diff options
author | jD91mZM2 <me@krake.one> | 2018-06-28 19:33:47 +0200 |
---|---|---|
committer | Robert Helgesson <robert@rycee.net> | 2018-06-29 00:39:14 +0200 |
commit | 97ee4578c9b305b9497ee5b0bb7c2b1d1278c2d7 (patch) | |
tree | 3cd8b3c891849527ad271968c131a1880cf298b9 /modules/services/gpg-agent.nix | |
parent | 0d3f9ba913dca444a3cb3ba566575196ed90d92c (diff) |
gpg-agent: Add maxCacheTtl(Ssh) options
Diffstat (limited to 'modules/services/gpg-agent.nix')
-rw-r--r-- | modules/services/gpg-agent.nix | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix index aa2ecdb7eb7..5e2a41388a1 100644 --- a/modules/services/gpg-agent.nix +++ b/modules/services/gpg-agent.nix @@ -40,6 +40,28 @@ in ''; }; + maxCacheTtl = mkOption { + type = types.nullOr types.int; + default = null; + description = '' + Set the maximum time a cache entry is valid to n seconds. After this + time a cache entry will be expired even if it has been accessed + recently or has been set using gpg-preset-passphrase. The default is + 2 hours (7200 seconds). + ''; + }; + + maxCacheTtlSsh = mkOption { + type = types.nullOr types.int; + default = null; + description = '' + Set the maximum time a cache entry used for SSH keys is valid to n + seconds. After this time a cache entry will be expired even if it has + been accessed recently or has been set using gpg-preset-passphrase. + The default is 2 hours (7200 seconds). + ''; + }; + enableSshSupport = mkOption { type = types.bool; default = false; @@ -103,6 +125,12 @@ in ++ optional (cfg.defaultCacheTtlSsh != null) "default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}" + ++ + optional (cfg.maxCacheTtl != null) + "max-cache-ttl ${toString cfg.maxCacheTtl}" + ++ + optional (cfg.maxCacheTtlSsh != null) + "max-cache-ttl-ssh ${toString cfg.maxCacheTtlSsh}" ); home.sessionVariables = |