gnome-keyring: move persistence and init script to sane.programs

2024-02-23 07:19:14 +00:00 · 2024-02-23 07:19:14 +00:00 · 687db545b4
commit 687db545b4
parent 24d1d13d0a
6 changed files with 34 additions and 35 deletions
--- a/hosts/common/home/default.nix
+++ b/hosts/common/home/default.nix
@ -2,7 +2,6 @@
 {
  imports = [
    ./fs.nix
-    ./keyring
    ./mime.nix
    ./ssh.nix
    ./xdg-dirs.nix
--- a/hosts/common/home/keyring/default.nix
+++ b/hosts/common/home/keyring/default.nix
@ -1,17 +0,0 @@
-{ config, pkgs, sane-lib, ... }:
-
-let
-  init-keyring = pkgs.static-nix-shell.mkBash {
-    pname = "init-keyring";
-    src = ./.;
-  };
-in
-{
-  sane.user.persist.byStore.private = [ ".local/share/keyrings" ];
-
-  sane.user.fs.".local/share/keyrings/default" = {
-    generated.command = [ "${init-keyring}/bin/init-keyring" ];
-    # wantedBy = [ config.sane.fs."/home/colin/private".unit ];
-    wantedBeforeBy = [ ];  # don't created this as part of `multi-user.target`
-  };
-}
--- a/hosts/common/programs/default.nix
+++ b/hosts/common/programs/default.nix
@ -36,7 +36,7 @@
    ./geary.nix
    ./git.nix
    ./gnome-feeds.nix
-    ./gnome-keyring.nix
+    ./gnome-keyring
    ./gnome-weather.nix
    ./go2tv.nix
    ./gpodder.nix
--- a/hosts/common/programs/gnome-keyring.nix
+++ b/hosts/common/programs/gnome-keyring.nix
@ -1,12 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  sane.programs.gnome-keyring = {
-    packageUnwrapped = pkgs.gnome.gnome-keyring;
-  };
-  # adds gnome-keyring as a xdg-data-portal (xdg.portal)
-  # TODO: the gnome-keyring which this puts on PATH isn't sandboxed!
-  #   nixos service doesn't even let it be pluggable
-  services.gnome.gnome-keyring = lib.mkIf config.sane.programs.gnome-keyring.enabled {
-    enable = true;
-  };
-}
--- a/hosts/common/programs/gnome-keyring/default.nix
+++ b/hosts/common/programs/gnome-keyring/default.nix
@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+let
+  init-keyring = pkgs.static-nix-shell.mkBash {
+    pname = "init-keyring";
+    src = ./.;
+  };
+in
+{
+  sane.programs.gnome-keyring = {
+    packageUnwrapped = pkgs.gnome.gnome-keyring;
+
+    persist.byStore.private = [
+      ".local/share/keyrings"
+    ];
+
+    fs.".local/share/keyrings/default" = {
+      generated.command = [ "${init-keyring}/bin/init-keyring" ];
+      # wantedBy = [ config.sane.fs."/home/colin/private".unit ];
+      wantedBeforeBy = [ ];  # don't created this as part of `multi-user.target`
+    };
+  };
+
+  # adds gnome-keyring as a xdg-data-portal (xdg.portal)
+  # TODO: the gnome-keyring which this puts on PATH isn't sandboxed!
+  #   nixos service doesn't even let it be pluggable
+  services.gnome.gnome-keyring = lib.mkIf config.sane.programs.gnome-keyring.enabled {
+    enable = true;
+  };
+}
--- a/hosts/common/programs/gnome-keyring/init-keyring
+++ b/hosts/common/programs/gnome-keyring/init-keyring
@ -3,14 +3,14 @@
 # initializes the default libsecret keyring (used by gnome-keyring) if not already initialized.
 # this initializes it to be plaintext/unencrypted.

-ringdir=/home/colin/.local/share/keyrings
-if test -f "$ringdir/default"
+ringdir=~/.local/share/keyrings
+if test -e "$ringdir/default"
 then
-  echo 'keyring already initialized: not doing anything'
+  echo 'gnome-keyring/init-keyring: already initialized: not doing anything'
 else
  keyring="$ringdir/Default_keyring.keyring"

-  echo 'initializing default user keyring:' "$keyring.new"
+  echo 'gnome-keyring/init-keyring: initializing default user keyring:' "$keyring.new"
  echo '[keyring]' > "$keyring.new"
  echo 'display-name=Default keyring' >> "$keyring.new"
  echo 'lock-on-idle=false' >> "$keyring.new"