pyrox.dev
1{
2 config,
3 pkgs,
4 lib,
5 ...
6}:
7
8let
9
10 cfg = config.programs._1password-gui;
11
12in
13{
14 imports = [
15 (lib.mkRemovedOptionModule [ "programs" "_1password-gui" "gid" ] ''
16 A preallocated GID will be used instead.
17 '')
18 ];
19
20 options = {
21 programs._1password-gui = {
22 enable = lib.mkEnableOption "the 1Password GUI application";
23
24 polkitPolicyOwners = lib.mkOption {
25 type = lib.types.listOf lib.types.str;
26 default = [ ];
27 example = lib.literalExpression ''["user1" "user2" "user3"]'';
28 description = ''
29 A list of users who should be able to integrate 1Password with polkit-based authentication mechanisms.
30 '';
31 };
32
33 package = lib.mkPackageOption pkgs "1Password GUI" {
34 default = [ "_1password-gui" ];
35 };
36 };
37 };
38
39 config =
40 let
41 package = cfg.package.override {
42 polkitPolicyOwners = cfg.polkitPolicyOwners;
43 };
44 in
45 lib.mkIf cfg.enable {
46 environment.systemPackages = [ package ];
47 users.groups.onepassword.gid = config.ids.gids.onepassword;
48
49 security.wrappers = {
50 "1Password-BrowserSupport" = {
51 source = "${package}/share/1password/1Password-BrowserSupport";
52 owner = "root";
53 group = "onepassword";
54 setuid = false;
55 setgid = true;
56 };
57 };
58
59 };
60}