nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-12-07 01:21:03 +01:00
Code Activity

ssh-agent: add macOS support

Browse source
This commit is contained in:
XYenon 2025-11-06 14:10:26 +08:00 committed by Austin Horstman
parent d7b1ece79d
commit c053d701d6
15 changed files with 205 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

128
modules/services/ssh-agent.nix
View file

@ -23,7 +23,8 @@ in
default = "ssh-agent";
example = "ssh-agent/socket";
description = ''
The agent's socket; interpreted as a suffix to {env}`$XDG_RUNTIME_DIR`.
The agent's socket; interpreted as a suffix to {env}`$XDG_RUNTIME_DIR`
on Linux and `$(getconf DARWIN_USER_TEMP_DIR)` on macOS.
'';
};
@ -45,52 +46,91 @@ in
enableNushellIntegration = lib.hm.shell.mkNushellIntegrationOption { inherit config; };
};
config = lib.mkIf cfg.enable {
assertions = [
(lib.hm.assertions.assertPlatform "services.ssh-agent" pkgs lib.platforms.linux)
];
programs =
let
bashIntegration = ''
if [ -z "$SSH_AUTH_SOCK" ]; then
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/${cfg.socket}
fi
'';
fishIntegration = ''
if test -z "$SSH_AUTH_SOCK"
set -x SSH_AUTH_SOCK $XDG_RUNTIME_DIR/${cfg.socket}
end
'';
nushellIntegration = ''
if "SSH_AUTH_SOCK" not-in $env {
$env.SSH_AUTH_SOCK = $"($env.XDG_RUNTIME_DIR)/${cfg.socket}"
}
'';
in
config = lib.mkIf cfg.enable (
lib.mkMerge [
{
bash.initExtra = lib.mkIf cfg.enableBashIntegration bashIntegration;
programs =
let
socketPath =
if pkgs.stdenv.isDarwin then
"$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"
else
"$XDG_RUNTIME_DIR/${cfg.socket}";
zsh.initContent = lib.mkIf cfg.enableZshIntegration bashIntegration;
bashIntegration = ''
if [ -z "$SSH_AUTH_SOCK" ]; then
export SSH_AUTH_SOCK=${socketPath}
fi
'';
fish.interactiveShellInit = lib.mkIf cfg.enableFishIntegration fishIntegration;
fishIntegration = ''
if test -z "$SSH_AUTH_SOCK"
set -x SSH_AUTH_SOCK ${socketPath}
end
'';
nushell.extraConfig = lib.mkIf cfg.enableNushellIntegration nushellIntegration;
};
nushellIntegration =
if pkgs.stdenv.isDarwin then
''
if "SSH_AUTH_SOCK" not-in $env {
$env.SSH_AUTH_SOCK = $"(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"
}
''
else
''
if "SSH_AUTH_SOCK" not-in $env {
$env.SSH_AUTH_SOCK = $"($env.XDG_RUNTIME_DIR)/${cfg.socket}"
}
'';
in
{
bash.initExtra = lib.mkIf cfg.enableBashIntegration bashIntegration;
systemd.user.services.ssh-agent = {
Install.WantedBy = [ "default.target" ];
Unit = {
Description = "SSH authentication agent";
Documentation = "man:ssh-agent(1)";
};
Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${
lib.optionalString (
cfg.defaultMaximumIdentityLifetime != null
) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
}";
};
};
zsh.initContent = lib.mkIf cfg.enableZshIntegration bashIntegration;
fish.interactiveShellInit = lib.mkIf cfg.enableFishIntegration fishIntegration;
nushell.extraConfig = lib.mkIf cfg.enableNushellIntegration nushellIntegration;
};
}
(lib.mkIf pkgs.stdenv.isLinux {
systemd.user.services.ssh-agent = {
Install.WantedBy = [ "default.target" ];
Unit = {
Description = "SSH authentication agent";
Documentation = "man:ssh-agent(1)";
};
Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${
lib.optionalString (
cfg.defaultMaximumIdentityLifetime != null
) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
}";
};
})
(lib.mkIf pkgs.stdenv.isDarwin {
launchd.agents.ssh-agent = {
enable = true;
config = {
ProgramArguments = [
(lib.getExe pkgs.bash)
"-c"
''${lib.getExe' cfg.package "ssh-agent"} -D -a "$(${lib.getExe pkgs.getconf} DARWIN_USER_TEMP_DIR)/${cfg.socket}"${
lib.optionalString (
cfg.defaultMaximumIdentityLifetime != null
) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
}''
];
KeepAlive = {
Crashed = true;
SuccessfulExit = false;
};
ProcessType = "Background";
RunAtLoad = true;
};
};
})
]
);
}