summary refs log tree commit diff
path: root/modules/services/x11/xserver.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/services/x11/xserver.nix')
-rw-r--r--modules/services/x11/xserver.nix28
1 files changed, 23 insertions, 5 deletions
diff --git a/modules/services/x11/xserver.nix b/modules/services/x11/xserver.nix
index e14c9762bd02..ee6f7c50f122 100644
--- a/modules/services/x11/xserver.nix
+++ b/modules/services/x11/xserver.nix
@@ -208,6 +208,16 @@ in
         '';
       };
 
+      startGnuPGAgent = mkOption {
+        default = true;
+        description = ''
+          Whether to start the GnuPG agent when you log in.  The GnuPG agent
+          remembers private keys for you so that you don't have to type in
+          passphrases every time you make an SSH connection or sign/encrypt
+          data.  Use <command>ssh-add</command> to add a key to the agent.
+        '';
+      };
+
       layout = mkOption {
         default = "us";
         description = ''
@@ -322,13 +332,21 @@ in
 
 
   ###### implementation
-  
+
   config = mkIf cfg.enable {
 
-    assertions = singleton
-      { assertion = config.services.hal.enable == true;
-        message = "The X server needs HAL running. Set services.hal.enable to true";
-      };
+    assertions =
+      [ { assertion = config.services.hal.enable == true;
+          message = "The X server needs HAL running. Set services.hal.enable to true";
+        }
+
+        { assertion = (cfg.startSSHAgent -> !cfg.startGnuPGAgent)
+                       && (cfg.startGnuPGAgent -> !cfg.startSSHAgent);
+          message =
+            "The OpenSSH SSH agent and GnuPG agent cannot be started " +
+            "both.  Choose between `startSSHAgent' and `startGnuPGAgent'.";
+        }
+      ];
 
     boot.extraModulePackages =
       optional (elem "nvidia" driverNames) kernelPackages.nvidia_x11 ++