Merge pull request #165479 from savannidgerinel/savanni/1password-browsersupport
nixos/1password-gui: init at 8.6.0
This commit is contained in:
commit
65f39165eb
|
@ -118,6 +118,7 @@
|
||||||
./misc/version.nix
|
./misc/version.nix
|
||||||
./misc/wordlist.nix
|
./misc/wordlist.nix
|
||||||
./misc/nixops-autoluks.nix
|
./misc/nixops-autoluks.nix
|
||||||
|
./programs/_1password-gui.nix
|
||||||
./programs/adb.nix
|
./programs/adb.nix
|
||||||
./programs/appgate-sdp.nix
|
./programs/appgate-sdp.nix
|
||||||
./programs/atop.nix
|
./programs/atop.nix
|
||||||
|
|
69
nixos/modules/programs/_1password-gui.nix
Normal file
69
nixos/modules/programs/_1password-gui.nix
Normal file
|
@ -0,0 +1,69 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
with lib;
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.programs._1password-gui;
|
||||||
|
|
||||||
|
in {
|
||||||
|
options = {
|
||||||
|
programs._1password-gui = {
|
||||||
|
enable = mkEnableOption "The 1Password Desktop application with browser integration";
|
||||||
|
|
||||||
|
groupId = mkOption {
|
||||||
|
type = types.int;
|
||||||
|
example = literalExpression "5000";
|
||||||
|
description = ''
|
||||||
|
The GroupID to assign to the onepassword group, which is needed for browser integration. The group ID must be 1000 or greater.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
polkitPolicyOwners = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
default = [];
|
||||||
|
example = literalExpression "[\"user1\" \"user2\" \"user3\"]";
|
||||||
|
description = ''
|
||||||
|
A list of users who should be able to integrate 1Password with polkit-based authentication mechanisms. By default, no users will have such access.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
package = mkOption {
|
||||||
|
type = types.package;
|
||||||
|
default = pkgs._1password-gui;
|
||||||
|
defaultText = literalExpression "pkgs._1password-gui";
|
||||||
|
example = literalExpression "pkgs._1password-gui";
|
||||||
|
description = ''
|
||||||
|
The 1Password derivation to use. This can be used to upgrade from the stable release that we keep in nixpkgs to the betas.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = let
|
||||||
|
package = cfg.package.override {
|
||||||
|
polkitPolicyOwners = cfg.polkitPolicyOwners;
|
||||||
|
};
|
||||||
|
in mkIf cfg.enable {
|
||||||
|
environment.systemPackages = [ package ];
|
||||||
|
users.groups.onepassword.gid = cfg.groupId;
|
||||||
|
|
||||||
|
security.wrappers = {
|
||||||
|
"1Password-BrowserSupport" =
|
||||||
|
{ source = "${cfg.package}/share/1password/1Password-BrowserSupport";
|
||||||
|
owner = "root";
|
||||||
|
group = "onepassword";
|
||||||
|
setuid = false;
|
||||||
|
setgid = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
"1Password-KeyringHelper" =
|
||||||
|
{ source = "${cfg.package}/share/1password/1Password-KeyringHelper";
|
||||||
|
owner = "root";
|
||||||
|
group = "onepassword";
|
||||||
|
setuid = true;
|
||||||
|
setgid = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
|
@ -101,6 +101,7 @@ in stdenv.mkDerivation rec {
|
||||||
mkdir -p $out/share/polkit-1/actions
|
mkdir -p $out/share/polkit-1/actions
|
||||||
substitute com.1password.1Password.policy.tpl $out/share/polkit-1/actions/com.1password.1Password.policy --replace "\''${POLICY_OWNERS}" "${policyOwners}"
|
substitute com.1password.1Password.policy.tpl $out/share/polkit-1/actions/com.1password.1Password.policy --replace "\''${POLICY_OWNERS}" "${policyOwners}"
|
||||||
'') + ''
|
'') + ''
|
||||||
|
|
||||||
# Icons
|
# Icons
|
||||||
cp -a resources/icons $out/share
|
cp -a resources/icons $out/share
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue