2024-02-23 07:19:14 +00:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
{
|
|
|
|
|
sane.programs.gnome-keyring = {
|
|
|
|
|
packageUnwrapped = pkgs.gnome.gnome-keyring;
|
|
|
|
|
|
|
|
|
|
persist.byStore.private = [
|
|
|
|
|
".local/share/keyrings"
|
|
|
|
|
];
|
|
|
|
|
|
2024-02-23 08:14:09 +00:00
|
|
|
# TODO: factor into a native sane.fs primitive (i.e. fs.$entry.text = ... with some "no-clobber" option)
|
|
|
|
|
fs.".local/share/keyrings/Default_keyring.keyring" = {
|
|
|
|
|
generated.command = [
|
|
|
|
|
"cp --no-clobber ${./Default_keyring.keyring} /home/colin/.local/share/keyrings/Default_keyring.keyring"
|
|
|
|
|
];
|
|
|
|
|
wantedBy = [ config.sane.fs."${config.sane.persist.stores.private.origin}".unit ];
|
|
|
|
|
# TODO: move gnome-keyring.service under our control and then i can
|
|
|
|
|
# ensure ordering here.
|
|
|
|
|
wantedBeforeBy = [ ]; # don't create this as part of `multi-user.target`
|
|
|
|
|
};
|
2024-02-23 07:19:14 +00:00
|
|
|
fs.".local/share/keyrings/default" = {
|
2024-02-23 08:14:09 +00:00
|
|
|
generated.command = [
|
|
|
|
|
"cp --no-clobber ${./default} /home/colin/.local/share/keyrings/default"
|
|
|
|
|
];
|
|
|
|
|
wantedBy = [ config.sane.fs."${config.sane.persist.stores.private.origin}".unit ];
|
|
|
|
|
# TODO: move gnome-keyring.service under our control and then i can
|
|
|
|
|
# ensure ordering here.
|
|
|
|
|
wantedBeforeBy = [ ]; # don't create this as part of `multi-user.target`
|
2024-02-23 07:19:14 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# adds gnome-keyring as a xdg-data-portal (xdg.portal)
|
|
|
|
|
# TODO: the gnome-keyring which this puts on PATH isn't sandboxed!
|
|
|
|
|
# nixos service doesn't even let it be pluggable
|
|
|
|
|
services.gnome.gnome-keyring = lib.mkIf config.sane.programs.gnome-keyring.enabled {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
}
|
