Commit `ec650b772304`

Vincent Demeester <vincent@sbr.pm>

2026-02-13 10:21:03

feat(okinawa): use SSH key for passage identity

Switched passage from YubiKey PIV identity to local SSH key, matching the approach used on aomi for consistency and convenience. Added ssh-to-age package and updated ntfy-subscriber service.

main

1 parent f2a571b

Changed files (1)

systems

okinawa

home.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ pkgs, config, ... }:
 let
   # Wrapper for jira-cli that injects API token from passage
   jira-wrapped = pkgs.writeShellScriptBin "jira" ''
@@ -28,6 +28,8 @@ in
   home.sessionVariables = {
     LLAMA_ARG_FLASH_ATTN = "off";
     LLAMA_ARG_MAIN_GPU = "0";
+    # Use local SSH key for passage instead of YubiKey identity
+    PASSAGE_IDENTITIES_FILE = pkgs.lib.mkForce "${config.home.homeDirectory}/.ssh/id_ed25519";
   };
 
   home.packages = with pkgs; [
@@ -72,6 +74,8 @@ in
     cliphist-cleanup
 
     slackdump
+
+    ssh-to-age
   ];
 
   # Automatic color scheme switching
@@ -115,7 +119,7 @@ in
       Environment = [
         "PATH=${pkgs.bash}/bin:${pkgs.coreutils}/bin:${pkgs.libnotify}/bin:${pkgs.ntfy-sh}/bin:${pkgs.xdg-utils}/bin:${pkgs.curl}/bin:${pkgs.passage}/bin"
         "PASSAGE_DIR=/home/vincent/.local/share/passage"
-        "PASSAGE_IDENTITIES_FILE=/home/vincent/.local/share/passage/identities"
+        "PASSAGE_IDENTITIES_FILE=/home/vincent/.ssh/id_ed25519"
       ];
     };

Commit ec650b772304

Commit `ec650b772304`