75fa0ae5af
GitOrigin-RevId: c3ab5ea047e6dc73df530948f7367455749d8906
59 lines
1.5 KiB
Nix
59 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.services.gnome-keyring;
|
|
|
|
in {
|
|
meta.maintainers = [ maintainers.rycee ];
|
|
|
|
options = {
|
|
services.gnome-keyring = {
|
|
enable = mkEnableOption "GNOME Keyring";
|
|
|
|
components = mkOption {
|
|
type = types.listOf (types.enum [ "pkcs11" "secrets" "ssh" ]);
|
|
default = [ ];
|
|
description = ''
|
|
The GNOME keyring components to start. If empty then the
|
|
default set of components will be started.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
assertions = [
|
|
(lib.hm.assertions.assertPlatform "services.gnome-keyring" pkgs
|
|
lib.platforms.linux)
|
|
{
|
|
assertion = !config.services.pass-secret-service.enable;
|
|
message = ''
|
|
Only one secrets service per user can be enabled at a time.
|
|
Other services enabled:
|
|
- pass-secret-service
|
|
'';
|
|
}
|
|
];
|
|
|
|
systemd.user.services.gnome-keyring = {
|
|
Unit = {
|
|
Description = "GNOME Keyring";
|
|
PartOf = [ "graphical-session-pre.target" ];
|
|
};
|
|
|
|
Service = {
|
|
ExecStart = let
|
|
args = concatStringsSep " " ([ "--start" "--foreground" ]
|
|
++ optional (cfg.components != [ ])
|
|
("--components=" + concatStringsSep "," cfg.components));
|
|
in "${pkgs.gnome.gnome-keyring}/bin/gnome-keyring-daemon ${args}";
|
|
Restart = "on-abort";
|
|
};
|
|
|
|
Install = { WantedBy = [ "graphical-session-pre.target" ]; };
|
|
};
|
|
};
|
|
}
|