nix/2.home-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

yubikey-agent: init service module (#6446)

Browse source
This commit is contained in:
Calum MacRae 2025-02-14 21:10:24 +00:00 committed by GitHub
parent 9daae9a67a
commit 582d3cd42d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 196 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
tests/modules/services/yubikey-agent-darwin/default.nix Normal file
View file

@ -0,0 +1 @@
{ yubikey-agent-darwin = ./service.nix; }

50
tests/modules/services/yubikey-agent-darwin/service.nix Normal file
View file

@ -0,0 +1,50 @@
{ config, ... }:
{
services.yubikey-agent = {
enable = true;
package = config.lib.test.mkStubPackage { outPath = "@yubikey-agent@"; };
};
nmt.script = ''
serviceFile=LaunchAgents/org.nix-community.home.yubikey-agent.plist
assertFileExists "$serviceFile"
assertFileContent "$serviceFile" ${
builtins.toFile "expected-agent.plist" ''
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeepAlive</key>
<dict>
<key>Crashed</key>
<true/>
<key>SuccessfulExit</key>
<false/>
</dict>
<key>Label</key>
<string>org.nix-community.home.yubikey-agent</string>
<key>ProcessType</key>
<string>Background</string>
<key>ProgramArguments</key>
<array>
<string>@yubikey-agent@/bin/yubikey-agent</string>
<string>-l</string>
<string>/tmp/yubikey-agent.sock</string>
</array>
<key>Sockets</key>
<dict>
<key>Listener</key>
<dict>
<key>SockPathMode</key>
<integer>384</integer>
<key>SockPathName</key>
<string>/tmp/yubikey-agent.sock</string>
</dict>
</dict>
</dict>
</plist>
''
}
'';
}

1
tests/modules/services/yubikey-agent/default.nix Normal file
View file

@ -0,0 +1 @@
{ yubikey-agent = ./service.nix; }

49
tests/modules/services/yubikey-agent/service.nix Normal file
View file

@ -0,0 +1,49 @@
{ config, ... }:
{
services.yubikey-agent = {
enable = true;
package = config.lib.test.mkStubPackage { outPath = "@yubikey-agent@"; };
};
nmt.script = ''
serviceFile=home-files/.config/systemd/user/yubikey-agent.service
socketFile=home-files/.config/systemd/user/yubikey-agent.socket
assertFileExists $serviceFile
assertFileExists $socketFile
assertFileContent $serviceFile ${
builtins.toFile "expected-service" ''
[Service]
ExecStart=@yubikey-agent@/bin/yubikey-agent -l %t/yubikey-agent/yubikey-agent.sock
ReadWritePaths=%t
Type=simple
[Unit]
After=yubikey-agent.socket
Description=Seamless ssh-agent for YubiKeys
Documentation=https://github.com/FiloSottile/yubikey-agent
RefuseManualStart=true
Requires=yubikey-agent.socket
''
}
assertFileContent $socketFile ${
builtins.toFile "expected-socket" ''
[Install]
WantedBy=sockets.target
[Socket]
DirectoryMode=0700
ListenStream=%t/yubikey-agent/yubikey-agent.sock
RuntimeDirectory=yubikey-agent
SocketMode=0600
[Unit]
Description=Unix domain socket for Yubikey SSH agent
Documentation=https://github.com/FiloSottile/yubikey-agent
''
}
'';
}