After posting my previous message, I realized that the question of “why nyxt does not remember the password entered by the user in the prompt buffer” was raised in the first message by @ko56. The answer suggested that it was a property of the password manager tool (Pass or KeePassXC). But I disagree with that because at least for KeePassXC, the keepassxc-interface
has a slot for master-password
and that value is fed on the input stream to keepassxc-cli
for various queries (eg list-passwords, clip-password, clip-username). So I was expecting that once master-password was setf in the loop sexp of password:complete-interface, there would be no need to enter it again for the duration of the nyxt session. But that was not happening.
The solution I discovered is the following: in my $XDG_CONFIG_HOME/nyxt/config.lisp file, there was already initialization code for password-file and key-file like below:
(defmethod initialize-instance :after
((interface password:keepassxc-interface) &key &allow-other-keys)
(setf (password:password-file interface) "/path/to/database.kdbx")
(setf (password:key-file interface) "/path/to/keyfile")
)
So I just extended that by adding
(setf (password:master-password interface) "MYPASSWORD")
and that worked. I did not have to enter my password in the prompt buffer after restarting nyxt. Then it was a simple matter of finding sample code to read contents of a gpg encrypted file containing the password into a string and replace the “MYPASSWORD” string with lisp code that captured the ouput of a subprocess that ran the command
gpg --no-tty -d /path/to/passwordfile.gpg
Now I don’t have to enter the master password and it is auto setup by reading from an encrypted local file with gpg-agent handling the decryption password for passwordfile.gpg.
Any feedback about the appropriateness or kludgeyness of this solution is welcome.