add gpg auto-unlock

2022-08-08 21:16:45 -03:00 · 2022-08-08 21:16:45 -03:00 · c5e919a2dc
commit c5e919a2dc
parent a8a8be5a59
4 changed files with 75 additions and 0 deletions
--- a/scripts/_gpg-unlock.nix
+++ b/scripts/_gpg-unlock.nix
@ -0,0 +1,30 @@
+{ config, pkgs, lib, ... }:
+pkgs.writeShellScriptBin "_gpg-unlock" ''
+  ${pkgs.gnupg}/bin/gpg-connect-agent reloadagent /bye
+
+  set -xe
+
+  test -f "$HOME/.config/.preset-password" || {
+    notify-send "No preset password found"
+    exit 0;
+  }
+
+  get_keygrip() {
+    ${pkgs.gnupg}/bin/gpg --list-secret-keys --with-keygrip |
+    awk '
+    /^ssb/ {
+        ssb=1
+    }
+    /Keygrip/{
+        if (ssb) print $3
+    }'
+  }
+
+  keygrip=$(get_keygrip)
+
+  test -n "$keygrip" || exit 0
+
+  cat "$HOME/.config/.preset-password" |
+      base64 -d |
+      ${pkgs.gnupg}/libexec/gpg-preset-passphrase --preset "$keygrip"
+''