-
Notifications
You must be signed in to change notification settings - Fork 0
/
private_env_1password
50 lines (48 loc) · 2 KB
/
private_env_1password
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
##
# Set environment for using 1Password SSH Agent and CLI over SSH such
# that SSH Agent and 1Password CLI can be forwarded over SSH sessions
# consistently on macOS and Linux.
#
# See: https://github.com/mmercurio/dotfiles
#
# Requirements:
# - ~/.1password/agent.sock is symlinked to 1Password's SSH Agent socket.
# (This is the default for Linux, but not not macOS.)
# - ~/bin/op is symlinked to 1Password CLI
# - ~/.ssh/config includes option to send LC_DESKTOP_HOST ("SendEnv LC_DESKTOP_HOST")
#
# This file is expected to be sourced by the login shell.
#
# When logged in locally on the desktop:
# - SSH_AUTH_SOCK is set and pointing to 1Password's ssh-agent socket.
# - LC_DESKTOP_HOST is set to the current hostname where 1Password is running.
#
# When logged in remotely over SSH:
# - `op` is aliased to run over SSH to the desktop where 1Password is running.
# Wrapper to execute `op` over ssh to the host where 1Password is running.
op_over_ssh() {
if [[ -n "$TMUX" ]]; then
# update shell's LC_DESKTOP_HOST from tmux session
eval $(tmux showenv -s LC_DESKTOP_HOST)
fi
if [[ -n "$LC_DESKTOP_HOST" && "$LC_DESKTOP_HOST" != "$(hostname -s)" ]]; then
# not running locally and LC_DESKOP_HOST is defined, execute op over SSH to desktop host
ssh $LC_DESKTOP_HOST ./bin/op $*
else
~/bin/op $*
fi
}
# When not logged in remotely over SSH, set SSH_AUTH_SOCK to use 1Password as SSH Agent.
# When logged in remotely over SSH, use `op_over_ssh` wrapper for `op`.
if [[ -z "$SSH_CONNECTION" ]]; then
SSH_AUTH_SOCK="$HOME/.1password/agent.sock"; export SSH_AUTH_SOCK
if command -v op > /dev/null; then
# if running locally and 1Password CLI is available set LC_DESKTOP_HOST
LC_DESKTOP_HOST=$(hostname -s); export LC_DESKTOP_HOST
fi
else
if [[ -n "$LC_DESKTOP_HOST" && "$LC_DESKTOP_HOST" != "$(hostname -s)" ]]; then
# not running locally and LC_DESKTOP_HOST is defined, execute op over SSH to desktop host
alias op=op_over_ssh
fi
fi