From b4e3f069f1e9c774c3f9d21215c38a1ab910c3a9 Mon Sep 17 00:00:00 2001 From: Vladimir Serov Date: Tue, 27 Apr 2021 22:36:29 +0300 Subject: [PATCH] pass-secret-service: add module (#1898) pass-secret-service is a proxy between secret service (libsecret) and pass. --- .github/CODEOWNERS | 2 ++ modules/misc/news.nix | 9 ++++++++ modules/modules.nix | 1 + modules/services/pass-secret-service.nix | 28 ++++++++++++++++++++++++ 4 files changed, 40 insertions(+) create mode 100644 modules/services/pass-secret-service.nix diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 965d56208..bf5690b42 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -211,6 +211,8 @@ /modules/services/parcellite.nix @gleber +/modules/services/pass-secret-service.nix @cab404 + /modules/services/password-store-sync.nix @pacien /modules/services/pasystray.nix @pltanton diff --git a/modules/misc/news.nix b/modules/misc/news.nix index 88193c55c..cf32e0a0c 100644 --- a/modules/misc/news.nix +++ b/modules/misc/news.nix @@ -1897,6 +1897,15 @@ in A new module is available: 'programs.exa'. ''; } + + { + time = "2021-04-23T10:00:00+00:00"; + condition = hostPlatform.isLinux; + message = '' + A new module is available: 'services.pass-secret-service'. + ''; + } + ]; }; } diff --git a/modules/modules.nix b/modules/modules.nix index 952abc1ed..76e79669f 100644 --- a/modules/modules.nix +++ b/modules/modules.nix @@ -173,6 +173,7 @@ let (loadModule ./services/nextcloud-client.nix { }) (loadModule ./services/owncloud-client.nix { }) (loadModule ./services/parcellite.nix { }) + (loadModule ./services/pass-secret-service.nix { condition = hostPlatform.isLinux; }) (loadModule ./services/password-store-sync.nix { condition = hostPlatform.isLinux; }) (loadModule ./services/pasystray.nix { }) (loadModule ./services/pbgopy.nix { condition = hostPlatform.isLinux; }) diff --git a/modules/services/pass-secret-service.nix b/modules/services/pass-secret-service.nix new file mode 100644 index 000000000..02da767b8 --- /dev/null +++ b/modules/services/pass-secret-service.nix @@ -0,0 +1,28 @@ +{ pkgs, config, lib, ... }: + +with lib; + +let serviceCfg = config.services.pass-secret-service; +in { + meta.maintainers = [ maintainers.cab404 ]; + options.services.pass-secret-service = { + enable = mkEnableOption "Pass libsecret service"; + }; + config = mkIf serviceCfg.enable { + assertions = [{ + assertion = config.programs.password-store.enable; + message = "The 'services.pass-secret-service' module requires" + + " 'programs.password-store.enable = true'."; + }]; + + systemd.user.services.pass-secret-service = { + Unit = { Description = "Pass libsecret service"; }; + Service = { + Install = { WantedBy = [ "default.target" ]; }; + # pass-secret-service doesn't use environment variables for some reason. + ExecStart = + "${pkgs.pass-secret-service}/bin/pass_secret_service --path ${config.programs.password-store.settings.PASSWORD_STORE_DIR}"; + }; + }; + }; +}