From 97ee4578c9b305b9497ee5b0bb7c2b1d1278c2d7 Mon Sep 17 00:00:00 2001
From: jD91mZM2 <me@krake.one>
Date: Thu, 28 Jun 2018 19:33:47 +0200
Subject: [PATCH] gpg-agent: Add maxCacheTtl(Ssh) options

---
 modules/services/gpg-agent.nix | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix
index aa2ecdb7e..5e2a41388 100644
--- a/modules/services/gpg-agent.nix
+++ b/modules/services/gpg-agent.nix
@@ -40,6 +40,28 @@ in
         '';
       };
 
+      maxCacheTtl = mkOption {
+        type = types.nullOr types.int;
+        default = null;
+        description = ''
+          Set the maximum time a cache entry is valid to n seconds. After this
+          time a cache entry will be expired even if it has been accessed
+          recently or has been set using gpg-preset-passphrase. The default is
+          2 hours (7200 seconds).
+        '';
+      };
+
+      maxCacheTtlSsh = mkOption {
+        type = types.nullOr types.int;
+        default = null;
+        description = ''
+          Set the maximum time a cache entry used for SSH keys is valid to n
+          seconds. After this time a cache entry will be expired even if it has
+          been accessed recently or has been set using gpg-preset-passphrase.
+          The default is 2 hours (7200 seconds).
+        '';
+      };
+
       enableSshSupport = mkOption {
         type = types.bool;
         default = false;
@@ -103,6 +125,12 @@ in
         ++
         optional (cfg.defaultCacheTtlSsh != null)
           "default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}"
+        ++
+        optional (cfg.maxCacheTtl != null)
+          "max-cache-ttl ${toString cfg.maxCacheTtl}"
+        ++
+        optional (cfg.maxCacheTtlSsh != null)
+          "max-cache-ttl-ssh ${toString cfg.maxCacheTtlSsh}"
       );
 
       home.sessionVariables =