futurile/guix-play
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gnu: home: services: Add home-ssh-agent-service-type.

Browse Source 
* gnu/home/services/ssh.scm: (<home-ssh-agent-configuration>): New type.
(home-ssh-agent-services): New procedure.
(home-ssh-agent-service-type): New variable.
* doc/guix.texi (Secure Shell): Document it.
This commit is contained in:
Jan (janneke) Nieuwenhuizen 2023-03-05 17:17:04 +01:00 committed by Janneke Nieuwenhuizen
parent 076fa659ef
commit 2c2f382e75
No known key found for this signature in database
GPG Key ID: F3C1A0D9C1D65273
2 changed files with 108 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
doc/guix.texi
View File

@ -36,7 +36,7 @@ Copyright @copyright{} 2016, 2017, 2018, 2021 Chris Marusich@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022 Efraim Flashner@* Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022 Efraim Flashner@*
Copyright @copyright{} 2016 John Darrington@* Copyright @copyright{} 2016 John Darrington@*
Copyright @copyright{} 2016, 2017 Nikita Gillmann@* Copyright @copyright{} 2016, 2017 Nikita Gillmann@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020 Jan Nieuwenhuizen@* Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2023 Jan Nieuwenhuizen@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Julien Lepiller@* Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Julien Lepiller@*
Copyright @copyright{} 2016 Alex ter Weele@* Copyright @copyright{} 2016 Alex ter Weele@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Christopher Baines@* Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Christopher Baines@*
@ -42464,6 +42464,60 @@ Extra content appended as-is to this @code{Host} block in
@c %end of fragment @c %end of fragment
@cindex ssh-agent
The @uref{https://www.openssh.com, OpenSSH package} includes a daemon,
the @command{ssh-agent} command, that manages keys to connect to remote
machines using the @acronym{SSH, secure shell} protocol. With the
@code{(gnu home services ssh-agent)} service, you can configure the
OpenSSH ssh-agent to run upon login.
When using the @code{home-ssh-agent-service-type}, you need to add your
@file{~/.bash_profile}:
@example
SSH_AUTH_SOCK=$@{XDG_RUNTIME_DIR-$HOME/.cache@}/ssh-agent/socket
export SSH_AUTH_SOCK
@end example
Of course, you can do that using the @code{home-bash-service-type}, by
adding something like:
@lisp
(environment-variables
'(("SSH_AUTH_SOCK"
. "$@{SSH_AUTH_SOCK-$@{XDG_RUNTIME_DIR-$HOME/.cache@}/ssh-agent/socket@}")))
@end lisp
Here is an example of a service and its configuration that you could add
to the @code{services} field of your @code{home-environment}:
@lisp
(service home-ssh-agent-service-type
(home-ssh-agent-configuration
(extra-options '("-t" "1h30m"))))
@end lisp
@defvr {Scheme Variable} home-ssh-agent-service-type
This is the type of the @code{git daemon} home service, whose value is an
@code{home-ssh-agent-configuration} object.
@end defvr
@deftp {Data Type} home-ssh-agent-configuration
Available @code{home-ssh-agent-configuration} fields are:
@table @asis
@item @code{git} (default: @code{git}) (type: file-like)
The git package to use.
@item @code{socket-directory} (default: @code{@env{XDG_RUNTIME_DIR}/ssh-agent"}) (type: string)
The directory to write the ssh-agent's @file{socket} file.
@item @code{extra-options} (default: @code{'()})
Extra options will be passed to @command{ssh-agent}, please run
@command{man ssh-agent} for more information.
@end table
@end deftp
@node Desktop Home Services @node Desktop Home Services
@subsection Desktop Home Services @subsection Desktop Home Services

54
gnu/home/services/ssh.scm
View File

@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2022 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2022 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
@ -25,9 +26,12 @@
#:use-module (gnu services configuration) #:use-module (gnu services configuration)
#:use-module (guix modules) #:use-module (guix modules)
#:use-module (gnu home services) #:use-module (gnu home services)
#:use-module (gnu home services shepherd)
#:use-module ((gnu home services utils) #:use-module ((gnu home services utils)
#:select (object->camel-case-string)) #:select (object->camel-case-string))
#:autoload (gnu packages base) (glibc-utf8-locales) #:autoload (gnu packages base) (glibc-utf8-locales)
#:use-module (gnu packages ssh)
#:use-module (shepherd support)
#:use-module (srfi srfi-1) #:use-module (srfi srfi-1)
#:use-module (srfi srfi-34) #:use-module (srfi srfi-34)
#:use-module (srfi srfi-35) #:use-module (srfi srfi-35)
@ -36,6 +40,7 @@
home-openssh-configuration-authorized-keys home-openssh-configuration-authorized-keys
home-openssh-configuration-known-hosts home-openssh-configuration-known-hosts
home-openssh-configuration-hosts home-openssh-configuration-hosts
home-ssh-agent-configuration
openssh-host openssh-host
openssh-host-host-name openssh-host-host-name
@ -52,7 +57,8 @@
openssh-host-accepted-key-types openssh-host-accepted-key-types
openssh-host-extra-content openssh-host-extra-content
home-openssh-service-type)) home-openssh-service-type
home-ssh-agent-service-type))
(define (serialize-field-name name) (define (serialize-field-name name)
(match name (match name
@ -254,3 +260,49 @@ inserted after each of them."
by providing a @file{~/.ssh/config} file, which is honored by the OpenSSH by providing a @file{~/.ssh/config} file, which is honored by the OpenSSH
client,@command{ssh}, and by other tools such as @command{guix deploy}.") client,@command{ssh}, and by other tools such as @command{guix deploy}.")
(default-value (home-openssh-configuration)))) (default-value (home-openssh-configuration))))
;;;
;;; Ssh-agent.
;;;
(define-record-type* <home-ssh-agent-configuration>
home-ssh-agent-configuration make-home-ssh-agent-configuration
home-ssh-agent-configuration?
(openssh home-ssh-agent-openssh ;file-like
(default openssh))
(socket-directory home-ssh-agent-socket-directory ;string
(default (string-append %user-runtime-dir "/ssh-agent")))
(extra-options home-ssh-agent-extra-options ;list of string
(default '())))
(define (home-ssh-agent-services config)
"Return a <shepherd-service> for an ssh-agent with CONFIG."
(match config
(($ <home-ssh-agent-configuration>
openssh socket-directory extra-options)
(let* ((ssh-agent (file-append openssh "/bin/ssh-agent"))
(socket-file (string-append socket-directory "/socket"))
(command `(,ssh-agent
"-D"
"-a" ,socket-file
,@extra-options))
(log-file (string-append %user-log-dir "/ssh-agent.log")))
(list (shepherd-service
(documentation "Run the ssh-agent.")
(provision '(ssh-agent))
(start #~(lambda _
(unless (file-exists? #$socket-directory)
(mkdir-p #$socket-directory)
(chmod #$socket-directory #o700))
(fork+exec-command '#$command #:log-file #$log-file)))
(stop #~(make-kill-destructor))))))))
(define home-ssh-agent-service-type
(service-type
(name 'home-ssh-agent)
(default-value (home-ssh-agent-configuration))
(extensions
(list (service-extension home-shepherd-service-type
home-ssh-agent-services)))
(description
"Install and configure @command{ssh-agent} as a Shepherd service.")))