diff options
| author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2023-04-14 16:57:37 -0400 |
|---|---|---|
| committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2023-04-14 17:15:08 -0400 |
| commit | 3bacd3c76a58ebe70f98be654f09cbd4166093ab (patch) | |
| tree | 89f687565205971a9925d33400235968a569a069 /gnu/home/services | |
| parent | df3391c0309443ac37f9a9a6b1038a85454b8ee6 (diff) | |
| parent | 97ed675718b948319e6f6e51f2d577971bea1176 (diff) | |
Merge branch 'master' into core-updates.
Conflicts:
gnu/local.mk
gnu/packages/build-tools.scm
gnu/packages/certs.scm
gnu/packages/check.scm
gnu/packages/compression.scm
gnu/packages/cups.scm
gnu/packages/fontutils.scm
gnu/packages/gnuzilla.scm
gnu/packages/guile.scm
gnu/packages/ibus.scm
gnu/packages/image-processing.scm
gnu/packages/linux.scm
gnu/packages/music.scm
gnu/packages/nss.scm
gnu/packages/pdf.scm
gnu/packages/python-xyz.scm
gnu/packages/qt.scm
gnu/packages/ruby.scm
gnu/packages/shells.scm
gnu/packages/tex.scm
gnu/packages/video.scm
gnu/packages/vulkan.scm
gnu/packages/web.scm
gnu/packages/webkit.scm
gnu/packages/wm.scm
Diffstat (limited to 'gnu/home/services')
| -rw-r--r-- | gnu/home/services/desktop.scm | 6 | ||||
| -rw-r--r-- | gnu/home/services/gnupg.scm | 150 | ||||
| -rw-r--r-- | gnu/home/services/shells.scm | 12 | ||||
| -rw-r--r-- | gnu/home/services/xdg.scm | 22 |
4 files changed, 172 insertions, 18 deletions
diff --git a/gnu/home/services/desktop.scm b/gnu/home/services/desktop.scm index fb1cd44060..661fe7d283 100644 --- a/gnu/home/services/desktop.scm +++ b/gnu/home/services/desktop.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2022 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2022 ( <paren@disroot.org> ;;; Copyright © 2023 conses <contact@conses.eu> +;;; Copyright © 2023 Janneke Nieuwenhuizen <janneke@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -37,7 +38,10 @@ home-dbus-service-type home-unclutter-configuration - home-unclutter-service-type)) + home-unclutter-service-type + + home-xmodmap-configuration + home-xmodmap-service-type)) ;;; diff --git a/gnu/home/services/gnupg.scm b/gnu/home/services/gnupg.scm new file mode 100644 index 0000000000..7e9e02a3cc --- /dev/null +++ b/gnu/home/services/gnupg.scm @@ -0,0 +1,150 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2023 Ludovic Courtès <ludo@gnu.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu home services gnupg) + #:use-module (guix gexp) + #:use-module ((guix records) #:select (match-record)) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu home services) + #:use-module (gnu home services shepherd) + #:autoload (gnu packages gnupg) (gnupg pinentry) + #:export (home-gpg-agent-configuration + home-gpg-agent-configuration? + home-gpg-agent-configuration-gnupg + home-gpg-agent-configuration-pinentry-program + home-gpg-agent-configuration-ssh-support? + home-gpg-agent-configuration-default-cache-ttl + home-gpg-agent-configuration-max-cache-ttl + home-gpg-agent-configuration-max-cache-ttl-ssh + home-gpg-agent-configuration-extra-content + + home-gpg-agent-service-type)) + +(define raw-configuration-string? string?) + +;; Configuration of 'gpg-agent'. +(define-configuration/no-serialization home-gpg-agent-configuration + (gnupg + (file-like gnupg) + "The GnuPG package to use.") + (pinentry-program + (file-like (file-append pinentry "/bin/pinentry-curses")) + "Pinentry program to use. Pinentry is a small user interface that +@command{gpg-agent} delegates to anytime it needs user input for a passphrase +or @acronym{PIN, personal identification number} (@pxref{Top,,, pinentry, +Using the PIN-Entry}).") + (ssh-support? + (boolean #f) + "Whether to enable @acronym{SSH, secure shell} support. When true, +@command{gpg-agent} acts as a drop-in replacement for OpenSSH's +@command{ssh-agent} program, taking care of OpenSSH secret keys and directing +passphrase requests to the chosen Pinentry program.") + (default-cache-ttl + (integer 600) + "Time a cache entry is valid, in seconds.") + (max-cache-ttl + (integer 7200) + "Maximum time a cache entry is valid, in seconds. After this time a cache +entry will be expired even if it has been accessed recently.") + (default-cache-ttl-ssh + (integer 1800) + "Time a cache entry for SSH keys is valid, in seconds.") + (max-cache-ttl-ssh + (integer 7200) + "Maximum time a cache entry for SSH keys is valid, in seconds.") + (extra-content + (raw-configuration-string "") + "Raw content to add to the end of @file{~/.gnupg/gpg-agent.conf}.")) + +(define (home-gpg-agent-configuration-file config) + "Return the @file{gpg-agent.conf} file for @var{config}." + (match-record config <home-gpg-agent-configuration> + (pinentry-program default-cache-ttl max-cache-ttl + default-cache-ttl-ssh max-cache-ttl-ssh + extra-content) + (mixed-text-file "gpg-agent.conf" + "pinentry-program " pinentry-program "\n" + "default-cache-ttl " + (number->string default-cache-ttl) "\n" + "max-cache-ttl " + (number->string max-cache-ttl) "\n" + "default-cache-ttl-ssh " + (number->string default-cache-ttl-ssh) "\n" + "max-cache-ttl-ssh " + (number->string max-cache-ttl-ssh) "\n" + extra-content))) + +(define (home-gpg-agent-shepherd-services config) + "Return the possibly-empty list of Shepherd services for @var{config}." + (match-record config <home-gpg-agent-configuration> + (gnupg ssh-support?) + ;; 'gpg-agent' is started on demand by GnuPG's programs, but it has to be + ;; started explicitly when OpenSSH support is enabled (info "(gnupg) Agent + ;; Options"). + (if ssh-support? + (let ((endpoint (lambda (name socket) + #~(endpoint + (make-socket-address + AF_UNIX + (string-append %user-runtime-dir + "/gnupg/" #$socket)) + #:name #$name + #:socket-directory-permissions #o700)))) + (list (shepherd-service + (provision '(gpg-agent ssh-agent)) + (modules '((shepherd support))) ;for '%user-runtime-dir' + (start #~(make-systemd-constructor + (list #$(file-append gnupg "/bin/gpg-agent") + "--supervised" "--enable-ssh-support") + (list #$(endpoint "ssh" "S.gpg-agent.ssh") + #$(endpoint "browser" "S.gpg-agent.browser") + #$(endpoint "extra" "S.gpg-agent.extra") + ;; #$(endpoint "scdaemon" "S.scdaemon") + #$(endpoint "std" "S.gpg-agent")))) + (stop #~(make-systemd-destructor)) + (documentation "Start 'gpg-agent', the GnuPG passphrase +agent, with support for handling OpenSSH material.")))) + '()))) + +(define (home-gpg-agent-files config) + `((".gnupg/gpg-agent.conf" ,(home-gpg-agent-configuration-file config)))) + +(define (home-gpg-agent-environment-variables config) + "Return GnuPG environment variables needed for @var{config}." + (if (home-gpg-agent-configuration-ssh-support? config) + `(("SSH_AUTH_SOCK" + . "$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh")) + '())) + +(define home-gpg-agent-service-type + (service-type + (name 'home-gpg-agent) + (extensions + (list (service-extension home-files-service-type + home-gpg-agent-files) + (service-extension home-shepherd-service-type + home-gpg-agent-shepherd-services) + (service-extension home-environment-variables-service-type + home-gpg-agent-environment-variables))) + (default-value (home-gpg-agent-configuration)) + (description + "Configure GnuPG's agent, @command{gpg-agent}, which is responsible for +managing OpenPGP and optionally SSH private keys. When SSH support is +enabled, @command{gpg-agent} acts as a drop-in replacement for OpenSSH's +@command{ssh-agent}."))) diff --git a/gnu/home/services/shells.scm b/gnu/home/services/shells.scm index 3326eb37f4..f05f2221d6 100644 --- a/gnu/home/services/shells.scm +++ b/gnu/home/services/shells.scm @@ -133,7 +133,7 @@ Shell startup process will continue with (environment-variables (alist '()) "Association list of environment variables to set for the Zsh session." - serialize-posix-env-vars) + (serializer serialize-posix-env-vars)) (zshenv (text-config '()) "List of file-like objects, which will be added to @file{.zshenv}. @@ -334,7 +334,7 @@ source ~/.profile rules for the @code{home-environment-variables-service-type} apply here (@pxref{Essential Home Services}). The contents of this field will be added after the contents of the @code{bash-profile} field." - serialize-posix-env-vars) + (serializer serialize-posix-env-vars)) (aliases (alist '()) "Association list of aliases to set for the Bash session. The aliases will be @@ -351,7 +351,7 @@ turns into @example alias ls=\"ls -alF\" @end example" - bash-serialize-aliases) + (serializer bash-serialize-aliases)) (bash-profile (text-config '()) "List of file-like objects, which will be added to @file{.bash_profile}. @@ -536,19 +536,19 @@ with text blocks from other extensions and the base service.")) (environment-variables (alist '()) "Association list of environment variables to set in Fish." - serialize-fish-env-vars) + (serializer serialize-fish-env-vars)) (aliases (alist '()) "Association list of aliases for Fish, both the key and the value should be a string. An alias is just a simple function that wraps a command, If you want something more akin to @dfn{aliases} in POSIX shells, see the @code{abbreviations} field." - serialize-fish-aliases) + (serializer serialize-fish-aliases)) (abbreviations (alist '()) "Association list of abbreviations for Fish. These are words that, when typed in the shell, will automatically expand to the full text." - serialize-fish-abbreviations)) + (serializer serialize-fish-abbreviations))) (define (fish-files-service config) `(("fish/config.fish" diff --git a/gnu/home/services/xdg.scm b/gnu/home/services/xdg.scm index 3007493f85..ac557b4c3d 100644 --- a/gnu/home/services/xdg.scm +++ b/gnu/home/services/xdg.scm @@ -104,11 +104,11 @@ like sockets.") Specification, but helps to make implementation of home services more consistent.") (state-home - (path "$HOME/.local/var/lib") - "Base directory for programs to store state files, like databases, -analogus to @file{/var/lib}, but for user. It is not a part of XDG -Base Directory Specification, but helps to make implementation of home -services more consistent.")) + (path "$HOME/.local/state") + "Base directory for programs to store state data that should persist +between (application) restarts, such as logs, but are not important or +portable enough to the user to warrant storing them in +@env{XDG_DATA_HOME}.")) (define (home-xdg-base-directories-environment-variables-service config) (map @@ -158,12 +158,12 @@ are no extensions use configuration instead." (compose identity) (extend last-extension-or-cfg) (description "Configure XDG base directories. This -service introduces two additional variables @env{XDG_STATE_HOME}, -@env{XDG_LOG_HOME}. They are not a part of XDG specification, at -least yet, but are convenient to have, it improves the consistency -between different home services. The services of this service-type is -instantiated by default, to provide non-default value, extend the -service-type (using @code{simple-service} for example)."))) +service introduces an additional @env{XDG_LOG_HOME} variable. It's not +a part of XDG specification, at least yet, but are convenient to have, +it improves the consistency between different home services. The +services of this service-type is instantiated by default, to provide +non-default value, extend the service-type (using @code{simple-service} +for example)."))) (define (generate-home-xdg-base-directories-documentation) (generate-documentation |