2015-07-16 13:51:01 +00:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
{
|
2021-06-05 11:17:36 +00:00
|
|
|
users.users.mainUser.packages = with pkgs; [
|
2019-10-14 13:36:03 +00:00
|
|
|
(pass.withExtensions (ext: [ ext.pass-otp ]))
|
2017-10-03 21:53:43 +00:00
|
|
|
gnupg
|
2021-10-24 20:15:02 +00:00
|
|
|
(pkgs.writers.writeDashBin "unlock" ''
|
|
|
|
set -efu
|
|
|
|
HOST=$1
|
|
|
|
|
|
|
|
pw=$(pass show "admin/$HOST/luks")
|
|
|
|
torify sshn root@$(pass "hosts/$HOST/initrd/hostname") "echo $pw > /crypt-ramfs/passphrase"
|
|
|
|
'')
|
2015-07-16 13:51:01 +00:00
|
|
|
];
|
|
|
|
|
2017-10-05 03:05:00 +00:00
|
|
|
programs.gnupg.agent.enable = true;
|
2023-09-03 10:09:34 +00:00
|
|
|
systemd.tmpfiles.rules = [
|
|
|
|
"L+ /home/lass/.password-store - - - - sync/pwstore"
|
|
|
|
];
|
2021-10-24 20:15:02 +00:00
|
|
|
|
2015-07-16 13:51:01 +00:00
|
|
|
}
|