(These days I use Bitwarden and vaultwarden but maintain this until I'm confident that I won't need any of my "deprecated" passwords.)
#+ARROYO_EMACS_MODULE: pass #+ARROYO_HOME_MODULE: hm/pass.nix #+ARROYO_SYSTEM_EXCLUDE: waterboy #+ARROYO_SYSTEM_EXCLUDE: droid
emacs-lisp source:(provide 'cce/pass)
I use the standard unix password manager, pass. I use the Emacs support packages for these, unsurprisingly, and I have a custom Hydra to put the keybindings to copy passwords hanging off of <SPC>k.
emacs-lisp source:(use-package password-store :after hydra :config (setq password-store-password-length 32) :init (defhydra hydra-pass () ("p" (lambda() (interactive) (background-shell-command "pass show last.fm")) :exit t) ("c" password-store-copy :exit t) ("e" password-store-edit :exit t) ("g" password-store-generate :exit t) ("o" password-store-otp-token-copy :exit t)) :bind (:map evil-normal-state-map ("<SPC>k" . hydra-pass/body))) (use-package password-store-otp :after password-store)
nix source: :tangle ~/arroyo-nix/hm/pass.nix{config, pkgs, ...}: { programs.password-store = { enable = true; package = pkgs.pass.withExtensions (exts: [ exts.pass-otp exts.pass-genphrase ]); settings = { PASSWORD_STORE_DIR = "$HOME/.password-store/"; }; }; home.activation.password-store = pkgs.lib.mkActivationLocalLink config # symlink helper (ref:activation_local_link) "~/sync/password-store" ".password-store"; home.packages = [ pkgs.yubikey-personalization ]; programs.bash.initExtra = '' gpg-connect-agent /bye ''; programs.browserpass.enable = true; }
(activation_local_link) is a helper in mkActivationLocalLink .