···

       
120
       
120
       
 
       
        # Some programs need SUID wrappers, can be configured further or are

     

       
121
       
121
       
 
       
        # started in user sessions.

     

       
122
       
122
       
 
       
        # programs.mtr.enable = true;

     

       
123
       
123
       
-
       
        # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

     

       
123
       
123
       
+
       
        # programs.gnupg.agent = {

     

       
124
       
124
       
+
       
        #   enable = true;

     

       
125
       
125
       
+
       
        #   enableSSHSupport = true;

     

       
126
       
126
       
+
       
        #   flavour = "gnome3";

     

       
127
       
127
       
+
       
        # };

     

       
124
       
128
       
 
       


     

       
125
       
129
       
 
       
        # List services that you want to enable:

     

       
126
       
130
       
 
       


     

···

       
6
       
6
       
 
       


     

       
7
       
7
       
 
       
  cfg = config.programs.gnupg;

     

       
8
       
8
       
 
       


     

       
9
       
9
       
+
       
  xserverCfg = config.services.xserver;

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
  defaultPinentryFlavor =

     

       
12
       
12
       
+
       
    if xserverCfg.desktopManager.lxqt.enable

     

       
13
       
13
       
+
       
    || xserverCfg.desktopManager.plasma5.enable then

     

       
14
       
14
       
+
       
      "qt"

     

       
15
       
15
       
+
       
    else if xserverCfg.desktopManager.xfce.enable then

     

       
16
       
16
       
+
       
      "gtk2"

     

       
17
       
17
       
+
       
    else if xserverCfg.enable then

     

       
18
       
18
       
+
       
      "gnome3"

     

       
19
       
19
       
+
       
    else

     

       
20
       
20
       
+
       
      null;

     

       
21
       
21
       
+
       


     

       
9
       
22
       
 
       
in

     

       
10
       
23
       
 
       


     

       
11
       
24
       
 
       
{

     
···

       
54
       
67
       
 
       
      '';

     

       
55
       
68
       
 
       
    };

     

       
56
       
69
       
 
       


     

       
70
       
70
       
+
       
    agent.pinentryFlavor = mkOption {

     

       
71
       
71
       
+
       
      type = types.nullOr (types.enum pkgs.pinentry.flavors);

     

       
72
       
72
       
+
       
      example = "gnome3";

     

       
73
       
73
       
+
       
      description = ''

     

       
74
       
74
       
+
       
        Which pinentry interface to use. If not null, the path to the

     

       
75
       
75
       
+
       
        pinentry binary will be passed to gpg-agent via commandline and

     

       
76
       
76
       
+
       
        thus overrides the pinentry option in gpg-agent.conf in the user's

     

       
77
       
77
       
+
       
        home directory.

     

       
78
       
78
       
+
       
        If not set at all, it'll pick an appropriate flavor depending on the

     

       
79
       
79
       
+
       
        system configuration (qt3 flavor for lxqt and plasma5, gtk2 for xfce

     

       
80
       
80
       
+
       
        4.12, gnome3 on all other systems with X enabled, ncurses otherwise).

     

       
81
       
81
       
+
       
      '';

     

       
82
       
82
       
+
       
    };

     

       
83
       
83
       
+
       


     

       
57
       
84
       
 
       
    dirmngr.enable = mkOption {

     

       
58
       
85
       
 
       
      type = types.bool;

     

       
59
       
86
       
 
       
      default = false;

     
···

       
64
       
91
       
 
       
  };

     

       
65
       
92
       
 
       


     

       
66
       
93
       
 
       
  config = mkIf cfg.agent.enable {

     

       
94
       
94
       
+
       
    programs.gnupg.agent.pinentryFlavor = mkDefault defaultPinentryFlavor;

     

       
95
       
95
       
+
       


     

       
96
       
96
       
+
       
    # This overrides the systemd user unit shipped with the gnupg package

     

       
97
       
97
       
+
       
    systemd.user.services.gpg-agent = mkIf (cfg.agent.pinentryFlavor != null) {

     

       
98
       
98
       
+
       
      serviceConfig.ExecStart = [ "" ''

     

       
99
       
99
       
+
       
        ${pkgs.gnupg}/bin/gpg-agent --supervised \

     

       
100
       
100
       
+
       
          --pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry

     

       
101
       
101
       
+
       
      '' ];

     

       
102
       
102
       
+
       
    };

     

       
103
       
103
       
+
       


     

       
67
       
104
       
 
       
    systemd.user.sockets.gpg-agent = {

     

       
68
       
105
       
 
       
      wantedBy = [ "sockets.target" ];

     

       
69
       
106
       
 
       
    };

     
···

       
83
       
120
       
 
       
    systemd.user.sockets.dirmngr = mkIf cfg.dirmngr.enable {

     

       
84
       
121
       
 
       
      wantedBy = [ "sockets.target" ];

     

       
85
       
122
       
 
       
    };

     

       
86
       
86
       
-
       
    

     

       
123
       
123
       
+
       


     

       
87
       
124
       
 
       
    environment.systemPackages = with pkgs; [ cfg.package ];

     

       
88
       
125
       
 
       
    systemd.packages = [ cfg.package ];

     

       
89
       
126