ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-10 08:39:08 +03:00
Code Issues Projects Releases Wiki Activity

nixos/gnupg: add agent.settings option

Browse Source
This commit is contained in:
Benjamin Lee 2023-09-30 22:36:30 -07:00
parent 8a86b98f0b
commit f0a8e05a5d
No known key found for this signature in database
GPG Key ID: FB9624E2885D55A4
2 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -302,6 +302,8 @@ The module update takes care of the new config syntax and the data itself (user
- `programs.gnupg.agent.pinentryFlavor` is now set in `/etc/gnupg/gpg-agent.conf`, and will no longer take precedence over a `pinentry-program` set in `~/.gnupg/gpg-agent.conf`. - `programs.gnupg.agent.pinentryFlavor` is now set in `/etc/gnupg/gpg-agent.conf`, and will no longer take precedence over a `pinentry-program` set in `~/.gnupg/gpg-agent.conf`.
- `programs.gnupg` now has the option `agent.settings` to set verbatim config values in `/etc/gnupg/gpg-agent.conf`.
- `dockerTools.buildImage`, `dockerTools.buildLayeredImage` and `dockerTools.streamLayeredImage` now use `lib.makeOverridable` to allow `dockerTools`-based images to be customized more efficiently at the nix-level. - `dockerTools.buildImage`, `dockerTools.buildLayeredImage` and `dockerTools.streamLayeredImage` now use `lib.makeOverridable` to allow `dockerTools`-based images to be customized more efficiently at the nix-level.
- `services.influxdb2` now supports doing an automatic initial setup and provisioning of users, organizations, buckets and authentication tokens, see [#249502](https://github.com/NixOS/nixpkgs/pull/249502) for more details. - `services.influxdb2` now supports doing an automatic initial setup and provisioning of users, organizations, buckets and authentication tokens, see [#249502](https://github.com/NixOS/nixpkgs/pull/249502) for more details.

27
nixos/modules/programs/gnupg.nix
View File

@ -6,6 +6,10 @@ let
cfg = config.programs.gnupg; cfg = config.programs.gnupg;
agentSettingsFormat = pkgs.formats.keyValue {
mkKeyValue = lib.generators.mkKeyValueDefault { } " ";
};
xserverCfg = config.services.xserver; xserverCfg = config.services.xserver;
defaultPinentryFlavor = defaultPinentryFlavor =
@ -82,6 +86,18 @@ in
''; '';
}; };
agent.settings = mkOption {
type = agentSettingsFormat.type;
default = { };
example = {
default-cache-ttl = 600;
};
description = lib.mdDoc ''
Configuration for /etc/gnupg/gpg-agent.conf.
See {manpage}`gpg-agent(1)` for supported options.
'';
};
dirmngr.enable = mkOption { dirmngr.enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
@ -92,10 +108,13 @@ in
}; };
config = mkIf cfg.agent.enable { config = mkIf cfg.agent.enable {
environment.etc."gnupg/gpg-agent.conf".text = programs.gnupg.agent.settings = {
lib.optionalString (cfg.agent.pinentryFlavor != null) '' pinentry-program = lib.mkIf (cfg.agent.pinentryFlavor != null)
pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry "${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry";
''; };
environment.etc."gnupg/gpg-agent.conf".source =
agentSettingsFormat.generate "gpg-agent.conf" cfg.agent.settings;
# This overrides the systemd user unit shipped with the gnupg package # This overrides the systemd user unit shipped with the gnupg package
systemd.user.services.gpg-agent = { systemd.user.services.gpg-agent = {