ssh-agent: Allow other systemd units access to $SSH_AUTH_SOCK

[Quincunx271]

Description

If another systemd unit wants to talk to the ssh-agent service, they need to know the SSH_AUTH_SOCK variable to do so.

Checklist

• Change is backwards compatible.

• Code formatted with nix fmt or
  nix-shell -p treefmt nixfmt deadnix keep-sorted --run treefmt.

• Code tested through nix run .#tests -- test-all or
  nix-shell --pure tests -A run.all.

• Test cases updated/added. See example.

• Commit messages are formatted like

  {component}: {description}
  
  {long description}
  

  See CONTRIBUTING for more information and recent commit messages for examples.

The tests are broken at HEAD:

• nix-shell --pure tests -A run.all

  Errors

  error:
         … while calling the 'derivationStrict' builtin
           at <nix/derivation-internal.nix>:37:12:
             36|
             37|   strict = derivationStrict drvAttrs;
               |            ^
             38|
  
         … while evaluating derivation 'nmt-run-all-tests'
           whose name attribute is located at /nix/store/ka13k2zhk09q32ip9aidyd20v48g90jk-source/pkgs/stdenv/generic/make-derivation.nix:480:13
  
         … while evaluating attribute 'shellHook' of derivation 'nmt-run-all-tests'
           at /nix/store/fm1dwqb08lxr1gk02niyvb1j7v4181c0-source/default.nix:38:41:
             37|   runShellOnlyCommand = name: shellHook:
             38|     pkgs.runCommandLocal name { inherit shellHook; } ''
               |                                         ^
             39|       echo This derivation is only useful when run through nix-shell.
  
         … while evaluating the option `nmt.result.success':
  
         … while evaluating definitions from `/nix/store/fm1dwqb08lxr1gk02niyvb1j7v4181c0-source/nmt.nix':
  
         … while evaluating the option `home.activation.installPackages.data':
  
         … while evaluating definitions from `/home/.../home-manager/modules/home-environment.nix':
  
         … while evaluating the option `home.packages':
  
         … while evaluating definitions from `/home/.../home-manager/modules/programs/anki':
  
         (stack trace truncated; use '--show-trace' to show the full, detailed trace)
  
         error: attribute 'withAddons' missing
         at /home/.../home-manager/modules/programs/anki/default.nix:334:8:
            333|     home.packages = [
            334|       (cfg.package.withAddons (
               |        ^
            335|         [
  

• nix run .#tests

  Errors

  ``` ℹ️ Discovering tests... ❌ Error: Command 'fzf' not found. Is it in your PATH? ℹ️ No tests selected to run. ```

I'll let GitHub Actions run the tests.

[lheckemann]

I wonder how this interacts with gcr-ssh-agent from gnome-keyring, or more generally other potential SSH agents; I noticed recently when I ran a service that tried to access SSH keys via the agent ended up talking to gcr-ssh-agent, even though I have a different SSH agent setup for the rest of my session.

This should probably at the very least be optional, like how the variable is only set for the session if it doesn't already have a value.

[Quincunx271]

Great point. Updated to only set the environment variable if unset.

I verified that a custom systemd user service which sets the environment variable itself via dbus-update-activation-environment before this ssh-agent.service will take precedence over this.