = ''
      if [ -z "$SSH_AUTH_SOCK" ]; then
-        export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent
+        export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/${cfg.socket}
      fi
    '';

    systemd.user.services.ssh-agent = {
      Install.WantedBy = [ "default.target" ];
-
      Unit = {
        Description = "SSH authentication agent";
        Documentation = "man:ssh-agent(1)";
      };
-
-      Service = {
-        ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/ssh-agent";
-      };
+      Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}";
    };
  };
 }
--- a/tests/modules/services/ssh-agent/basic-service-expected.service
+++ b/tests/modules/services/ssh-agent/basic-service-expected.service
@ -2,7 +2,7 @@
 WantedBy=default.target

 [Service]
-ExecStart=@openssh@/bin/ssh-agent -D -a %t/ssh-agent
+ExecStart=@openssh@/bin/ssh-agent -D -a %t/ssh-agent/socket

 [Unit]
 Description=SSH authentication agent
--- a/tests/modules/services/ssh-agent/basic-service.nix
+++ b/tests/modules/services/ssh-agent/basic-service.nix
@ -1,15 +1,12 @@
-{ config, ... }:
-
 {
-  config = {
-    services.ssh-agent = {
-      enable = true;
-    };
-
-    nmt.script = ''
-      assertFileContent \
-        home-files/.config/systemd/user/ssh-agent.service \
-        ${./basic-service-expected.service}
-    '';
+  services.ssh-agent = {
+    enable = true;
+    socket = "ssh-agent/socket";
  };
+
+  nmt.script = ''
+    assertFileContent \
+      home-files/.config/systemd/user/ssh-agent.service \
+      ${./basic-service-expected.service}
+  '';
 }