diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index bf66994b502..bd80c811348 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -240,11 +240,14 @@ in { }; systemd.user = { services.pulseaudio = { + restartIfChanged = true; serviceConfig = { RestartSec = "500ms"; + PassEnvironment = "DISPLAY"; }; - environment = { DISPLAY = ":${toString config.services.xserver.display}"; }; - restartIfChanged = true; + }; + sockets.pulseaudio = { + wantedBy = [ "sockets.target" ]; }; }; }) diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 5e1ff91acab..7afcb9051bd 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -80,6 +80,7 @@ ./programs/environment.nix ./programs/fish.nix ./programs/freetds.nix + ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/info.nix ./programs/java.nix diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix new file mode 100644 index 00000000000..c5277f40d26 --- /dev/null +++ b/nixos/modules/programs/gnupg.nix @@ -0,0 +1,75 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.programs.gnupg; + +in + +{ + + options.programs.gnupg = { + agent.enable = mkOption { + type = types.bool; + default = false; + description = '' + Enables GnuPG agent with socket-activation for every user session. + ''; + }; + + agent.enableSSHSupport = mkOption { + type = types.bool; + default = true; + description = '' + Enable SSH agent support in GnuPG agent. Also sets SSH_AUTH_SOCK + environment variable correctly. This will disable socket-activation + and thus always start a GnuPG agent per user session. + ''; + }; + }; + + config = mkIf cfg.agent.enable { + systemd.user.services.gpg-agent = { + serviceConfig = { + ExecStart = [ + "" + ("${pkgs.gnupg}/bin/gpg-agent --supervised " + + optionalString cfg.agent.enableSSHSupport "--enable-ssh-support") + ]; + }; + }; + + systemd.user.sockets.gpg-agent = { + wantedBy = [ "sockets.target" ]; + }; + + systemd.user.sockets.gpg-agent-ssh = mkIf cfg.agent.enableSSHSupport { + wantedBy = [ "sockets.target" ]; + }; + + systemd.packages = [ pkgs.gnupg ]; + + environment.extraInit = '' + # Bind gpg-agent to this TTY if gpg commands are used. + export GPG_TTY=$(tty) + + '' + (optionalString cfg.agent.enableSSHSupport '' + # SSH agent protocol doesn't support changing TTYs, so bind the agent + # to every new TTY. + ${pkgs.gnupg}/bin/gpg-connect-agent --quiet updatestartuptty /bye > /dev/null + + if [ -z "$SSH_AUTH_SOCK" ]; then + export SSH_AUTH_SOCK=$(${pkgs.gnupg}/bin/gpgconf --list-dirs agent-ssh-socket) + fi + ''); + + assertions = [ + { assertion = cfg.agent.enableSSHSupport && !config.programs.ssh.startAgent; + message = "You can't use ssh-agent and GnuPG agent with SSH support enabled at the same time!"; + } + ]; + }; + +} diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index a00fc0dfd19..4faef2c609b 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -199,9 +199,8 @@ in environment.etc."ssh/ssh_known_hosts".text = knownHostsText; # FIXME: this should really be socket-activated for über-awesomeness. - systemd.user.services.ssh-agent = - { enable = cfg.startAgent; - description = "SSH Agent"; + systemd.user.services.ssh-agent = mkIf cfg.startAgent + { description = "SSH Agent"; wantedBy = [ "default.target" ]; serviceConfig = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; diff --git a/nixos/modules/services/monitoring/arbtt.nix b/nixos/modules/services/monitoring/arbtt.nix index a8d5e3b7fa0..b41a3c7b501 100644 --- a/nixos/modules/services/monitoring/arbtt.nix +++ b/nixos/modules/services/monitoring/arbtt.nix @@ -48,7 +48,8 @@ in { config = mkIf cfg.enable { systemd.user.services.arbtt = { description = "arbtt statistics capture service"; - wantedBy = [ "default.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig = { Type = "simple"; diff --git a/nixos/modules/services/x11/compton.nix b/nixos/modules/services/x11/compton.nix index d75d24830f8..56bc66b7179 100644 --- a/nixos/modules/services/x11/compton.nix +++ b/nixos/modules/services/x11/compton.nix @@ -208,13 +208,13 @@ in { config = mkIf cfg.enable { systemd.user.services.compton = { description = "Compton composite manager"; - wantedBy = [ "default.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig = { ExecStart = "${cfg.package}/bin/compton --config ${configFile}"; RestartSec = 3; Restart = "always"; }; - environment.DISPLAY = ":0"; }; environment.systemPackages = [ cfg.package ]; diff --git a/nixos/modules/services/x11/display-managers/default.nix b/nixos/modules/services/x11/display-managers/default.nix index cf6efb7dae7..58773685ec1 100644 --- a/nixos/modules/services/x11/display-managers/default.nix +++ b/nixos/modules/services/x11/display-managers/default.nix @@ -122,6 +122,9 @@ let source ~/.xprofile fi + # Start systemd user services for graphical sessions + ${config.systemd.package}/bin/systemctl --user start graphical-session.target + # Allow the user to setup a custom session type. if test -x ~/.xsession; then exec ~/.xsession @@ -164,6 +167,9 @@ let ''} test -n "$waitPID" && wait "$waitPID" + + ${config.systemd.package}/bin/systemctl --user stop graphical-session.target + exit 0 ''; @@ -325,6 +331,13 @@ in config = { services.xserver.displayManager.xserverBin = "${xorg.xorgserver.out}/bin/X"; + + systemd.user.targets.graphical-session = { + unitConfig = { + RefuseManualStart = false; + StopWhenUnneeded = false; + }; + }; }; imports = [ diff --git a/nixos/modules/services/x11/redshift.nix b/nixos/modules/services/x11/redshift.nix index eb5dfdf9584..992709ed000 100644 --- a/nixos/modules/services/x11/redshift.nix +++ b/nixos/modules/services/x11/redshift.nix @@ -95,7 +95,8 @@ in { config = mkIf cfg.enable { systemd.user.services.redshift = { description = "Redshift colour temperature adjuster"; - wantedBy = [ "default.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig = { ExecStart = '' ${cfg.package}/bin/redshift \ @@ -107,12 +108,6 @@ in { RestartSec = 3; Restart = "always"; }; - environment = { - DISPLAY = ":${toString ( - let display = config.services.xserver.display; - in if display != null then display else 0 - )}"; - }; }; }; diff --git a/nixos/modules/services/x11/unclutter-xfixes.nix b/nixos/modules/services/x11/unclutter-xfixes.nix index b94dfb1a26a..71262431b68 100644 --- a/nixos/modules/services/x11/unclutter-xfixes.nix +++ b/nixos/modules/services/x11/unclutter-xfixes.nix @@ -43,7 +43,8 @@ in { config = mkIf cfg.enable { systemd.user.services.unclutter-xfixes = { description = "unclutter-xfixes"; - wantedBy = [ "graphical.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig.ExecStart = '' ${cfg.package}/bin/unclutter \ --timeout ${toString cfg.timeout} \ diff --git a/nixos/modules/services/x11/unclutter.nix b/nixos/modules/services/x11/unclutter.nix index a22e5ac2c95..5f16a680050 100644 --- a/nixos/modules/services/x11/unclutter.nix +++ b/nixos/modules/services/x11/unclutter.nix @@ -56,19 +56,17 @@ in { config = mkIf cfg.enable { systemd.user.services.unclutter = { description = "unclutter"; - wantedBy = [ "default.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig.ExecStart = '' ${cfg.package}/bin/unclutter \ -idle ${toString cfg.timeout} \ - -display :${toString ( - let display = config.services.xserver.display; - in if display != null then display else 0 - )} \ -jitter ${toString (cfg.threeshold - 1)} \ ${optionalString cfg.keystroke "-keystroke"} \ ${concatMapStrings (x: " -"+x) cfg.extraOptions} \ -not ${concatStringsSep " " cfg.excluded} \ ''; + serviceConfig.PassEnvironment = "DISPLAY"; serviceConfig.RestartSec = 3; serviceConfig.Restart = "always"; }; diff --git a/nixos/modules/services/x11/urxvtd.nix b/nixos/modules/services/x11/urxvtd.nix index 57ad93f2017..f2ce089ce19 100644 --- a/nixos/modules/services/x11/urxvtd.nix +++ b/nixos/modules/services/x11/urxvtd.nix @@ -21,9 +21,8 @@ in { systemd.user = { sockets.urxvtd = { description = "socket for urxvtd, the urxvt terminal daemon"; - after = [ "graphical.target" ]; - wants = [ "graphical.target" ]; - wantedBy = [ "sockets.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; socketConfig = { ListenStream = "%t/urxvtd-socket"; }; diff --git a/nixos/modules/services/x11/xbanish.nix b/nixos/modules/services/x11/xbanish.nix index e1e3cbc8e44..b95fac68f16 100644 --- a/nixos/modules/services/x11/xbanish.nix +++ b/nixos/modules/services/x11/xbanish.nix @@ -20,7 +20,8 @@ in { config = mkIf cfg.enable { systemd.user.services.xbanish = { description = "xbanish hides the mouse pointer"; - wantedBy = [ "default.target" ]; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; serviceConfig.ExecStart = '' ${pkgs.xbanish}/bin/xbanish ${cfg.arguments} '';