diff --git a/home/jonas.nix b/home/jonas.nix index 76b76f2..f8d0b38 100644 --- a/home/jonas.nix +++ b/home/jonas.nix @@ -1,6 +1,7 @@ { config, pkgs, + lib, ... }: rec { imports = [ @@ -31,6 +32,11 @@ age.keyFile = "${home.homeDirectory}/.config/sops/age/keys.txt"; }; + # Make session variables available in systemd units + # SEE: https://github.com/nix-community/home-manager/pull/5543 + systemd.user.settings.Manager.DefaultEnvironment = + lib.mapAttrs (_: lib.mkDefault) config.home.sessionVariables; + xdg.mimeApps = { enable = true; diff --git a/modules/home/yubikey.nix b/modules/home/yubikey.nix index 7d6ad86..5bb2f8b 100644 --- a/modules/home/yubikey.nix +++ b/modules/home/yubikey.nix @@ -1,29 +1,43 @@ { config, + lib, pkgs, ... }: { - programs.gpg = { - enable = true; - mutableKeys = false; - mutableTrust = false; - publicKeys = [ - { - source = ../../static/keys/my_pub.asc; - trust = "ultimate"; - } - ]; + options.yubikey = with lib; { + pinentry = mkOption { + type = types.enum ["qt" "gnome3"]; + default = "qt"; + description = "The pinentry flavour to use"; + }; }; - services.gpg-agent = { - enable = true; - enableSshSupport = true; - enableZshIntegration = true; - pinentryPackage = pkgs.pinentry.qt; - extraConfig = '' - allow-emacs-pinentry - ''; - }; - home.sessionVariables = { - SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"; + + config = { + programs.gpg = { + enable = true; + mutableKeys = false; + mutableTrust = false; + publicKeys = [ + { + source = ../../static/keys/my_pub.asc; + trust = "ultimate"; + } + ]; + }; + services.gpg-agent = { + enable = true; + enableSshSupport = true; + enableZshIntegration = true; + pinentryPackage = + if config.yubikey.pinentry == "qt" + then pkgs.pinentry-qt + else pkgs.pinentry.gnome3; + extraConfig = '' + allow-emacs-pinentry + ''; + }; + home.sessionVariables = { + SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"; + }; }; }