From 687db545b46774ddfb5e80d34487ba97dc284b2e Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Fri, 23 Feb 2024 07:19:14 +0000
Subject: [PATCH] gnome-keyring: move persistence and init script to
 sane.programs

---
 hosts/common/home/default.nix                 |  1 -
 hosts/common/home/keyring/default.nix         | 17 -----------
 hosts/common/programs/default.nix             |  2 +-
 hosts/common/programs/gnome-keyring.nix       | 12 --------
 .../common/programs/gnome-keyring/default.nix | 29 +++++++++++++++++++
 .../gnome-keyring}/init-keyring               |  8 ++---
 6 files changed, 34 insertions(+), 35 deletions(-)
 delete mode 100644 hosts/common/home/keyring/default.nix
 delete mode 100644 hosts/common/programs/gnome-keyring.nix
 create mode 100644 hosts/common/programs/gnome-keyring/default.nix
 rename hosts/common/{home/keyring => programs/gnome-keyring}/init-keyring (72%)

diff --git a/hosts/common/home/default.nix b/hosts/common/home/default.nix
index fc54a096..b0369774 100644
--- a/hosts/common/home/default.nix
+++ b/hosts/common/home/default.nix
@@ -2,7 +2,6 @@
 {
   imports = [
     ./fs.nix
-    ./keyring
     ./mime.nix
     ./ssh.nix
     ./xdg-dirs.nix
diff --git a/hosts/common/home/keyring/default.nix b/hosts/common/home/keyring/default.nix
deleted file mode 100644
index e5bec067..00000000
--- a/hosts/common/home/keyring/default.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ config, pkgs, sane-lib, ... }:
-
-let
-  init-keyring = pkgs.static-nix-shell.mkBash {
-    pname = "init-keyring";
-    src = ./.;
-  };
-in
-{
-  sane.user.persist.byStore.private = [ ".local/share/keyrings" ];
-
-  sane.user.fs.".local/share/keyrings/default" = {
-    generated.command = [ "${init-keyring}/bin/init-keyring" ];
-    # wantedBy = [ config.sane.fs."/home/colin/private".unit ];
-    wantedBeforeBy = [ ];  # don't created this as part of `multi-user.target`
-  };
-}
diff --git a/hosts/common/programs/default.nix b/hosts/common/programs/default.nix
index e6e78626..3b33d74c 100644
--- a/hosts/common/programs/default.nix
+++ b/hosts/common/programs/default.nix
@@ -36,7 +36,7 @@
     ./geary.nix
     ./git.nix
     ./gnome-feeds.nix
-    ./gnome-keyring.nix
+    ./gnome-keyring
     ./gnome-weather.nix
     ./go2tv.nix
     ./gpodder.nix
diff --git a/hosts/common/programs/gnome-keyring.nix b/hosts/common/programs/gnome-keyring.nix
deleted file mode 100644
index c6c3d049..00000000
--- a/hosts/common/programs/gnome-keyring.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  sane.programs.gnome-keyring = {
-    packageUnwrapped = pkgs.gnome.gnome-keyring;
-  };
-  # adds gnome-keyring as a xdg-data-portal (xdg.portal)
-  # TODO: the gnome-keyring which this puts on PATH isn't sandboxed!
-  #   nixos service doesn't even let it be pluggable
-  services.gnome.gnome-keyring = lib.mkIf config.sane.programs.gnome-keyring.enabled {
-    enable = true;
-  };
-}
diff --git a/hosts/common/programs/gnome-keyring/default.nix b/hosts/common/programs/gnome-keyring/default.nix
new file mode 100644
index 00000000..63df60fa
--- /dev/null
+++ b/hosts/common/programs/gnome-keyring/default.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+let
+  init-keyring = pkgs.static-nix-shell.mkBash {
+    pname = "init-keyring";
+    src = ./.;
+  };
+in
+{
+  sane.programs.gnome-keyring = {
+    packageUnwrapped = pkgs.gnome.gnome-keyring;
+
+    persist.byStore.private = [
+      ".local/share/keyrings"
+    ];
+
+    fs.".local/share/keyrings/default" = {
+      generated.command = [ "${init-keyring}/bin/init-keyring" ];
+      # wantedBy = [ config.sane.fs."/home/colin/private".unit ];
+      wantedBeforeBy = [ ];  # don't created this as part of `multi-user.target`
+    };
+  };
+
+  # adds gnome-keyring as a xdg-data-portal (xdg.portal)
+  # TODO: the gnome-keyring which this puts on PATH isn't sandboxed!
+  #   nixos service doesn't even let it be pluggable
+  services.gnome.gnome-keyring = lib.mkIf config.sane.programs.gnome-keyring.enabled {
+    enable = true;
+  };
+}
diff --git a/hosts/common/home/keyring/init-keyring b/hosts/common/programs/gnome-keyring/init-keyring
similarity index 72%
rename from hosts/common/home/keyring/init-keyring
rename to hosts/common/programs/gnome-keyring/init-keyring
index 9501de65..c4f85f39 100755
--- a/hosts/common/home/keyring/init-keyring
+++ b/hosts/common/programs/gnome-keyring/init-keyring
@@ -3,14 +3,14 @@
 # initializes the default libsecret keyring (used by gnome-keyring) if not already initialized.
 # this initializes it to be plaintext/unencrypted.
 
-ringdir=/home/colin/.local/share/keyrings
-if test -f "$ringdir/default"
+ringdir=~/.local/share/keyrings
+if test -e "$ringdir/default"
 then
-  echo 'keyring already initialized: not doing anything'
+  echo 'gnome-keyring/init-keyring: already initialized: not doing anything'
 else
   keyring="$ringdir/Default_keyring.keyring"
 
-  echo 'initializing default user keyring:' "$keyring.new"
+  echo 'gnome-keyring/init-keyring: initializing default user keyring:' "$keyring.new"
   echo '[keyring]' > "$keyring.new"
   echo 'display-name=Default keyring' >> "$keyring.new"
   echo 'lock-on-idle=false' >> "$keyring.new"