diff options
| author | Sandro <sandro.jaeckel@gmail.com> | 2024-03-27 17:04:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-27 17:04:26 +0100 |
| commit | 9b1984ce3648bf9479a67820876d72700c3faa4f (patch) | |
| tree | 99dde8728e7aa1dc2805fa8038f6ddcad11dd4ba /nixos | |
| parent | cb11f8589769078fa154fb57ed8edd185281f1db (diff) | |
| parent | 7ffcd69c1ff94f1e40b5767112669450afd79bbf (diff) | |
Merge pull request #293117 from SuperSandro2000/goldwarden
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/programs/goldwarden.nix | 50 |
2 files changed, 51 insertions, 0 deletions
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index d45675d2a3924..d89d294b0469f 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -193,6 +193,7 @@ ./programs/gnome-disks.nix ./programs/gnome-terminal.nix ./programs/gnupg.nix + ./programs/goldwarden.nix ./programs/gpaste.nix ./programs/gphoto2.nix ./programs/haguichi.nix diff --git a/nixos/modules/programs/goldwarden.nix b/nixos/modules/programs/goldwarden.nix new file mode 100644 index 0000000000000..26f9a87c1986f --- /dev/null +++ b/nixos/modules/programs/goldwarden.nix @@ -0,0 +1,50 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.programs.goldwarden; +in +{ + options.programs.goldwarden = { + enable = lib.mkEnableOption "Goldwarden"; + package = lib.mkPackageOption pkgs "goldwarden" {}; + useSshAgent = lib.mkEnableOption "Goldwarden's SSH Agent" // { default = true; }; + }; + + config = lib.mkIf cfg.enable { + assertions = [{ + assertion = cfg.useSshAgent -> !config.programs.ssh.startAgent; + message = "Only one ssh-agent can be used at a time."; + }]; + + environment = { + etc = lib.mkIf config.programs.chromium.enable { + "chromium/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chromium/native-messaging-hosts/com.8bit.bitwarden.json"; + "opt/chrome/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chrome/native-messaging-hosts/com.8bit.bitwarden.json"; + }; + + extraInit = lib.mkIf cfg.useSshAgent '' + if [ -z "$SSH_AUTH_SOCK" -a -n "$HOME" ]; then + export SSH_AUTH_SOCK="$HOME/.goldwarden-ssh-agent.sock" + fi + ''; + + systemPackages = [ + # for cli and polkit action + cfg.package + # binary exec's into pinentry which should match the DE + config.programs.gnupg.agent.pinentryPackage + ]; + }; + + programs.firefox.nativeMessagingHosts.packages = [ cfg.package ]; + + # see https://github.com/quexten/goldwarden/blob/main/cmd/goldwarden.service + systemd.user.services.goldwarden = { + description = "Goldwarden daemon"; + wantedBy = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig.ExecStart = "${lib.getExe cfg.package} daemonize"; + path = [ config.programs.gnupg.agent.pinentryPackage ]; + unitConfig.ConditionUser = "!@system"; + }; + }; +} |