2025-07-25 16:55:16 +02:00
|
|
|
{ lib, pkgs, ... }:
|
|
|
|
|
let
|
|
|
|
|
inherit (lib.modules) mkForce;
|
|
|
|
|
in
|
2025-07-20 01:23:48 +02:00
|
|
|
{
|
2025-04-06 22:09:32 +02:00
|
|
|
security = {
|
2025-07-19 00:18:14 +02:00
|
|
|
# Enable Soteria, a GTK-based Polkit authentication agent.
|
|
|
|
|
soteria.enable = true;
|
2025-04-06 22:09:32 +02:00
|
|
|
apparmor = {
|
|
|
|
|
enable = true;
|
|
|
|
|
killUnconfinedConfinables = true;
|
2025-07-20 01:23:48 +02:00
|
|
|
packages = [ pkgs.apparmor-profiles ];
|
2025-04-06 22:09:32 +02:00
|
|
|
};
|
2025-07-19 00:33:08 +02:00
|
|
|
|
2025-07-25 16:55:16 +02:00
|
|
|
pam.services.login.enableGnomeKeyring = true;
|
|
|
|
|
|
|
|
|
|
wrappers.gnome-keyring-daemon = {
|
|
|
|
|
owner = "root";
|
|
|
|
|
group = "root";
|
|
|
|
|
capabilities = "cap_ipc_lock=ep";
|
|
|
|
|
source = "${pkgs.gnome-keyring}/bin/gnome-keyring-daemon";
|
2025-07-19 00:33:08 +02:00
|
|
|
};
|
2025-04-06 22:09:32 +02:00
|
|
|
};
|
2025-07-25 16:55:16 +02:00
|
|
|
services = {
|
|
|
|
|
dbus.packages = [
|
|
|
|
|
pkgs.gnome-keyring
|
|
|
|
|
];
|
|
|
|
|
gnome.gcr-ssh-agent.enable = mkForce false;
|
|
|
|
|
};
|
|
|
|
|
xdg.portal.extraPortals = [
|
|
|
|
|
pkgs.gnome-keyring
|
|
|
|
|
];
|
|
|
|
|
environment.systemPackages = [
|
|
|
|
|
pkgs.gnome-keyring
|
2025-07-19 00:33:08 +02:00
|
|
|
];
|
2024-08-22 21:41:20 +02:00
|
|
|
}
|
