X-Git-Url: https://git.sev.monster/~sev/dotfiles.git/blobdiff_plain/f520c79a5934091c5676b6384e225e56e580a033..e69caf640e206d5736bbac8d9a6dd75e63ec70c0:/base/.zshenv?ds=sidebyside diff --git a/base/.zshenv b/base/.zshenv index 18b4552..90ec4ca 100644 --- a/base/.zshenv +++ b/base/.zshenv @@ -1,131 +1,31 @@ -### unset unwanted options that could be set in /etc/zshenv -unsetopt SH_WORD_SPLIT KSH_ARRAYS +[[ -v _sev_home ]] || export _sev_home=$HOME -### check if su -if [[ -v _sev_olduser && $_sev_olduser != $USERNAME ]] _sev_reset_shell= -export _sev_olduser=$USERNAME - -### exports for all new shells -if [[ -v _sev_reset_shell || $SHLVL == 1 ]] { - ## lang - export CHARSET=UTF-8 - export LANG=en_US.UTF-8 - export LC_CTYPE=$LANG - - ## path - typeset -U path fpath - if [[ $SHLVL == 1 ]] { - # take a backup before any customizations - export _sev_sys_PATH=$PATH - export _sev_sys_FPATH=$FPATH - } - # /usr/{pkg,local,games} are unix/bsdisms - path=({~/,/,/usr/}sbin {~/,/,/usr/}bin /usr/pkg/{s,}bin /usr/X11R{7,6}/bin - /usr/local/{s,}bin /usr/games) - PATH=$PATH:$_sev_sys_PATH - fpath=(${ZDOTDIR:-$HOME/.zsh}/functions/{*,Completions/*}(N)) - #fpath is not exported by default - export FPATH=$FPATH:$_sev_sys_FPATH - # take another backup, explained in .zprofile - typeset -U _backup_path - _backup_path=("${path[@]}") - - ## xdg - export XDG_CONFIG_HOME=~/etc - export XDG_CONFIG_DIRS=~/.config:/usr/pkg/etc/xdg:/usr/local/etc/xdg:/etc/xdg - export XDG_DATA_HOME=~/share - export XDG_DATA_DIRS=~/.local/share:/usr/pkg/share:/usr/local/share:/usr/share - export XDG_CACHE_HOME=~/tmp - export XDG_RUNTIME_DIR=~/tmp - - ## create tmp link - t=${TMPDIR:-/tmp}/home-$LOGNAME - h=$HOME/tmp - if [[ ! -e $t ]] { - mkdir -m 700 $t >/dev/null 2>&1 - # TODO: check if dir exists after mkdir - } - # allow opaque entries to override link creation - if [[ ! -e $h ]] { - ln -sf $t $h >/dev/null 2>&1 - } - unset t h - - ## ssh agents - # NOTE: preferred order of agents to check: okcagent, gnupg, openssh - # first block takes care of okcagent and openssh, second gnupg - print -nP "%F{blue}>>>%f SSH: %F{green}" - if [[ ! -v SSH_AUTH_SOCK && ( -v commands[okc-ssh-agent] || - ( -v commands[ssh-agent] && ! -v commands[gpg] ) ) ]] { - okc=${commands[okc-ssh-agent]:+okc-} - agentfile=~/tmp/${okc}ssh-agent-exports - typeset sock= - typeset -i pid= - if [[ -f $agentfile ]] { - IFS=$'\0' read -r sock pid <$agentfile - } - if [[ -S $sock && $pid > 0 ]] && kill -0 $pid; then - [[ -o interactive ]] && echo "Reusing agent pid $pid" - export SSH_AUTH_SOCK=$sock - export SSH_AGENT_PID=$pid - else - # TODO: ensure ssh-agent path looks legit - # to avoid unsafe eval? - # NOTE: no way around doing redirection like this I think - e=${okc}ssh-agent - if [[ -o interactive ]] { - eval `$e` - } else { - eval `$e` >/dev/null 2>&1 - } - echo -n $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$agentfile - fi - unset okc agentfile sock pid - } elif [[ -v commands[gpg] && ! -S $_GNUPG_SOCK_DEST && \ - ( ! -v SSH_AUTH_SOCK || -v DISPLAY ) ]] { - export GPG_TTY=$(tty) - export PINENTRY_USER_DATA=USE_TTY=$((!${+DISPLAY})) - gpg-connect-agent UPDATESTARTUPTTY /bye >/dev/null 2>&1 - [[ -o interactive ]] && gpg-connect-agent /subst /serverpid \ - '/echo GPG agent pid ${get serverpid}' /bye - [[ ! -v SSH_AUTH_SOCK ]] && \ - export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) - } else { - [[ -o interactive ]] && echo "Pre-existing or remote agent" - } - - ## gpg ssh forwarding - # ssh automatically tunnels SSH_AUTH_SOCK with the right config, but GPG - # doesn't—we use a RemoteForward rule in ~/.ssh/config that uses these env - # vars to push the gpg extra socket through when connecting via ssh - # HACK: this entire thing sucks but there is no other easy way that works - # out of the box with other systems - if [[ -v commands[gpgconf] ]] { - # if already connected over SSH, reuse forwarded socket for future - # connections; else use extra socket - sock=${SSH_CLIENT:+agent-socket} - export _GNUPG_SOCK_SRC=$(gpgconf --list-dirs ${sock:-agent-extra-socket}) - unset sock - # XXX: multiple SSH sessions to the same host will overwrite this - # socket, no way to send unique paths without configuring explicit - # SendEnv and AcceptEnv exclusions on client and host respectively - export _GNUPG_SOCK_DEST=/tmp/.gpg-agent-forward - # if socket exists already, we are on a RemoteForwarded client, so copy - # it over so that GPG sees it - # XXX: race condition if connecting multiple terminals at once - if [[ -S $_GNUPG_SOCK_DEST ]] { - unlink $_GNUPG_SOCK_SRC >/dev/null 2>&1 - mv $_GNUPG_SOCK_DEST $_GNUPG_SOCK_SRC >/dev/null - } - } -} +export ZDOTDIR=${XDG_CONFIG_HOME:-~/.config}/zsh ### load site-specific -if [[ -f ~/.zshenv.local ]] { source ~/.zshenv.local } +[[ -f ${ZDOTDIR:-~}/.zshenv.local ]] && source ${ZDOTDIR:-~}/.zshenv.local -### source .zprofile -# if we used su, without --login, let's run zprofile ourselves -# XXX: system zprofile is not run -if [[ -v _sev_reset_shell || $SHLVL == 1 ]] source ~/.zprofile +### fix broken term +if [[ ! -v TERM ]] { + TERM=xterm-256color >/dev/null 2>&1 +} +if [[ -o interactive && $#terminfo -eq 0 ]] { + _oldterm=$TERM + export TERM=xterm >/dev/null 2>&1 + print -P "%F{red}!!! Can't find terminfo for $_oldterm, using $TERM%f" + unset _oldterm +} -# vim: set et sts=4 sw=4 ts=8 tw=79 : +# NOTE: see .zprofile comment for rationale on sourcing +if [[ ! -v _sev_first_display && ( -v DISPLAY || -v WAYLAND_DISPLAY ) ]] { + ### update gpgagent to use graphical pinentry + # XXX: will be sourced by every new child shell if zsh is not used to + # start the graphical session and the _sev_first_display var isn't + # exported; for example, this previously happened with sway without a + # display manager or launcher in front of it + export _sev_first_display= + _sev_refresh_gpgagent= source ${ZDOTDIR:-~}/.zprofile +} elif [[ ! -o login && $SHLVL == 1 ]] { + ### early zprofile sourcing for first shell even if not a login shell + source ${ZDOTDIR:-~}/.zprofile +}