Mirrors/home-manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

gpg-agent: Don't use negated options

Browse source
This commit is contained in:
Roman Volosatovs 2017-12-02 18:13:07 +01:00
parent 76e502a0ce
commit 4a3eeee32a
No known key found for this signature in database
GPG key ID: 3AC661943D80C89E
1 changed files with 13 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
modules/services/gpg-agent.nix
View file

@ -45,27 +45,21 @@ in
''; '';
}; };
noGrab = mkOption { grabKeyboardAndMouse = mkOption {
type = types.bool; type = types.bool;
default = false; default = true;
description = '' description = ''
Tell the pinentry not to grab the keyboard and mouse. This option should in general not be used to avoid X-sniffing attacks. Tell the pinentry to grab the keyboard and mouse. This option should in general be used to avoid X-sniffing attacks.
When disabled, this option passes 'no-grab' setting to gpg-agent.
''; '';
}; };
disableScDaemon = mkOption { enableScDaemon = mkOption {
type = types.bool; type = types.bool;
default = false; default = true;
description = '' description = ''
Do not make use of the scdaemon tool. This option has the effect of disabling the ability to do smartcard operations. Make use of the scdaemon tool. This option has the effect of enabling the ability to do smartcard operations.
''; When disabled, this option passes 'disable-scdaemon' setting to gpg-agent.
};
writeEnvFile = mkOption {
type = types.nullOr types.string;
default = null;
description = ''
Often it is required to connect to the agent from a process not being an inferior of gpg-agent and thus the environment variable with the socket name is not available. To help setting up those variables in other sessions, this option may be used to write the information into file
''; '';
}; };
}; };
@ -74,23 +68,15 @@ in
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [
{ {
home.file.".gnupg/gpg-agent.conf".text = concatStringsSep "\n" ( home.file.".gnupg/gpg-agent.conf".text = concatStringsSep "\n" (
optional cfg.enableSshSupport optional (cfg.enableSshSupport) "enable-ssh-support"
"enable-ssh-support"
++ ++
optional cfg.noGrab optional (!cfg.grabKeyboardAndMouse) "no-grab"
"no-grab"
++ ++
optional cfg.disableScDaemon optional (!cfg.enableScDaemon) "disable-scdaemon"
"disable-scdaemon"
++ ++
optional (cfg.defaultCacheTtl != null) optional (cfg.defaultCacheTtl != null) "default-cache-ttl ${toString cfg.defaultCacheTtl}"
"default-cache-ttl ${toString cfg.defaultCacheTtl}"
++ ++
optional (cfg.defaultCacheTtlSsh != null) optional (cfg.defaultCacheTtlSsh != null) "default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}"
"default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}"
++
optional (cfg.writeEnvFile != null)
"write-env-file ${toString cfg.writeEnvFile}"
); );
home.sessionVariables = home.sessionVariables =