From 68921b0e807efbb4f64dced5fa624e91ade9413a Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sun, 14 Jan 2024 17:09:06 +0000 Subject: [PATCH] gpg-agent: migrate to 'pinentryPackage' This follows upstream's module change [1], which allows setting any package as a pinentry program. [1]: https://github.com/NixOS/nixpkgs/pull/133542 --- modules/misc/news.nix | 9 +++++++++ modules/services/gpg-agent.nix | 16 ++++++++++------ .../services/gpg-agent/default-homedir.nix | 2 +- .../services/gpg-agent/override-homedir.nix | 2 +- 4 files changed, 21 insertions(+), 8 deletions(-) diff --git a/modules/misc/news.nix b/modules/misc/news.nix index 849ac9421..0b8588616 100644 --- a/modules/misc/news.nix +++ b/modules/misc/news.nix @@ -1443,6 +1443,15 @@ in { A new module is available: 'programs.joplin-desktop'. ''; } + + { + time = "2024-03-14T07:22:09+00:00"; + condition = config.services.gpg-agent.enable; + message = '' + 'services.gpg-agent.pinentryFlavor' has been removed and replaced by + 'services.gpg-agent.pinentryPackage'. + ''; + } ]; }; } diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix index 685698b77..a5d894157 100644 --- a/modules/services/gpg-agent.nix +++ b/modules/services/gpg-agent.nix @@ -81,6 +81,11 @@ let in { meta.maintainers = [ maintainers.rycee ]; + imports = [ + (mkRemovedOptionModule [ "services" "gpg-agent" "pinentryFlavor" ] + "Use services.gpg-agent.pinentryPackage instead") + ]; + options = { services.gpg-agent = { enable = mkEnableOption "GnuPG private key agent"; @@ -192,10 +197,9 @@ in { configuration file. ''; }; - - pinentryFlavor = mkOption { - type = types.nullOr (types.enum pkgs.pinentry.flavors); - example = "gnome3"; + pinentryPackage = mkOption { + type = types.nullOr types.package; + example = literalExpression "pkgs.pinentry-gnome3"; default = null; description = '' Which pinentry interface to use. If not @@ -243,8 +247,8 @@ in { "max-cache-ttl ${toString cfg.maxCacheTtl}" ++ optional (cfg.maxCacheTtlSsh != null) "max-cache-ttl-ssh ${toString cfg.maxCacheTtlSsh}" - ++ optional (cfg.pinentryFlavor != null) - "pinentry-program ${pkgs.pinentry.${cfg.pinentryFlavor}}/bin/pinentry" + ++ optional (cfg.pinentryPackage != null) + "pinentry-program ${lib.getExe pinentryPackage}" ++ [ cfg.extraConfig ]); home.sessionVariablesExtra = optionalString cfg.enableSshSupport '' diff --git a/tests/modules/services/gpg-agent/default-homedir.nix b/tests/modules/services/gpg-agent/default-homedir.nix index 9e21eb6db..29efddac4 100644 --- a/tests/modules/services/gpg-agent/default-homedir.nix +++ b/tests/modules/services/gpg-agent/default-homedir.nix @@ -5,7 +5,7 @@ with lib; { config = { services.gpg-agent.enable = true; - services.gpg-agent.pinentryFlavor = null; # Don't build pinentry package. + services.gpg-agent.pinentryPackage = null; # Don't build pinentry package. programs.gpg.enable = true; test.stubs.gnupg = { }; diff --git a/tests/modules/services/gpg-agent/override-homedir.nix b/tests/modules/services/gpg-agent/override-homedir.nix index 1a314e414..c50786739 100644 --- a/tests/modules/services/gpg-agent/override-homedir.nix +++ b/tests/modules/services/gpg-agent/override-homedir.nix @@ -5,7 +5,7 @@ with lib; { config = { services.gpg-agent.enable = true; - services.gpg-agent.pinentryFlavor = null; # Don't build pinentry package. + services.gpg-agent.pinentryPackage = null; # Don't build pinentry package. programs.gpg = { enable = true; homedir = "/path/to/hash";