nix-dotfiles/home/programs/gpg/auto-update-trust-db.nix

62 lines
1.5 KiB
Nix
Raw Permalink Normal View History

{ config, pkgs, lib, ... }:
let
cfg = config.programs.gpg;
in
{
options = {
programs.gpg.auto-update-trust-db = {
enable = lib.mkEnableOption "a timer that automatically updates your trust db";
frequency = lib.mkOption {
default = "daily";
type = lib.types.str;
description = ''
How often to update trust db
:::{.note}
This value is passed to the systemd
timer configuration as the onCalendar option. See
{manpage}`systemd.time(7)`
for more information about the format.
:::
'';
};
};
};
config = {
systemd.user.services.update-trust-db = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Service = {
Type = "oneshot";
CPUSchedulingPolicy = "idle";
IOSchedulingClass = "idle";
ExecStart = "${lib.getExe cfg.package} --update-trustdb";
Environment = [
"GNUPGHOME=${cfg.homedir}"
];
};
};
systemd.user.timers.gpg-refresh-keys = lib.mkIf cfg.auto-update-trust-db.enable {
Unit = {
Description = "Update gpg trust database";
Documentation = [ "man:gpg(1)" ];
};
Timer = {
Unit = "update-trust-db.service";
OnCalendar = cfg.auto-update-trust-db.frequency;
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
}