@@ -36,7 +36,7 @@ Copyright @copyright{} 2016, 2017, 2018, 2021 Chris Marusich@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021, 2022 Efraim Flashner@*
Copyright @copyright{} 2016 John Darrington@*
Copyright @copyright{} 2016, 2017 Nikita Gillmann@*
-Copyright @copyright{} 2016, 2017, 2018, 2019, 2020 Jan Nieuwenhuizen@*
+Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2023 Jan Nieuwenhuizen@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Julien Lepiller@*
Copyright @copyright{} 2016 Alex ter Weele@*
Copyright @copyright{} 2016, 2017, 2018, 2019, 2020, 2021 Christopher Baines@*
@@ -42447,6 +42447,60 @@ Extra content appended as-is to this @code{Host} block in
@c %end of fragment
+@cindex ssh-agent
+The @uref{https://www.openssh.com, OpenSSH package} includes a daemon,
+the @command{ssh-agent} command, that manages keys to connect to remote
+machines using the @acronym{SSH, secure shell} protocol. With the
+@code{(gnu home services ssh-agent)} service, you can configure the
+OpenSSH ssh-agent to run upon login.
+
+When using the @code{home-ssh-agent-service-type}, you need to add your
+@file{~/.bash_profile}:
+
+@example
+SSH_AUTH_SOCK=$@{XDG_RUNTIME_DIR-$HOME/.cache@}/ssh-agent/socket
+export SSH_AUTH_SOCK
+@end example
+
+Of course, you can do that using the @code{home-bash-service-type}, by
+adding something like:
+
+@lisp
+(environment-variables
+ '(("SSH_AUTH_SOCK"
+ . "$@{SSH_AUTH_SOCK-$@{XDG_RUNTIME_DIR-$HOME/.cache@}/ssh-agent/socket@}")))
+@end lisp
+
+Here is an example of a service and its configuration that you could add
+to the @code{services} field of your @code{home-environment}:
+
+@lisp
+(service home-ssh-agent-service-type
+ (home-ssh-agent-configuration
+ (extra-options '("-t" "1h30m"))))
+@end lisp
+
+@defvr {Scheme Variable} home-ssh-agent-service-type
+This is the type of the @code{git daemon} home service, whose value is an
+@code{home-ssh-agent-configuration} object.
+@end defvr
+
+@deftp {Data Type} home-ssh-agent-configuration
+Available @code{home-ssh-agent-configuration} fields are:
+
+@table @asis
+@item @code{git} (default: @code{git}) (type: file-like)
+The git package to use.
+
+@item @code{socket-directory} (default: @code{@env{XDG_RUNTIME_DIR}/ssh-agent"}) (type: string)
+The directory to write the ssh-agent's @file{socket} file.
+
+@item @code{extra-options} (default: @code{'()})
+Extra options will be passed to @command{ssh-agent}, please run
+@command{man ssh-agent} for more information.
+
+@end table
+@end deftp
@node Desktop Home Services
@subsection Desktop Home Services
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2022 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -25,9 +26,12 @@ (define-module (gnu home services ssh)
#:use-module (gnu services configuration)
#:use-module (guix modules)
#:use-module (gnu home services)
+ #:use-module (gnu home services shepherd)
#:use-module ((gnu home services utils)
#:select (object->camel-case-string))
#:autoload (gnu packages base) (glibc-utf8-locales)
+ #:use-module (gnu packages ssh)
+ #:use-module (shepherd support)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-34)
#:use-module (srfi srfi-35)
@@ -36,6 +40,7 @@ (define-module (gnu home services ssh)
home-openssh-configuration-authorized-keys
home-openssh-configuration-known-hosts
home-openssh-configuration-hosts
+ home-ssh-agent-configuration
openssh-host
openssh-host-host-name
@@ -52,7 +57,8 @@ (define-module (gnu home services ssh)
openssh-host-accepted-key-types
openssh-host-extra-content
- home-openssh-service-type))
+ home-openssh-service-type
+ home-ssh-agent-service-type))
(define (serialize-field-name name)
(match name
@@ -254,3 +260,49 @@ (define home-openssh-service-type
by providing a @file{~/.ssh/config} file, which is honored by the OpenSSH
client,@command{ssh}, and by other tools such as @command{guix deploy}.")
(default-value (home-openssh-configuration))))
+
+�
+;;;
+;;; Ssh-agent.
+;;;
+(define-record-type* <home-ssh-agent-configuration>
+ home-ssh-agent-configuration make-home-ssh-agent-configuration
+ home-ssh-agent-configuration?
+ (openssh home-ssh-agent-openssh ;file-like
+ (default openssh))
+ (socket-directory home-ssh-agent-socket-directory ;string
+ (default (string-append %user-runtime-dir "/ssh-agent")))
+ (extra-options home-ssh-agent-extra-options ;list of string
+ (default '())))
+
+(define (home-ssh-agent-services config)
+ "Return a <shepherd-service> for an ssh-agent with CONFIG."
+ (match config
+ (($ <home-ssh-agent-configuration>
+ openssh socket-directory extra-options)
+ (let* ((ssh-agent (file-append openssh "/bin/ssh-agent"))
+ (socket-file (string-append socket-directory "/socket"))
+ (command `(,ssh-agent
+ "-D"
+ "-a" ,socket-file
+ ,@extra-options))
+ (log-file (string-append %user-log-dir "/ssh-agent.log")))
+ (list (shepherd-service
+ (documentation "Run the ssh-agent.")
+ (provision '(ssh-agent))
+ (start #~(lambda _
+ (unless (file-exists? #$socket-directory)
+ (mkdir-p #$socket-directory)
+ (chmod #$socket-directory #o700))
+ (fork+exec-command '#$command #:log-file #$log-file)))
+ (stop #~(make-kill-destructor))))))))
+
+(define home-ssh-agent-service-type
+ (service-type
+ (name 'home-ssh-agent)
+ (default-value (home-ssh-agent-configuration))
+ (extensions
+ (list (service-extension home-shepherd-service-type
+ home-ssh-agent-services)))
+ (description
+ "Install and configure @command{ssh-agent} as a Shepherd service.")))
From: "Janneke Nieuwenhuizen" <janneke@gnu.org> * gnu/home/services/ssh.scm: (<home-ssh-agent-configuration>): New type. (home-ssh-agent-services): New procedure. (home-ssh-agent-service-type): New variable. * doc/guix.texi (Secure Shell): Document it. --- doc/guix.texi | 56 ++++++++++++++++++++++++++++++++++++++- gnu/home/services/ssh.scm | 54 ++++++++++++++++++++++++++++++++++++- 2 files changed, 108 insertions(+), 2 deletions(-)