2019-07-14 21:09:53 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
serviceCfg = config.services.password-store-sync;
|
|
|
|
programCfg = config.programs.password-store;
|
|
|
|
|
2020-02-02 00:39:17 +01:00
|
|
|
in {
|
2019-07-14 21:09:53 +02:00
|
|
|
meta.maintainers = with maintainers; [ pacien ];
|
|
|
|
|
|
|
|
options.services.password-store-sync = {
|
2023-07-01 01:30:13 +02:00
|
|
|
enable = mkEnableOption (lib.mdDoc "Password store periodic sync");
|
2019-07-14 21:09:53 +02:00
|
|
|
|
|
|
|
frequency = mkOption {
|
|
|
|
type = types.str;
|
|
|
|
default = "*:0/5";
|
2023-07-01 01:30:13 +02:00
|
|
|
description = lib.mdDoc ''
|
2019-07-14 21:09:53 +02:00
|
|
|
How often to synchronise the password store git repository with its
|
|
|
|
default upstream.
|
2023-07-01 01:30:13 +02:00
|
|
|
|
2019-07-14 21:09:53 +02:00
|
|
|
This value is passed to the systemd timer configuration as the
|
2023-07-01 01:30:13 +02:00
|
|
|
`onCalendar` option.
|
2019-07-14 21:09:53 +02:00
|
|
|
See
|
2023-07-01 01:30:13 +02:00
|
|
|
{manpage}`systemd.time(7)`
|
2019-07-14 21:09:53 +02:00
|
|
|
for more information about the format.
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf serviceCfg.enable {
|
2021-07-07 23:24:27 +02:00
|
|
|
assertions = [
|
|
|
|
(hm.assertions.assertPlatform "services.password-store-sync" pkgs
|
|
|
|
platforms.linux)
|
|
|
|
|
|
|
|
{
|
|
|
|
assertion = programCfg.enable;
|
|
|
|
message = "The 'services.password-store-sync' module requires"
|
|
|
|
+ " 'programs.password-store.enable = true'.";
|
|
|
|
}
|
|
|
|
];
|
2019-07-14 21:09:53 +02:00
|
|
|
|
|
|
|
systemd.user.services.password-store-sync = {
|
2020-02-02 00:39:17 +01:00
|
|
|
Unit = { Description = "Password store sync"; };
|
2019-07-14 21:09:53 +02:00
|
|
|
|
|
|
|
Service = {
|
|
|
|
CPUSchedulingPolicy = "idle";
|
|
|
|
IOSchedulingClass = "idle";
|
2020-02-02 00:39:17 +01:00
|
|
|
Environment = let
|
|
|
|
makeEnvironmentPairs =
|
|
|
|
mapAttrsToList (key: value: "${key}=${builtins.toJSON value}");
|
|
|
|
in makeEnvironmentPairs programCfg.settings;
|
2019-07-14 21:09:53 +02:00
|
|
|
ExecStart = toString (pkgs.writeShellScript "password-store-sync" ''
|
|
|
|
${pkgs.pass}/bin/pass git pull --rebase && \
|
|
|
|
${pkgs.pass}/bin/pass git push
|
|
|
|
'');
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
systemd.user.timers.password-store-sync = {
|
2020-02-02 00:39:17 +01:00
|
|
|
Unit = { Description = "Password store periodic sync"; };
|
2019-07-14 21:09:53 +02:00
|
|
|
|
|
|
|
Timer = {
|
|
|
|
Unit = "password-store-sync.service";
|
|
|
|
OnCalendar = serviceCfg.frequency;
|
|
|
|
Persistent = true;
|
|
|
|
};
|
|
|
|
|
2020-02-02 00:39:17 +01:00
|
|
|
Install = { WantedBy = [ "timers.target" ]; };
|
2019-07-14 21:09:53 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|