[emacs] Interface with password store.

Password store is a password manager for GNU/Linux. This commit
configures an emacs interface for password-store.

diff --git a/bash/.config/profile.d/50-gpg.sh b/bash/.config/profile.d/50-gpg.sh
new file mode 100644 (file)
index 0000000..f06f881
--- /dev/null
+++ b/bash/.config/profile.d/50-gpg.sh
@@ -0,0 +1,6 @@
+# Copyright (c) 2022 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+#
+# 50-gpg.sh - environment variables for `gpg`.
+
+export GNUPGHOME="${XDG_DATA_HOME}/gnupg"

diff --git a/bash/.config/profile.d/50-pass.sh b/bash/.config/profile.d/50-pass.sh
new file mode 100644 (file)
index 0000000..fc7239e
--- /dev/null
+++ b/bash/.config/profile.d/50-pass.sh
@@ -0,0 +1,6 @@
+# Copyright (c) 2022 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+#
+# 50-pass.sh - environment variables for the password store.
+
+export PASSWORD_STORE_DIR="${XDG_DATA_HOME}/password_store"

diff --git a/conf/home/emacs.scm b/conf/home/emacs.scm
index 5dedf4a93f6112ba8275b95bda409456c5c8c9ea..1eb1bec18a2bb712186112b13d6f086e08e995f5 100644 (file)
--- a/conf/home/emacs.scm
+++ b/conf/home/emacs.scm
@@ -9,6 +9,8 @@
   #:use-module (gnu home services shepherd)
   #:use-module (gnu packages emacs)
   #:use-module (gnu packages emacs-xyz)
+  #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages password-utils)
   #:use-module (gnu packages rust-apps)
   #:use-module (gnu services)
   #:use-module (guix gexp)
@@ -61,6 +63,18 @@
                   emacs-use-package))
            (dotfiles
             (list "emacs/.config/emacs/conf/conf-package.el")))))
+
+(define emacs-pass-service
+  (service home-program-service-type
+          (home-program-configuration
+           (packages
+            (list emacs-pass
+                  gnupg
+                  password-store))
+           (dotfiles
+            (list "bash/.config/profile.d/50-gpg.sh"
+                  "bash/.config/profile.d/50-pass.sh"
+                  "emacs/.config/emacs/conf/conf-crypt.el")))))
 (define emacs-service
   (service home-program-service-type
           (home-program-configuration
@@ -81,4 +95,5 @@
         emacs-consult-service
        emacs-daemon-service
         emacs-package-service
+        emacs-pass-service
         emacs-service))

diff --git a/emacs/.config/emacs/conf/conf-crypt.el b/emacs/.config/emacs/conf/conf-crypt.el
new file mode 100644 (file)
index 0000000..776b77d
--- /dev/null
+++ b/emacs/.config/emacs/conf/conf-crypt.el
@@ -0,0 +1,24 @@
+;; Copyright (c) 2022 Jakub Czajka <jakub@ekhem.eu.org>
+;; License: GPL-3.0 or later.
+;;
+;; conf-crypt.el - configuration for the password store.
+
+(require 'conf-package)
+
+(use-package epa
+  :init
+  (exec-path-from-shell-copy-env "GNUPGHOME")
+  :custom
+  ;; `gpg' >= 2.1 requires `loopback' to delegate inputing password to emacs.
+  (epa-pinentry-mode 'loopback))
+
+(use-package pass
+  :when
+  (conf:executables-p (list "gpg" "pass"))
+  :ensure t
+  :init
+  (exec-path-from-shell-copy-env "PASSWORD_STORE_DIR")
+  :bind
+  ("C-c p" . pass))
+
+(provide 'conf-crypt)