82 lines
2.5 KiB
Org Mode
82 lines
2.5 KiB
Org Mode
:PROPERTIES:
|
|
:ID: cce/the_standard_unix_password_manager
|
|
:ROAM_ALIASES: "The Standard UNIX Password Manager" pass "password-store"
|
|
:END:
|
|
#+TITLE: Using Pass for Passwords
|
|
#+filetags: :CCE:Emacs:System:
|
|
#+ARCOLOGY_KEY: cce/pass
|
|
#+ARCOLOGY_ALLOW_CRAWL: t
|
|
#+ARROYO_MODULE_WANTS: cce/hydra.org
|
|
|
|
#+PROPERTY: header-args :mkdirp yes
|
|
#+PROPERTY: header-args:emacs-lisp :tangle pass.el
|
|
#+PROPERTY: header-args:yaml :tangle roles/endpoint/tasks/pass.yml
|
|
#+PROPERTY: header-args:nix :tangle ~/arroyo-nix/pass.nix
|
|
|
|
#+CCE_PREDICATE: t
|
|
#+CCE_PRIORITY: 30
|
|
#+AUTO_TANGLE: t
|
|
|
|
(These days I use [[id:20230201T121135.988658][Bitwarden]] and [[id:20230201T121604.003311][vaultwarden]] but maintain this until I'm confident that I won't need any of my "deprecated" passwords.)
|
|
|
|
#+ARROYO_EMACS_MODULE: pass
|
|
#+ARROYO_HOME_MODULE: hm/pass.nix
|
|
#+ARROYO_SYSTEM_EXCLUDE: waterboy
|
|
#+ARROYO_SYSTEM_EXCLUDE: droid
|
|
|
|
#+begin_src emacs-lisp
|
|
(provide 'cce/pass)
|
|
#+end_src
|
|
|
|
I use [[https://www.passwordstore.org/][the standard unix password manager]], =pass=. I use the Emacs support packages for these, unsurprisingly, and I have a custom [[id:cce/hydra][Hydra]] to put the keybindings to copy passwords hanging off of =<SPC>k=.
|
|
|
|
#+begin_src emacs-lisp
|
|
(use-package password-store
|
|
:after hydra
|
|
:config
|
|
(setq password-store-password-length 32)
|
|
:init
|
|
(defhydra hydra-pass ()
|
|
("p" (lambda() (interactive)
|
|
(background-shell-command "pass show last.fm"))
|
|
:exit t)
|
|
("c" password-store-copy :exit t)
|
|
("e" password-store-edit :exit t)
|
|
("g" password-store-generate :exit t)
|
|
("o" password-store-otp-token-copy :exit t))
|
|
:bind (:map evil-normal-state-map
|
|
("<SPC>k" . hydra-pass/body)))
|
|
(use-package password-store-otp
|
|
:after password-store)
|
|
#+end_src
|
|
|
|
#+begin_src nix :tangle ~/arroyo-nix/hm/pass.nix
|
|
{config, pkgs, ...}:
|
|
{
|
|
programs.password-store = {
|
|
enable = true;
|
|
package = pkgs.pass.withExtensions (exts: [ exts.pass-otp exts.pass-genphrase ]);
|
|
settings = {
|
|
PASSWORD_STORE_DIR = "$HOME/.password-store/";
|
|
};
|
|
};
|
|
|
|
home.activation.password-store =
|
|
pkgs.lib.mkActivationLocalLink config # symlink helper (ref:activation_local_link)
|
|
"~/sync/password-store"
|
|
".password-store";
|
|
|
|
home.packages = [
|
|
pkgs.yubikey-personalization
|
|
];
|
|
|
|
programs.bash.initExtra = ''
|
|
gpg-connect-agent /bye
|
|
'';
|
|
|
|
programs.browserpass.enable = true;
|
|
}
|
|
#+end_src
|
|
|
|
[[(activation_local_link)]] is a helper in [[id:cce/mkactivationlocallink][mkActivationLocalLink]].
|