diff --git a/modules/programs/gnupg.nix b/modules/programs/gnupg.nix index 6a34e30..718bf05 100644 --- a/modules/programs/gnupg.nix +++ b/modules/programs/gnupg.nix @@ -1,8 +1,19 @@ -{ config, lib, pkgs, ... }: - -with lib; +{ + config, + lib, + pkgs, + ... +}: let + inherit (lib) + getExe' + mkIf + mkOption + mkPackageOption + optionalString + types + ; cfg = config.programs.gnupg; @@ -10,6 +21,8 @@ in { options.programs.gnupg = { + package = mkPackageOption pkgs "gnupg" { }; + agent.enable = mkOption { type = types.bool; default = false; @@ -29,9 +42,12 @@ in }; config = mkIf cfg.agent.enable { + environment.systemPackages = [ cfg.package ]; + launchd.user.agents.gnupg-agent.serviceConfig = { ProgramArguments = [ - "${pkgs.gnupg}/bin/gpg-connect-agent" "/bye" + (getExe' cfg.package "gpg-connect-agent") + "/bye" ]; RunAtLoad = cfg.agent.enableSSHSupport; KeepAlive.SuccessfulExit = false; @@ -40,12 +56,13 @@ in environment.extraInit = '' # Bind gpg-agent to this TTY if gpg commands are used. export GPG_TTY=$(tty) - '' + (optionalString cfg.agent.enableSSHSupport '' + '' + + (optionalString cfg.agent.enableSSHSupport '' # SSH agent protocol doesn't support changing TTYs, so bind the agent # to every new TTY. - ${pkgs.gnupg}/bin/gpg-connect-agent --quiet updatestartuptty /bye > /dev/null 2>&1 + ${getExe' cfg.package "gpg-connect-agent"} --quiet updatestartuptty /bye > /dev/null 2>&1 - export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket) + export SSH_AUTH_SOCK=$(${getExe' cfg.package "gpgconf"} --list-dirs agent-ssh-socket) ''); }; } diff --git a/release.nix b/release.nix index 410b099..160c642 100644 --- a/release.nix +++ b/release.nix @@ -90,6 +90,7 @@ in { tests.networking-networkservices = makeTest ./tests/networking-networkservices.nix; tests.nix-enable = makeTest ./tests/nix-enable.nix; tests.nixpkgs-overlays = makeTest ./tests/nixpkgs-overlays.nix; + tests.programs-gnupg = makeTest ./tests/programs-gnupg.nix; tests.programs-ssh = makeTest ./tests/programs-ssh.nix; tests.programs-tmux = makeTest ./tests/programs-tmux.nix; tests.programs-zsh = makeTest ./tests/programs-zsh.nix; diff --git a/tests/programs-gnupg.nix b/tests/programs-gnupg.nix new file mode 100644 index 0000000..3a5c588 --- /dev/null +++ b/tests/programs-gnupg.nix @@ -0,0 +1,31 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + gnupg = pkgs.runCommand "gnupg-0.0.0" { } "mkdir -p $out/bin"; +in + +{ + system.primaryUser = "test-gnupg-user"; + + programs.gnupg.package = gnupg; + programs.gnupg.agent.enable = true; + programs.gnupg.agent.enableSSHSupport = true; + + test = '' + echo >&2 "checking gnupg-agent service in ~/Library/LaunchAgents" + grep "org.nixos.gnupg-agent" ${config.out}/user/Library/LaunchAgents/org.nixos.gnupg-agent.plist + grep "${gnupg}/bin/gpg-connect-agent" ${config.out}/user/Library/LaunchAgents/org.nixos.gnupg-agent.plist + + echo >&2 "checking GPG_TTY in set-environment" + grep 'export GPG_TTY=\$(tty)' ${config.system.build.setEnvironment} + + echo >&2 "checking SSH support in set-environment" + grep "${gnupg}/bin/gpg-connect-agent --quiet updatestartuptty /bye" ${config.system.build.setEnvironment} + grep "${gnupg}/bin/gpgconf --list-dirs agent-ssh-socket" ${config.system.build.setEnvironment} + ''; +}