nix-community/home-manager
1
0
Fork 0
mirror of https://github.com/nix-community/home-manager.git synced 2025-11-08 19:46:05 +01:00
Code Activity
home-manager/modules/services/ssh-agent.nix
Simon Gate 39d26c1686
ssh-agent: add defaultMaximumIdentityLifetime setting (#7876) 
Add option to ssh-agent to add a default value for the maximum lifetime
of identities added to the agent.
2025-09-25 09:26:39 -05:00

64 lines
1.6 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.ssh-agent;
in
{
meta.maintainers = [
lib.maintainers.bmrips
lib.hm.maintainers.lheckemann
];
options.services.ssh-agent = {
enable = lib.mkEnableOption "OpenSSH private key agent";
package = lib.mkPackageOption pkgs "openssh" { };
socket = lib.mkOption {
type = lib.types.str;
default = "ssh-agent";
example = "ssh-agent/socket";
description = ''
The agent's socket; interpreted as a suffix to {env}`$XDG_RUNTIME_DIR`.
'';
};
defaultMaximumIdentityLifetime = lib.mkOption {
type = lib.types.nullOr lib.types.ints.positive;
default = null;
example = 3600;
description = ''
Set a default value for the maximum lifetime in seconds of identities added to the agent.
'';
};
};
config = lib.mkIf cfg.enable {
assertions = [
(lib.hm.assertions.assertPlatform "services.ssh-agent" pkgs lib.platforms.linux)
];
home.sessionVariablesExtra = ''
if [ -z "$SSH_AUTH_SOCK" ]; then
export SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/${cfg.socket}
fi
'';
systemd.user.services.ssh-agent = {
Install.WantedBy = [ "default.target" ];
Unit = {
Description = "SSH authentication agent";
Documentation = "man:ssh-agent(1)";
};
Service.ExecStart = "${lib.getExe' cfg.package "ssh-agent"} -D -a %t/${cfg.socket}${
lib.optionalString (
cfg.defaultMaximumIdentityLifetime != null
) " -t ${toString cfg.defaultMaximumIdentityLifetime}"
}";
};
};
}
View git blame Copy permalink