From 9d79f9676db383b5cfa96d1c043f128803e47a0f Mon Sep 17 00:00:00 2001 From: Cynthia Fox Date: Fri, 5 May 2023 10:01:37 -0400 Subject: [PATCH] pass-secret-service: Add dbus file, assert Add the dbus service file in the package folder to XDG_DATA_HOME, as well as adding an assertion to ensure both it and `gnome-keyring` aren't enabled at the same time. --- modules/services/gnome-keyring.nix | 4 ++ modules/services/pass-secret-service.nix | 50 +++++++++++++++--------- 2 files changed, 36 insertions(+), 18 deletions(-) diff --git a/modules/services/gnome-keyring.nix b/modules/services/gnome-keyring.nix index 7267129d7..006d2e435 100644 --- a/modules/services/gnome-keyring.nix +++ b/modules/services/gnome-keyring.nix @@ -28,6 +28,10 @@ in { assertions = [ (lib.hm.assertions.assertPlatform "services.gnome-keyring" pkgs lib.platforms.linux) + { + assertion = !config.services.pass-secret-store.enable; + message = "Only one libsecret service can be enabled at a time."; + } ]; systemd.user.services.gnome-keyring = { diff --git a/modules/services/pass-secret-service.nix b/modules/services/pass-secret-service.nix index 53e4c1081..2d142cd0d 100644 --- a/modules/services/pass-secret-service.nix +++ b/modules/services/pass-secret-service.nix @@ -5,8 +5,7 @@ with lib; let cfg = config.services.pass-secret-service; - serviceArgs = - optionalString (cfg.storePath != null) "--path ${cfg.storePath}"; + busName = "org.freedesktop.secrets"; in { meta.maintainers = with maintainers; [ cab404 cyntheticfox ]; @@ -16,11 +15,13 @@ in { package = mkPackageOption pkgs "pass-secret-service" { }; storePath = mkOption { - type = with types; nullOr str; - default = null; - defaultText = "~/.password-store"; + type = types.str; + default = ""; + defaultText = "$HOME/.password-store"; example = "/home/user/.local/share/password-store"; - description = "Absolute path to password store."; + description = '' + Absolute path to password store. + ''; }; }; @@ -28,21 +29,34 @@ in { assertions = [ (hm.assertions.assertPlatform "services.pass-secret-service" pkgs platforms.linux) + { + assertion = !config.services.gnome-keyring.enable; + message = "Only one secrets service per user can be enabled at a time"; + } ]; - systemd.user.services.pass-secret-service = { - Unit = { - AssertFileIsExecutable = "${cfg.package}/bin/pass_secret_service"; - Description = "Pass libsecret service"; - Documentation = "https://github.com/mdellweg/pass_secret_service"; - PartOf = [ "default.target" ]; + systemd.user.services.pass-secret-service = + let binPath = "${cfg.package}/bin/pass_secret_service"; + in { + Unit = { + AssertFileIsExecutable = "${binPath}"; + Description = "Pass libsecret service"; + Documentation = "https://github.com/mdellweg/pass_secret_service"; + PartOf = [ "default.target" ]; + }; + + Service = { + Type = "dbus"; + ExecStart = "${binPath} ${ + optionalString (cfg.storePath != "") "--path ${cfg.storePath}" + }"; + BusName = busName; + }; + + Install.WantedBy = [ "default.target" ]; }; - Service = { - ExecStart = "${cfg.package}/bin/pass_secret_service ${serviceArgs}"; - }; - - Install = { WantedBy = [ "default.target" ]; }; - }; + xdg.dataFile."dbus-1/services/${busName}.service".source = + "${cfg.package}/share/dbus-1/services/${busName}.service"; }; }