colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

move keyring to private store

Browse Source
This commit is contained in:
colin 2023-01-07 02:04:28 +00:00
parent 5443542cba
commit d852adf806
3 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/common/users.nix
View File

@ -93,8 +93,6 @@ in
".cargo"
".rustup"
# TODO: move this to ~/private!
".local/share/keyrings"
];
# convenience

5
modules/home-manager/keyring.nix
View File

@ -2,7 +2,10 @@
lib.mkIf config.sane.home-manager.enable
{
sane.fs."/home/colin/.local/share/keyrings/default" = sane-lib.fs.wanted {
sane.persist.home.private = [ ".local/share/keyrings" ];
sane.fs."/home/colin/private/.local/share/keyrings/default" = {
generated.script.script = builtins.readFile ../../scripts/init-keyring;
wantedBy = [ config.sane.fs."/home/colin/private".unit ];
};
}

3
scripts/init-keyring
View File

@ -2,7 +2,7 @@
# initializes the default libsecret keyring (used by gnome-keyring) if not already initialized.
# this initializes it to be plaintext/unencrypted.
ringdir=/home/colin/.local/share/keyrings
ringdir=/home/colin/private/.local/share/keyrings
if test -f "$ringdir/default"
then
echo 'keyring already initialized: not doing anything'
@ -14,6 +14,7 @@ else
echo 'display-name=Default keyring' >> "$keyring.new"
echo 'lock-on-idle=false' >> "$keyring.new"
echo 'lock-after=false' >> "$keyring.new"
chown colin:users "$keyring.new"
# closest to an atomic update we can achieve
mv "$keyring.new" "$keyring" && echo -n "Default_keyring" > "$ringdir/default"
fi