Fuck

home/ssh.nix

@@ -1,28 +1,31 @@
 { config, pkgs, ... }:
 
 {
-  # Enable SSH client and add to agent automatically
   programs.ssh = {
     enable = true;
     addKeysToAgent = "yes";
   };
 
-  # Per-user ssh-agent (systemd --user)
   services.ssh-agent.enable = true;
 
-  # Systemd unit to load all private keys from ~/.ssh
   systemd.user.services."ssh-add-all-keys" = {
     Unit = {
       Description = "Add all SSH keys from ~/.ssh to ssh-agent";
       After = [ "ssh-agent.service" ];
       Requires = [ "ssh-agent.service" ];
+      # Skip running if there are no id_* keys:
+      ConditionPathExistsGlob = "%h/.ssh/id_*";
     };
     Service = {
       Type = "oneshot";
-      Environment = [ "SSH_ASKPASS_REQUIRE=prefer" ];
       ExecStart = ''
-        ${pkgs.openssh}/bin/ssh-add -q ~/.ssh/id_* 2>/dev/null || true
+        ${pkgs.bash}/bin/bash -lc '${pkgs.openssh}/bin/ssh-add -q %h/.ssh/id_* 2>/dev/null || true'
       '';
+      # Make it non-interactive (don’t pop up askpass):
+      Environment = [
+        "SSH_ASKPASS=/bin/false"
+        "DISPLAY=ignored"
+      ];
     };
     Install.WantedBy = [ "default.target" ];
   };