25 lines
649 B
Nix
25 lines
649 B
Nix
|
# Password store and secrets management via pass-wayland with OTP and import extensions.
|
||
|
|
{
|
||
|
|
config,
|
||
|
|
lib,
|
||
|
|
pkgs,
|
||
|
|
...
|
||
|
|
}:
|
||
|
|
with lib; let
|
||
|
|
cfg = config.base.secrets;
|
||
|
|
in {
|
||
|
|
# Enabled by default — base modules are always-on.
|
||
|
|
options.base.secrets.enable = (mkEnableOption "enable secrets management") // {default = true;};
|
||
|
|
|
||
|
|
config = mkIf cfg.enable {
|
||
|
|
programs.password-store = {
|
||
|
|
enable = true;
|
||
|
|
package =
|
||
|
|
pkgs.pass-wayland.withExtensions
|
||
|
|
(exts: [exts.pass-otp exts.pass-import]);
|
||
|
|
settings = {PASSWORD_STORE_DIR = "$XDG_DATA_HOME/password-store";};
|
||
|
|
};
|
||
|
|
home.packages = [pkgs.pinentry-gnome3];
|
||
|
|
};
|
||
|
|
}
|