From 93b548b7372c577f367f1dcee818fa1c5f9c4559 Mon Sep 17 00:00:00 2001
From: rendaw <spoo@zarbosoft.com>
Date: Tue, 13 Mar 2018 16:28:36 +0900
Subject: [PATCH] Add docs to show using the gpg agent with systemd; set PATH
 for ssh unit

---
 doc/README-GPG.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++
 doc/README-SSH.md |  4 ++++
 2 files changed, 55 insertions(+)

diff --git a/doc/README-GPG.md b/doc/README-GPG.md
index dbfe3e7..afc0f43 100644
--- a/doc/README-GPG.md
+++ b/doc/README-GPG.md
@@ -181,3 +181,54 @@ Press <enter> to keep the current choice[*], or type selection number: 0
 ### Sign and decrypt email
 
 Follow [these instructions](enigmail.md) to set up Enigmail in Thunderbird.
+
+### Start the agent as a systemd unit
+
+##### 1. Create these files in `~/.config/systemd/user`
+
+Replace `trezor` with `keepkey` or `ledger` as required.
+
+###### `trezor-gpg-agent.service`
+
+````
+[Unit]
+Description=trezor-gpg-agent
+Requires=trezor-gpg-agent.socket
+
+[Service]
+Type=Simple
+Environment="GNUPGHOME=%h/.gnupg/trezor"
+Environment="PATH=/bin:/usr/bin:/usr/local/bin:%h/.local/bin"
+ExecStart=/usr/bin/trezor-gpg-agent -vv
+````
+
+If you've installed `trezor-agent` locally you may have to change the path in `ExecStart=`.
+
+###### `trezor-gpg-agent.socket`
+
+````
+[Unit]
+Description=trezor-gpg-agent socket
+
+[Socket]
+ListenStream=%t/gnupg/S.gpg-agent
+FileDescriptorName=std
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target
+````
+
+##### 2. Stop trezor-gpg-agent if it's already running
+
+```
+killall trezor-gpg-agent
+```
+
+##### 3. Run
+
+```
+systemctl --user start trezor-gpg-agent.service trezor-gpg-agent.socket
+systemctl --user enable trezor-gpg-agent.socket
+```
diff --git a/doc/README-SSH.md b/doc/README-SSH.md
index 48658c1..23c6ebc 100644
--- a/doc/README-SSH.md
+++ b/doc/README-SSH.md
@@ -113,9 +113,13 @@ Requires=trezor-ssh-agent.socket
 
 [Service]
 Type=Simple
+Environment="GNUPGHOME=%h/.gnupg/trezor"
+Environment="PATH=/bin:/usr/bin:/usr/local/bin:%h/.local/bin"
 ExecStart=/usr/bin/trezor-agent --foreground --sock-path %t/trezor-agent/S.ssh IDENTITY
 ````
 
+If you've installed `trezor-agent` locally you may have to change the path in `ExecStart=`.
+
 Replace `IDENTITY` with the identity you used when exporting the public key.
 
 ###### `trezor-ssh-agent.socket`