From 37d8642ed9236588442c8a07e044da18132f60f2 Mon Sep 17 00:00:00 2001 From: Natsu Kagami Date: Sun, 2 Jun 2024 18:03:23 +0200 Subject: [PATCH] Clean up some secret management stuff --- home/common-linux.nix | 24 ++++++++++++----------- home/fish/fish.nix | 4 ++-- home/modules/programs/my-sway/default.nix | 10 +--------- 3 files changed, 16 insertions(+), 22 deletions(-) diff --git a/home/common-linux.nix b/home/common-linux.nix index 04db3f3..36ab420 100644 --- a/home/common-linux.nix +++ b/home/common-linux.nix @@ -1,5 +1,16 @@ { pkgs, config, lib, ... }: -with lib; { +with lib; +let + kwallet = { pkgs, lib, ... }: { + home.packages = with pkgs; [ kdePackages.kwallet kdePackages.ksshaskpass ]; + home.sessionVariables = { + # https://wiki.archlinux.org/title/KDE_Wallet#Using_the_KDE_Wallet_to_store_ssh_key_passphrases + SSH_ASKPASS = lib.getExe pkgs.kdePackages.ksshaskpass; + SSH_ASKPASS_REQUIRE = "prefer"; + }; + }; +in +{ imports = [ ./modules/monitors.nix ./modules/linux/graphical @@ -12,22 +23,13 @@ with lib; { file # Query file type nix-output-monitor - pinentry-gnome3 + pinentry-qt # Java stuff jdk21 sbt ]; - ## Gnome-keyring - services.gnome-keyring = { - enable = true; - components = [ "pkcs11" "secrets" "ssh" ]; - }; - # services.gpg-agent.enable = true; - # services.gpg-agent.pinentryFlavor = "curses"; - # services.gpg-agent.enableSshSupport = true; - # Git "safe-directory" programs.git.extraConfig.safe.directory = [ "${config.home.homeDirectory}/.config/nixpkgs" diff --git a/home/fish/fish.nix b/home/fish/fish.nix index 11b44b8..5b11bfe 100644 --- a/home/fish/fish.nix +++ b/home/fish/fish.nix @@ -151,8 +151,8 @@ in # Sway! if status --is-login; and test -z $DISPLAY; and test (tty) = "/dev/tty1" ${bootDesktop} - if test $status -ne 255 - exit $status + if test $status -eq 0 + exit 0 end end diff --git a/home/modules/programs/my-sway/default.nix b/home/modules/programs/my-sway/default.nix index 08d6f53..a0c0d56 100644 --- a/home/modules/programs/my-sway/default.nix +++ b/home/modules/programs/my-sway/default.nix @@ -344,12 +344,10 @@ in swaynag.enable = true; # Environment Variables extraSessionCommands = '' - export MOZ_ENABLE_WAYLAND=1 - export SDL_VIDEODRIVER=wayland export QT_QPA_PLATFORM=wayland export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" export QT_IM_MODULE=fcitx - # export NIXOS_OZONE_WL=1 # Yeah this fucks up IMEs + # export NIXOS_OZONE_WL=1 # Until text-input is merged '' + (if config.services.gnome-keyring.enable then '' # gnome-keyring @@ -389,12 +387,6 @@ in '' + '' # Enable portal stuff exec ${pkgs.writeShellScript "start-portals.sh" '' - # Import the WAYLAND_DISPLAY env var from sway into the systemd user session. - dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway - - # Stop any services that are running, so that they receive the new env var when they restart. - systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr - systemctl --user start pipewire-media-session ''} ''; };