diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix index a703ad141..afcf0aca9 100644 --- a/modules/services/gpg-agent.nix +++ b/modules/services/gpg-agent.nix @@ -168,6 +168,20 @@ in "gpg-agent" "pinentryFlavor" ] "Use services.gpg-agent.pinentryPackage instead") + + (lib.mkRenamedOptionModule + [ + "services" + "gpg-agent" + "pinentryPackage" + ] + [ + "services" + "gpg-agent" + "pinentry" + "package" + ] + ) ]; options = { @@ -296,19 +310,29 @@ in configuration file. ''; }; - pinentryPackage = mkOption { - type = types.nullOr types.package; - example = lib.literalExpression "pkgs.pinentry-gnome3"; - default = null; - description = '' - Which pinentry interface to use. If not `null`, it sets - {option}`pinentry-program` in {file}`gpg-agent.conf`. Beware that - `pinentry-gnome3` may not work on non-GNOME systems. You can fix it by - adding the following to your configuration: - ```nix - home.packages = [ pkgs.gcr ]; - ``` - ''; + + pinentry = { + package = lib.mkPackageOption pkgs "pinentry-gnome3" { + nullable = true; + default = null; + extraDescription = '' + Which pinentry interface to use. If not `null`, it sets + {option}`pinentry-program` in {file}`gpg-agent.conf`. Beware that + `pinentry-gnome3` may not work on non-GNOME systems. You can fix it by + adding the following to your configuration: + ```nix + home.packages = [ pkgs.gcr ]; + ``` + ''; + }; + + program = lib.mkOption { + type = types.nullOr types.str; + example = "wayprompt-pinentry"; + description = '' + Which program to search for in the configured `pinentry.package`. + ''; + }; }; enableBashIntegration = lib.hm.shell.mkBashIntegrationOption { inherit config; }; @@ -324,6 +348,11 @@ in config = mkIf cfg.enable ( lib.mkMerge [ { + # Grab the default binary name and fallback to expected value if `meta.mainProgram` not set + services.gpg-agent.pinentry.program = lib.mkOptionDefault ( + cfg.pinentry.package.meta.mainProgram or "pinentry" + ); + home.file."${homedir}/gpg-agent.conf".text = lib.concatStringsSep "\n" ( optional (cfg.enableSshSupport) "enable-ssh-support" ++ optional cfg.grabKeyboardAndMouse "grab" @@ -335,7 +364,9 @@ in ) "default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}" ++ optional (cfg.maxCacheTtl != null) "max-cache-ttl ${toString cfg.maxCacheTtl}" ++ optional (cfg.maxCacheTtlSsh != null) "max-cache-ttl-ssh ${toString cfg.maxCacheTtlSsh}" - ++ optional (cfg.pinentryPackage != null) "pinentry-program ${lib.getExe cfg.pinentryPackage}" + ++ optional ( + cfg.pinentry.package != null + ) "pinentry-program ${lib.getExe' cfg.pinentry.package cfg.pinentry.program}" ++ [ cfg.extraConfig ] ); diff --git a/tests/modules/services/gpg-agent/default-homedir.nix b/tests/modules/services/gpg-agent/default-homedir.nix index 82b3f3242..e289cea5b 100644 --- a/tests/modules/services/gpg-agent/default-homedir.nix +++ b/tests/modules/services/gpg-agent/default-homedir.nix @@ -1,6 +1,7 @@ { config, lib, + options, pkgs, ... }: @@ -10,6 +11,20 @@ lib.mkIf pkgs.stdenv.isLinux { services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome3; programs.gpg.enable = true; + test.asserts.warnings.expected = + let + renamed = { + pinentryPackage = "pinentry.package"; + }; + in + lib.mapAttrsToList ( + old: new: + builtins.replaceStrings [ "\n" ] [ " " ] '' + The option `services.gpg-agent.${old}' defined in + ${lib.showFiles options.services.gpg-agent.${old}.files} + has been renamed to `services.gpg-agent.${new}'.'' + ) renamed; + nmt.script = '' in="${config.systemd.user.sockets.gpg-agent.Socket.ListenStream}" if [[ $in != "%t/gnupg/S.gpg-agent" ]] diff --git a/tests/modules/services/gpg-agent/override-homedir.nix b/tests/modules/services/gpg-agent/override-homedir.nix index ad8ed61fe..196635fb3 100644 --- a/tests/modules/services/gpg-agent/override-homedir.nix +++ b/tests/modules/services/gpg-agent/override-homedir.nix @@ -5,7 +5,6 @@ let in { services.gpg-agent.enable = true; - services.gpg-agent.pinentryPackage = null; # Don't build pinentry package. programs.gpg = { enable = true; homedir = "/path/to/hash";