diff options
Diffstat (limited to 'users/modules/onepassword.nix')
| -rw-r--r-- | users/modules/onepassword.nix | 148 |
1 files changed, 0 insertions, 148 deletions
diff --git a/users/modules/onepassword.nix b/users/modules/onepassword.nix deleted file mode 100644 index d98df25..0000000 --- a/users/modules/onepassword.nix +++ /dev/null @@ -1,148 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -with lib; - -let - cfg = config.programs.onepassword; - - generateAgentConfig = - keys: - let - keyToToml = - key: - let - lines = - [ "[[ssh-keys]]" ] - ++ optional (key.item != null) ''item = "${key.item}"'' - ++ optional (key.vault != null) ''vault = "${key.vault}"'' - ++ [ ''account = "${key.account}"'' ]; - in - concatStringsSep "\n" lines; - in - concatStringsSep "\n\n" (map keyToToml keys); - - home = config.home.homeDirectory; - darwinSockPath = "${home}/Library/Group Containers/2BUA8C4S2C.com.1password/t/agent.sock"; - defaultSockPath = ".1password/agent.sock"; - -in -{ - options.programs.onepassword = { - enable = mkEnableOption "1Password CLI and SSH agent integration"; - - package = mkOption { - type = types.package; - default = pkgs._1password-cli; - description = "The 1Password CLI package to use."; - }; - - socketPath = mkOption { - type = types.str; - default = defaultSockPath; - description = "Relative path from home directory for the SSH agent socket."; - example = ".1password/agent.sock"; - }; - - darwinSocketPath = mkOption { - type = types.str; - default = darwinSockPath; - description = "Full path to the 1Password agent socket on macOS."; - }; - - setSshAuthSock = mkOption { - type = types.bool; - default = true; - description = "Whether to set the SSH_AUTH_SOCK environment variable."; - }; - - configureSshClient = mkOption { - type = types.bool; - default = true; - description = "Whether to configure the SSH client to use 1Password agent."; - }; - - fishIntegration = mkOption { - type = types.bool; - default = false; - description = "Enable fish shell completion for 1Password CLI."; - }; - - sshKeys = mkOption { - type = - with types; - listOf (submodule { - options = { - item = mkOption { - type = nullOr str; - default = null; - description = "The name of the SSH key item in 1Password."; - example = "Git Signing Key"; - }; - - vault = mkOption { - type = nullOr str; - default = null; - description = "The vault name where the SSH key is stored (optional)."; - example = "Private"; - }; - - account = mkOption { - type = str; - default = "my.1password.com"; - description = "The 1Password account identifier."; - example = "my.1password.com"; - }; - }; - }); - default = [ ]; - description = "SSH keys configuration for 1Password agent. Lists from multiple configurations will be merged."; - example = [ - { account = "my.1password.com"; } - { - item = "Git Signing Key"; - vault = "Work"; - account = "ACME, Inc."; - } - { - item = "Personal SSH Key"; - account = "my.1password.com"; - } - ]; - }; - }; - - config = mkIf cfg.enable { - home.packages = [ cfg.package ]; - - home.sessionVariables = mkIf cfg.setSshAuthSock { - SSH_AUTH_SOCK = "${home}/${cfg.socketPath}"; - }; - - # Create symlink to Darwin socket (macOS specific) - home.file."${cfg.socketPath}" = mkIf pkgs.stdenv.isDarwin { - source = config.lib.file.mkOutOfStoreSymlink cfg.darwinSocketPath; - }; - - # Configure SSH client - programs.ssh = mkIf cfg.configureSshClient { - extraConfig = "IdentityAgent ~/${cfg.socketPath}"; - }; - - # Fish shell integration - programs.fish = mkIf cfg.fishIntegration { - interactiveShellInit = '' - op completion fish | source - ''; - }; - - # Generate SSH agent configuration - home.file.".config/1Password/ssh/agent.toml" = mkIf (cfg.sshKeys != [ ]) { - text = generateAgentConfig cfg.sshKeys; - }; - }; -} |