mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-23 23:43:30 +00:00
nixos/ssh: Add enableAskPassword
Previously, this was only implicitly enabled if xserver.enable = true. However, Wayland-based desktops do not require this, and so configuring SSH_ASKPASS on a Wayland desktop becomes cumbersome. This simplifies that by adding a new option that defaults to the old conditional.
This commit is contained in:
parent
75df464afc
commit
f10aea2434
@ -167,6 +167,16 @@
|
||||
using this default will print a warning when rebuilt.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The option
|
||||
<link linkend="opt-services.ssh.enableAskPassword">services.ssh.enableAskPassword</link>
|
||||
was added, decoupling the setting of
|
||||
<literal>SSH_ASKPASS</literal> from
|
||||
<literal>services.xserver.enable</literal>. This allows easy
|
||||
usage in non-X11 environments, e.g. Wayland.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
@ -68,3 +68,9 @@ In addition to numerous new and upgraded packages, this release has the followin
|
||||
|
||||
- The `services.unifi.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11.
|
||||
Configurations using this default will print a warning when rebuilt.
|
||||
|
||||
- The option
|
||||
[services.ssh.enableAskPassword](#opt-services.ssh.enableAskPassword) was
|
||||
added, decoupling the setting of `SSH_ASKPASS` from
|
||||
`services.xserver.enable`. This allows easy usage in non-X11 environments,
|
||||
e.g. Wayland.
|
||||
|
@ -33,6 +33,13 @@ in
|
||||
|
||||
programs.ssh = {
|
||||
|
||||
enableAskPassword = mkOption {
|
||||
type = types.bool;
|
||||
default = config.services.xserver.enable;
|
||||
defaultText = literalExpression "config.services.xserver.enable";
|
||||
description = "Whether to configure SSH_ASKPASS in the environment.";
|
||||
};
|
||||
|
||||
askPassword = mkOption {
|
||||
type = types.str;
|
||||
default = "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass";
|
||||
@ -287,7 +294,7 @@ in
|
||||
# Allow ssh-agent to ask for confirmation. This requires the
|
||||
# unit to know about the user's $DISPLAY (via ‘systemctl
|
||||
# import-environment’).
|
||||
environment.SSH_ASKPASS = optionalString config.services.xserver.enable askPasswordWrapper;
|
||||
environment.SSH_ASKPASS = optionalString cfg.enableAskPassword askPasswordWrapper;
|
||||
environment.DISPLAY = "fake"; # required to make ssh-agent start $SSH_ASKPASS
|
||||
};
|
||||
|
||||
@ -298,7 +305,7 @@ in
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.variables.SSH_ASKPASS = optionalString config.services.xserver.enable askPassword;
|
||||
environment.variables.SSH_ASKPASS = optionalString cfg.enableAskPassword askPassword;
|
||||
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user