Zsh: Use 1Password SSH-Agent when enabled

ebouchut · Apr 5, 2022 · 224471c · 224471c
1 parent 78a770a
commit 224471c
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 7 deletions.
diff --git a/hooks/post-up/1password-ssh-agent b/hooks/post-up/1password-ssh-agent
@@ -0,0 +1,38 @@
+#!/bin/bash
+
+#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# Configure SSH to use 1Password SSH Agent
+#
+# Pre-requisites: Turn on 1Password SSH Agent
+#   - Open 1Password / Preferences / Developer
+#   - Tick the checkboxes:
+#       - "Use SSH Agent"
+#       - "Display key names when authorizing connections"
+#
+# See: https://developer.1password.com/docs/ssh/get-started/
+#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+if [[ "$OSTYPE" != "darwin"* ]]; then
+  exit 0
+fi
+
+OP_DIR=~/.1password
+OP_SSH_AGENT_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
+OP_SSH_AGENT_SOCK_SYMLINK=$OP_DIR/agent.sock
+
+if [[ ! -S "$OP_SSH_AGENT_SOCK" ]]; then
+  echo '1Password SSH-Agent not enabled.'
+  echo 'Open 1password 8, open "Preferences / Developer" then check "Use SSH Agent"'
+  exit 0
+fi
+
+if [[ ! -d "$OP_DIR" ]]; then
+  mkdir     "$OP_DIR"
+  chmod 700 "$OP_DIR"
+fi
+
+if [[ ! -S "$OP_SSH_AGENT_SOCK_SYMLINK" ]]; then
+  ln -s "$OP_SSH_AGENT_SOCK" "$OP_SSH_AGENT_SOCK_SYMLINK"
+fi
+
+exit 0
diff --git a/tag-zsh/zlogin b/tag-zsh/zlogin
@@ -3,16 +3,35 @@
 
 # Run ssh-agent and store SSH_* variables ready to be sourced 
 
-  SSH_ENV=$HOME/.keychain/$HOST-sh
 
+SSH_ENV=$HOME/.keychain/$HOST-sh
 function start_agent {
-  echo "Initializing new SSH Agent..."
-  eval $(/usr/bin/ssh-agent | sed 's/^echo/#echo/'  | tee "${SSH_ENV}")
-  chmod 600 "${SSH_ENV}"
-  echo succeeded
+  local OP_SSH_AGENT_SOCK=~/Library/Group\ Containers/2BUA8C4S2C.com.1password/t/agent.sock
+  local OP_DIR=~/.1password
+  local OP_SSH_AGENT_SOCK_SYMLINK=$OP_DIR/agent.sock
 
-  # Load default private key
-  /usr/bin/ssh-add
+    # TODO: handle Linux
+  if [[ "$OSTYPE" == "darwin"*  && -S "$OP_SSH_AGENT_SOCK" ]] ; then
+    echo "Using 1Password SSH Agent"
+
+    # Create ~/.1password if it does not exist
+    if [[ ! -d "$OP_DIR" ]]; then
+      mkdir     "$OP_DIR"
+      chmod 700 "$OP_DIR"
+    fi
+
+    # Create a short symlink to the 1Password SSH-Agent with a complex path
+    if [[ ! -S "$OP_SSH_AGENT_SOCK_SYMLINK" ]]; then
+      ln -s "$OP_SSH_AGENT_SOCK" "$OP_SSH_AGENT_SOCK_SYMLINK"
+    fi
+    export SSH_AUTH_SOCK=$OP_SSH_AGENT_SOCK_SYMLINK
+  else
+    echo "Initializing new SSH Agent..."
+    eval $(/usr/bin/ssh-agent | sed 's/^echo/#echo/'  | tee "${SSH_ENV}")
+    chmod 600 "${SSH_ENV}"
+
+    /usr/bin/ssh-add  # Load default private key
+  fi
 }
 
 if [ -f "${SSH_ENV}" ]; then  # Source: http://mah.everybody.org/docs/ssh