thunderbird gpg agent

flake.lock

@@ -101,11 +101,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1748288309,
-        "narHash": "sha256-eME8v0XnFUx1okq1mmdBEVV2lgCEVaHRKMl8nzrOrlM=",
+        "lastModified": 1748686273,
+        "narHash": "sha256-B5AcG50rt8VAFC89ssl2SeRPK4rVFdQ7aYUOpQ0uqiU=",
         "ref": "refs/heads/main",
-        "rev": "c5c6cb7b0b721ba5dc45788e5d6f154cb8a91dc3",
-        "revCount": 2,
+        "rev": "cdb9d99624e83f049b714a6469a5c188fbbdd912",
+        "revCount": 3,
         "type": "git",
         "url": "ssh://git@github.com/henridoh/nixos-config-hidden"
       },

mod-hm/default.nix

@@ -2,5 +2,6 @@
 {
   imports = [
     ./unison.nix
+    ./protonmail-bridge.nix
   ];
 }

mod-hm/protonmail-bridge.nix

@@ -0,0 +1,62 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.services.protonmail-bridge;
+in
+{
+  options.services.protonmail-bridge = {
+    enable = lib.mkEnableOption "protonmail bridge";
+
+    package = lib.mkPackageOption pkgs "protonmail-bridge" { };
+
+    path = lib.mkOption {
+      type = lib.types.listOf lib.types.path;
+      default = [ ];
+      example = lib.literalExpression "with pkgs; [ pass gnome-keyring ]";
+      description = "List of derivations to put in protonmail-bridge's path.";
+    };
+
+    logLevel = lib.mkOption {
+      type = lib.types.nullOr (
+        lib.types.enum [
+          "panic"
+          "fatal"
+          "error"
+          "warn"
+          "info"
+          "debug"
+        ]
+      );
+      default = null;
+      description = "Log level of the Proton Mail Bridge service. If set to null then the service uses it's default log level.";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    home.packages = [ cfg.package ];
+    systemd.user.services.protonmail-bridge = {
+      Unit = {
+        Description = "protonmail bridge";
+      };
+      Install = {
+        wantedBy = [ "graphical-session.target" ];
+      };
+      Service =
+        let
+          logLevel = lib.optionalString (cfg.logLevel != null) "--log-level ${cfg.logLevel}";
+        in
+        {
+          ExecStart = "${lib.getExe cfg.package} --noninteractive ${logLevel}";
+          Restart = "always";
+          RestartSec = "2s";
+          Environment = [ "PATH=${lib.makeBinPath (cfg.path ++ [ cfg.package ])}" ];
+          path = cfg.path;
+        };
+    };
+  };
+}

pc/gpg.nix

@@ -1,9 +1,15 @@
 { pkgs, ... }:
 {
-  environment.systemPackages = with pkgs; [ seahorse ];
+  environment.systemPackages = with pkgs; [
+    seahorse
+    libsecret
+  ];
   programs.gnupg.agent = {
     enable = true;
     enableSSHSupport = true;
     pinentryPackage = pkgs.pinentry-gtk2;
   };
+  services.gnome.gnome-keyring = {
+    enable = true;
+  };
 }

pc/services.nix

@@ -1,4 +1,4 @@
-{ ... }:
+{ pkgs, ... }:
 {
   services = {
     printing.enable = true;
@@ -9,6 +9,13 @@
     };
     udisks2.enable = true;
     emacs.enable = true;
-    protonmail-bridge.enable = true;
+  };
+
+  home.services.protonmail-bridge = {
+    enable = true;
+    path = with pkgs; [
+      pass
+      gnome-keyring
+    ];
   };
 }

pc/software/programs.nix

@@ -1,19 +1,19 @@
 { pkgs, ... }:
 {
   environment.systemPackages = with pkgs; [
-    signal-desktop
-    element-desktop
-    zulip
-    vesktop
-    wireguard-tools
     bitwarden
+    calibre
+    element-desktop
     kitty
     nil
-    vlc
-    spotify
-    calibre
-    zotero
     obsidian
+    signal-desktop
+    spotify
+    vesktop
+    vlc
+    wireguard-tools
+    zotero
+    zulip
   ];
 
   virtualisation = {
@@ -30,10 +30,7 @@
       package = pkgs.thunderbird-latest;
       profiles.default = {
         isDefault = true;
-        settings = {
-          "mail.openpgp.allow_external_gnupg" = true;
-          "mail.openpgp.fetch_pubkeys_from_gnupg" = true;
-        };
+        withExternalGnupg = true;
       };
     };
   };