feat(shell): start tmux in every terminal; ssh-agent with auto-add

Move the tmux auto-start out of the graphical-only desktop layer into the shared shell config so it also covers WSL, iTerm2 and the Linux console (folded into programs.zsh.initContent via mkMerge alongside the SSH PS1 block). Same guards: interactive, not-already-in-tmux, not-SSH, not-VS-Code, tmux-present. ssh: run a user ssh-agent on Linux (macOS uses launchd) and add keys on first use (addKeysToAgent), so the passphrase is entered once per login session instead of per commit/push -- which also feeds commit signing. macOS additionally caches in the login keychain (UseKeychain). The work box keeps its own ~/.ssh/config (programs.ssh forced off there); its ssh-agent still runs via the work module. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-10 11:30:09 +01:00
parent 27fc7ae6d3
commit 860d4ccaa9
3 changed files with 51 additions and 29 deletions
@@ -1,6 +1,10 @@
-{ pkgs, ... }:
+{ pkgs, lib, ... }:

 {
+  # The work box keeps its own (corporate) ~/.ssh/config; don't let the personal
+  # programs.ssh (shell.nix) take it over. The ssh-agent below still runs.
+  programs.ssh.enable = lib.mkForce false;
+
  programs.git = {
    settings = {
      commit.gpgsign = true;