Commit b22f8b5f3442

Vincent Demeester <vincent@sbr.pm>
2025-11-28 10:07:31
systems: make pam.sshAgent common
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent 7a4772f
Changed files (5)
systems
aix
extra.nix
athena
extra.nix
common
base
default.nix
demeter
extra.nix
kerkouane
extra.nix
systems/aix/extra.nix
@@ -35,7 +35,4 @@
       endpointPublicKey = "${globals.machines.kerkouane.net.vpn.pubkey}";
     };
   };
-
-  # TODO: could be enable by default for all ?
-  security.pam.enableSSHAgentAuth = true;
 }
systems/athena/extra.nix
@@ -60,7 +60,4 @@
       };
     };
   };
-
-  # TODO: could be enable by default for all ?
-  security.pam.enableSSHAgentAuth = true;
 }
systems/common/base/default.nix
@@ -62,6 +62,7 @@
   security = {
     polkit.enable = true;
     rtkit.enable = true;
+    pam.sshAgentAuth.enable = true;
   };
 
   # Clear out /tmp after a fortnight and give all normal users a ~/tmp
systems/demeter/extra.nix
@@ -1,6 +1,5 @@
 {
   libx,
-  lib,
   globals,
   ...
 }:
@@ -23,7 +22,4 @@
       endpointPublicKey = "${globals.machines.kerkouane.net.vpn.pubkey}";
     };
   };
-
-  # TODO: could be enable by default for all ?
-  security.pam.enableSSHAgentAuth = true;
 }
systems/kerkouane/extra.nix
@@ -227,7 +227,6 @@ in
           repo: https://git.sr.ht/~vdemeester/sec
     '';
   };
-  security.pam.enableSSHAgentAuth = true;
   security.acme = {
     acceptTerms = true;
     email = "vincent@sbr.pm";