search

nix-community / home-manager

Manage a user environment using Nix [maintainer=@rycee]
https://nix-community.github.io/home-manager/
MIT License
7k stars 1.81k forks source link

bug: services.gpg-agent.enableSshSupport doesn't respect programs.gpg.homedir option #4760

Open nakoo opened 10 months ago

nakoo commented 10 months ago

Are you following the right branch?

Is there an existing issue for this?

Issue description

Problem

services.gpg-agent.enableSshSupport doesn't respect programs.gpg.homedir option. gpg-agent can't find the public key even though it was already imported.

gpgconf shows the correct home directory location.

% gpgconf --list-dirs
sysconfdir:/etc/gnupg
bindir:/nix/store/859l6kcc0swh01xpngxs9fjqr7mv50hp-gnupg-2.4.1/bin
libexecdir:/nix/store/859l6kcc0swh01xpngxs9fjqr7mv50hp-gnupg-2.4.1/libexec
libdir:/nix/store/859l6kcc0swh01xpngxs9fjqr7mv50hp-gnupg-2.4.1/lib/gnupg
datadir:/nix/store/859l6kcc0swh01xpngxs9fjqr7mv50hp-gnupg-2.4.1/share/gnupg
localedir:/nix/store/859l6kcc0swh01xpngxs9fjqr7mv50hp-gnupg-2.4.1/share/locale
socketdir:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6
dirmngr-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.dirmngr
keyboxd-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.keyboxd
agent-ssh-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.gpg-agent.ssh
agent-extra-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.gpg-agent.extra
agent-browser-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.gpg-agent.browser
agent-socket:/run/user/1000/gnupg/d.rkqjarkduajeyyh6cbii3pf6/S.gpg-agent
homedir:/home/user/.config/gnupg

Result

~ % ssh -T git@github.com
git@github.com: Permission denied (publickey).

Example

programs.gpg = {
  enable = true;
  homedir = "/home/user/.config/gnupg";
};

services.gpg-agent = {
  enable = true;
  enableZshIntegration = true;
  enableSshSupport = true;
  pinentryFlavor = "curses";
  sshKeys = [
    # random keygrip strings that I generated for illustrated purpose
    "LWL7FJ7J32LUJJ4IBSGRQPMZVMMTIJOP751MLVPA"
    "DCTTAOWJTTTO07U2PUCPTKVSFQY5BCQ3QFYZSELE" 
  ];
};

Current Solution

Remove programs.gpg.homedir option and use default .gnupg folder location.

Possibly related issue

https://github.com/nix-community/home-manager/issues/4637

Maintainer CC

@rycee

System information

~ % nix-info -m                                                         
 - system: `"x86_64-linux"`
 - host os: `Linux 6.1.65, NixOS, 24.05 (Uakari), 24.05.20231204.2c7f3c0`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.18.1`
 - channels(root): `""`
 - channels(user): `""`
 - nixpkgs: `/nix/store/aiv01710wqn2b7hms2253d1cq89kdzh8-source`
stale[bot] commented 7 months ago

Thank you for your contribution! I marked this issue as stale due to inactivity. Please be considerate of people watching this issue and receiving notifications before commenting 'I have this issue too'. We welcome additional information that will help resolve this issue. Please read the relevant sections below before commenting.

If you are the original author of the issue

* If this is resolved, please consider closing it so that the maintainers know not to focus on this. * If this might still be an issue, but you are not interested in promoting its resolution, please consider closing it while encouraging others to take over and reopen an issue if they care enough. * If you know how to solve the issue, please consider submitting a Pull Request that addresses this issue.

If you are not the original author of the issue

* If you are also experiencing this issue, please add details of your situation to help with the debugging process. * If you know how to solve the issue, please consider submitting a Pull Request that addresses this issue.

Memorandum on closing issues

Don't be afraid to manually close an issue, even if it holds valuable information. Closed issues stay in the system for people to search, read, cross-reference, or even reopen – nothing is lost! Closing obsolete issues is an important way to help maintainers focus their time and effort.