gpg-agent: add missing options
This commit is contained in:
parent
f8aaba6704
commit
c023b0532a
|
@ -25,14 +25,48 @@ in
|
||||||
type = types.nullOr types.int;
|
type = types.nullOr types.int;
|
||||||
default = null;
|
default = null;
|
||||||
description = ''
|
description = ''
|
||||||
Set the time a cache entry is valid to the given number of seconds.
|
Set the time a cache entry is valid to the given number of
|
||||||
|
seconds.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
defaultCacheTtlSsh = mkOption {
|
||||||
|
type = types.nullOr types.int;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
Set the time a cache entry used for SSH keys is valid to the
|
||||||
|
given number of seconds.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
enableSshSupport = mkOption {
|
enableSshSupport = mkOption {
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
description = "Whether to use the GnuPG key agent for SSH keys.";
|
description = ''
|
||||||
|
Whether to use the GnuPG key agent for SSH keys.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
grabKeyboardAndMouse = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
description = ''
|
||||||
|
Tell the pinentry to grab the keyboard and mouse. This
|
||||||
|
option should in general be used to avoid X-sniffing
|
||||||
|
attacks. When disabled, this option passes
|
||||||
|
<option>no-grab</option> setting to gpg-agent.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
enableScDaemon = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = true;
|
||||||
|
description = ''
|
||||||
|
Make use of the scdaemon tool. This option has the effect of
|
||||||
|
enabling the ability to do smartcard operations. When
|
||||||
|
disabled, this option passes
|
||||||
|
<option>disable-scdaemon</option> setting to gpg-agent.
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -40,11 +74,17 @@ in
|
||||||
config = mkIf cfg.enable (mkMerge [
|
config = mkIf cfg.enable (mkMerge [
|
||||||
{
|
{
|
||||||
home.file.".gnupg/gpg-agent.conf".text = concatStringsSep "\n" (
|
home.file.".gnupg/gpg-agent.conf".text = concatStringsSep "\n" (
|
||||||
optional cfg.enableSshSupport
|
optional (cfg.enableSshSupport) "enable-ssh-support"
|
||||||
"enable-ssh-support"
|
++
|
||||||
|
optional (!cfg.grabKeyboardAndMouse) "no-grab"
|
||||||
|
++
|
||||||
|
optional (!cfg.enableScDaemon) "disable-scdaemon"
|
||||||
++
|
++
|
||||||
optional (cfg.defaultCacheTtl != null)
|
optional (cfg.defaultCacheTtl != null)
|
||||||
"default-cache-ttl ${toString cfg.defaultCacheTtl}"
|
"default-cache-ttl ${toString cfg.defaultCacheTtl}"
|
||||||
|
++
|
||||||
|
optional (cfg.defaultCacheTtlSsh != null)
|
||||||
|
"default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}"
|
||||||
);
|
);
|
||||||
|
|
||||||
home.sessionVariables =
|
home.sessionVariables =
|
||||||
|
|
Loading…
Reference in a new issue