l pass: add remote unlock command
This commit is contained in:
parent
ff39fb0d1f
commit
4596a2840b
@ -4,7 +4,15 @@
|
|||||||
users.users.mainUser.packages = with pkgs; [
|
users.users.mainUser.packages = with pkgs; [
|
||||||
(pass.withExtensions (ext: [ ext.pass-otp ]))
|
(pass.withExtensions (ext: [ ext.pass-otp ]))
|
||||||
gnupg
|
gnupg
|
||||||
|
(pkgs.writers.writeDashBin "unlock" ''
|
||||||
|
set -efu
|
||||||
|
HOST=$1
|
||||||
|
|
||||||
|
pw=$(pass show "admin/$HOST/luks")
|
||||||
|
torify sshn root@$(pass "hosts/$HOST/initrd/hostname") "echo $pw > /crypt-ramfs/passphrase"
|
||||||
|
'')
|
||||||
];
|
];
|
||||||
|
|
||||||
programs.gnupg.agent.enable = true;
|
programs.gnupg.agent.enable = true;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user