1
0
Fork 0
mirror of https://github.com/nix-community/home-manager synced 2024-11-01 16:59:43 +01:00
home-manager/modules/services/pass-secret-service.nix

71 lines
2 KiB
Nix
Raw Normal View History

{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.services.pass-secret-service;
busName = "org.freedesktop.secrets";
in {
meta.maintainers = with maintainers; [ cab404 cyntheticfox ];
options.services.pass-secret-service = {
enable = mkEnableOption "Pass libsecret service";
package = mkPackageOption pkgs "pass-secret-service" { };
storePath = mkOption {
type = with types; nullOr str;
default = null;
defaultText = "$HOME/.password-store";
example = "/home/user/.local/share/password-store";
description = ''
Absolute path to password store. Defaults to
{file}`$HOME/.password-store` if the
{option}`programs.password-store` module is not enabled, and
{option}`programs.password-store.settings.PASSWORD_STORE_DIR` if it is.
'';
};
};
config = mkIf cfg.enable {
assertions = [
(hm.assertions.assertPlatform "services.pass-secret-service" pkgs
platforms.linux)
{
assertion = !config.services.gnome-keyring.enable;
message = ''
Only one secrets service per user can be enabled at a time.
Other services enabled:
- gnome-keyring
'';
}
];
systemd.user.services.pass-secret-service =
let binPath = "${cfg.package}/bin/pass_secret_service";
in {
Unit = {
AssertFileIsExecutable = "${binPath}";
Description = "Pass libsecret service";
Documentation = "https://github.com/mdellweg/pass_secret_service";
PartOf = [ "default.target" ];
};
Service = {
Type = "dbus";
ExecStart = "${binPath} ${
optionalString (cfg.storePath != null) "--path ${cfg.storePath}"
}";
BusName = busName;
Environment = [ "GNUPGHOME=${config.programs.gpg.homedir}" ];
};
Install.WantedBy = [ "default.target" ];
};
xdg.dataFile."dbus-1/services/${busName}.service".source =
"${cfg.package}/share/dbus-1/services/${busName}.service";
};
}