nixops: fix gnome-keyring/ssh-agent conflict, install geary on desktops

This commit is contained in:
Sebastien Bourdeauducq 2023-02-02 17:23:08 +08:00
parent 5a6e269605
commit 28902ae068

View File

@ -22,6 +22,11 @@ in
'"/etc/ssh/authorized_keys.d/%s", pw->pw_name)' '"/etc/ssh/authorized_keys.d/%s", pw->pw_name)'
''; '';
}); });
gnome = super.gnome // {
gnome-keyring = super.gnome.gnome-keyring.overrideAttrs(oa: {
configureFlags = oa.configureFlags ++ ["--disable-ssh-agent"];
});
};
}; };
networking.hostName = host; networking.hostName = host;
@ -90,7 +95,6 @@ in
PKCS11Provider "${pkgs.opensc}/lib/opensc-pkcs11.so" PKCS11Provider "${pkgs.opensc}/lib/opensc-pkcs11.so"
''; '';
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
services.gnome.gnome-keyring.enable = pkgs.lib.mkForce false;
programs.ssh.agentPKCS11Whitelist = "${pkgs.opensc}/lib/opensc-pkcs11.so"; programs.ssh.agentPKCS11Whitelist = "${pkgs.opensc}/lib/opensc-pkcs11.so";
security.pam.p11.enable = true; security.pam.p11.enable = true;
@ -133,7 +137,7 @@ in
services.xserver.displayManager.gdm.enable = true; services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true; services.xserver.desktopManager.gnome.enable = true;
environment.gnome.excludePackages = [ pkgs.epiphany pkgs.gnome3.geary ]; environment.gnome.excludePackages = [ pkgs.epiphany ];
systemd.suppressedSystemUnits = [ systemd.suppressedSystemUnits = [
"hibernate.target" "hibernate.target"