commit 398c7b06952e10a439bfced97fa11762ba89e777
parent 1a597d92327b305f7e7b848b1d7acdc392204da0
Author: Chris <chris@echoz.io>
Date: Fri, 16 Jan 2026 16:49:26 +0100
feat: add pass-secret-service
Diffstat:
1 file changed, 32 insertions(+), 0 deletions(-)
diff --git a/modules/pass-secret-service/default.nix b/modules/pass-secret-service/default.nix
@@ -0,0 +1,32 @@
+{
+ lib,
+ pkgs,
+
+ user,
+ email,
+ ...
+}:
+{
+ home-manager.users.${user} =
+ { config, ... }:
+ {
+ services.pass-secret-service = {
+ enable = true;
+ storePath = "${config.xdg.dataHome}/keyrings";
+ };
+
+ systemd.user.services.pass-secret-service.Service.ExecStartPre =
+ pkgs.writeShellScript "pass-secret-service-init" ''
+ storePath=${lib.escapeShellArg config.services.pass-secret-service.storePath}
+ mkdir -p "$storePath"
+ [ -e "$storePath/.gpg-id" ] \
+ || printf "%s\n" ${lib.escapeShellArg email} \
+ > "$storePath/.gpg-id"
+ exit 0
+ '';
+ };
+
+ environment.persistence."/fix" = {
+ users.${user}.directories = [ ".local/share/keyrings" ];
+ };
+}
