X-Git-Url: https://git.sev.monster/~sev/dotfiles.git/blobdiff_plain/d50f11d1b1c215bfc135949c0bd5d6faea6a4199..2b5fa3f95aa696c952cc88b29fdc815deebc31c1:/base/.zshenv diff --git a/base/.zshenv b/base/.zshenv index 3a577ad..1f3e198 100644 --- a/base/.zshenv +++ b/base/.zshenv @@ -1,17 +1,133 @@ -export EDITOR=vim -export XDG_CONFIG_HOME=~/etc -export XDG_CONFIG_DIRS=~/.config:/etc/xdg -export XDG_DATA_HOME=~/share -export XDG_DATA_DIRS=~/.local/share:/usr/local/share/:/usr/share/ -export XDG_CACHE_HOME=~/tmp - -export DVTM_TERM=rxvt-unicode -export CLICOLOR= -export LS_COLORS='di=34:ln=35:so=32:pi=33:ex=31:bd=46;34:cd=43;34:su=41;30:sg=46;30:tw=42;30:ow=43;30' -export GREP_OPTIONS=--color=auto - -export PYTHONSTARTUP=~/.pythonrc - -if [[ -f ~/.zshenv.local ]]; then - source ~/.zshenv.local -fi +### unset unwanted options that could be set in /etc/zshenv +unsetopt SH_WORD_SPLIT KSH_ARRAYS + +### check if su +if [[ -v _sev_olduser && $_sev_olduser != $USERNAME ]] _sev_reset_shell= +export _sev_olduser=$USERNAME + +### exports for all new shells +if [[ -v _sev_reset_shell || $SHLVL == 1 ]] { + ## lang + export CHARSET=UTF-8 + export LANG=en_US.UTF-8 + export LC_CTYPE=$LANG + + ## path + typeset -U path fpath + if [[ $SHLVL == 1 ]] { + # take a backup before any customizations + export _sev_sys_PATH=$PATH + export _sev_sys_FPATH=$FPATH + } + # /usr/{pkg,local,games} are unix/bsdisms + path=({~/,/,/usr/}sbin {~/,/,/usr/}bin /usr/pkg/{s,}bin /usr/X11R{7,6}/bin + /usr/local/{s,}bin /usr/games) + PATH=$PATH:$_sev_sys_PATH + fpath=(${ZDOTDIR:-$HOME/.zsh}/functions/{*,Completions/*}(N)) + #fpath is not exported by default + export FPATH=$FPATH:$_sev_sys_FPATH + # take another backup, explained in .zprofile + typeset -U _backup_path + _backup_path=("${path[@]}") + + ## xdg + export XDG_CONFIG_HOME=~/etc + export XDG_CONFIG_DIRS=~/.config:/usr/pkg/etc/xdg:/usr/local/etc/xdg:/etc/xdg + export XDG_DATA_HOME=~/share + export XDG_DATA_DIRS=~/.local/share:/usr/pkg/share:/usr/local/share:/usr/share + export XDG_CACHE_HOME=~/tmp + export XDG_RUNTIME_DIR=~/tmp + if [[ -e $XDG_CONFIG_HOME/user-dirs.dirs ]] { + source $XDG_CONFIG_HOME/user-dirs.dirs + } + + ## create tmp link + t=${TMPDIR:-/tmp}/home-$LOGNAME + if [[ ! -e $t ]] { + mkdir -m 700 $t >/dev/null 2>&1 + # TODO: check if dir exists after mkdir + } + # allow opaque entries to override link creation + if [[ ! -e $XDG_RUNTIME_DIR ]] { + ln -sf $t $XDG_RUNTIME_DIR >/dev/null 2>&1 + } + unset t + + ## ssh agents + # NOTE: preferred order of agents to check: okcagent, gnupg, openssh + # first block takes care of okcagent and openssh, second gnupg + [[ -o interactive ]] && print -nP "%F{blue}>>>%f SSH: %F{green}" + if [[ ! -v SSH_AUTH_SOCK && ( -v commands[okc-ssh-agent] || + ( -v commands[ssh-agent] && ! -v commands[gpg] ) ) ]] { + okc=${commands[okc-ssh-agent]:+okc-} + agentfile=~/tmp/${okc}ssh-agent-exports + typeset sock= + typeset -i pid= + if [[ -f $agentfile ]] { + IFS=$'\0' read -r sock pid <$agentfile + } + if [[ -S $sock && $pid > 0 ]] && kill -0 $pid; then + [[ -o interactive ]] && echo "Reusing agent pid $pid" + export SSH_AUTH_SOCK=$sock + export SSH_AGENT_PID=$pid + else + # TODO: ensure ssh-agent path looks legit + # to avoid unsafe eval? + # NOTE: no way around doing redirection like this I think + e=${okc}ssh-agent + if [[ -o interactive ]] { + eval `$e` + } else { + eval `$e` >/dev/null 2>&1 + } + echo -n $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$agentfile + fi + unset okc agentfile sock pid + } elif [[ -v commands[gpg] && ! -S $_GNUPG_SOCK_DEST && \ + ( ! -v SSH_AUTH_SOCK || -v DISPLAY ) ]] { + export GPG_TTY=$(tty) + export PINENTRY_USER_DATA=USE_TTY=$((!${+DISPLAY})) + gpg-connect-agent UPDATESTARTUPTTY /bye >/dev/null 2>&1 + [[ -o interactive ]] && gpg-connect-agent /subst /serverpid \ + '/echo GPG agent pid ${get serverpid}' /bye + [[ ! -v SSH_AUTH_SOCK ]] && \ + export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) + } else { + [[ -o interactive ]] && echo "Pre-existing or remote agent" + } + + ## gpg ssh forwarding + # ssh automatically tunnels SSH_AUTH_SOCK with the right config, but GPG + # doesn't—we use a RemoteForward rule in ~/.ssh/config that uses these env + # vars to push the gpg extra socket through when connecting via ssh + # HACK: this entire thing sucks but there is no other easy way that works + # out of the box with other systems + if [[ -v commands[gpgconf] ]] { + # if already connected over SSH, reuse forwarded socket for future + # connections; else use extra socket + sock=${SSH_CLIENT:+agent-socket} + export _GNUPG_SOCK_SRC=$(gpgconf --list-dirs ${sock:-agent-extra-socket}) + unset sock + # XXX: multiple SSH sessions to the same host will overwrite this + # socket, no way to send unique paths without configuring explicit + # SendEnv and AcceptEnv exclusions on client and host respectively + export _GNUPG_SOCK_DEST=/tmp/.gpg-agent-forward + # if socket exists already, we are on a RemoteForwarded client, so copy + # it over so that GPG sees it + # XXX: race condition if connecting multiple terminals at once + if [[ -S $_GNUPG_SOCK_DEST ]] { + unlink $_GNUPG_SOCK_SRC >/dev/null 2>&1 + mv $_GNUPG_SOCK_DEST $_GNUPG_SOCK_SRC >/dev/null + } + } +} + +### load site-specific +if [[ -f ~/.zshenv.local ]] { source ~/.zshenv.local } + +### source .zprofile +# if we used su, without --login, let's run zprofile ourselves +# XXX: system zprofile is not run +if [[ -v _sev_reset_shell || $SHLVL == 1 ]] source ~/.zprofile + +# vim: set et sts=4 sw=4 ts=8 tw=79 :