diff options
author | Thomas Gerbet <thomas@gerbet.me> | 2024-06-21 21:07:43 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-21 21:07:43 +0200 |
commit | 6d04aa54bad7fd3a2b9bcb67c3e5cf33144ae7eb (patch) | |
tree | 4c7b947f45bef4a95db51cf781c602a0bf8f55a0 /nixos | |
parent | bd074c86c90acb19478d3c3d6e81ecdb97046a34 (diff) | |
parent | 6bb516d45f2cbb56a817adf4c7f0ee680e3cf9e9 (diff) |
Merge pull request #315874 from JohnRTitor/gnome-keyring-module
nixos/gnome-keyring: rewrite module and fix unlocking on GDM session login
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/desktops/gnome/gnome-keyring.nix | 57 |
1 files changed, 31 insertions, 26 deletions
diff --git a/nixos/modules/services/desktops/gnome/gnome-keyring.nix b/nixos/modules/services/desktops/gnome/gnome-keyring.nix index 79bce0ade2fc5..02b198fd81cb9 100644 --- a/nixos/modules/services/desktops/gnome/gnome-keyring.nix +++ b/nixos/modules/services/desktops/gnome/gnome-keyring.nix @@ -1,45 +1,52 @@ # GNOME Keyring daemon. -{ config, pkgs, lib, ... }: - +{ + config, + pkgs, + lib, + ... +}: +let + cfg = config.services.gnome.gnome-keyring; +in { meta = { maintainers = lib.teams.gnome.members; }; - ###### interface - options = { - services.gnome.gnome-keyring = { - - enable = lib.mkOption { - type = lib.types.bool; - default = false; - description = '' - Whether to enable GNOME Keyring daemon, a service designed to - take care of the user's security credentials, - such as user names and passwords. - ''; - }; - + enable = lib.mkEnableOption '' + GNOME Keyring daemon, a service designed to + take care of the user's security credentials, + such as user names and passwords + ''; }; - }; - - ###### implementation - - config = lib.mkIf config.services.gnome.gnome-keyring.enable { - + config = lib.mkIf cfg.enable { environment.systemPackages = [ pkgs.gnome.gnome-keyring ]; - services.dbus.packages = [ pkgs.gnome.gnome-keyring pkgs.gcr ]; + services.dbus.packages = [ + pkgs.gnome.gnome-keyring + pkgs.gcr + ]; xdg.portal.extraPortals = [ pkgs.gnome.gnome-keyring ]; - security.pam.services.login.enableGnomeKeyring = true; + security.pam.services = lib.mkMerge [ + { + login.enableGnomeKeyring = true; + } + (lib.mkIf config.services.xserver.displayManager.gdm.enable { + gdm-password.enableGnomeKeyring = true; + gdm-autologin.enableGnomeKeyring = true; + }) + (lib.mkIf (config.services.xserver.displayManager.gdm.enable && config.services.fprintd.enable) { + gdm-fingerprint.enableGnomeKeyring = true; + }) + ]; security.wrappers.gnome-keyring-daemon = { owner = "root"; @@ -47,7 +54,5 @@ capabilities = "cap_ipc_lock=ep"; source = "${pkgs.gnome.gnome-keyring}/bin/gnome-keyring-daemon"; }; - }; - } |