36 lines
759 B
Nix
36 lines
759 B
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
cfg = config.hive.kwallet;
|
|
in {
|
|
options.hive.kwallet = {
|
|
enable = lib.mkEnableOption "Enable kwallet";
|
|
forUsers = lib.mkOption {
|
|
type = lib.types.listOf lib.types.str;
|
|
default = [];
|
|
description = ''
|
|
List of users that should unlock kwallet via pam.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
environment.systemPackages = with pkgs.kdePackages; [
|
|
kwallet
|
|
kwalletmanager
|
|
];
|
|
security.pam.services = builtins.listToAttrs (map (user: {
|
|
name = user;
|
|
value = {
|
|
kwallet.enable = true;
|
|
kwallet.forceRun = true;
|
|
kwallet.package = pkgs.kdePackages.kwallet-pam;
|
|
};
|
|
})
|
|
cfg.forUsers);
|
|
};
|
|
}
|