From db42bf10d860d43552ed250d399825557630ce66 Mon Sep 17 00:00:00 2001
From: zack <hi@zoeys.computer>
Date: Tue, 30 Jul 2024 12:08:53 -0400
Subject: [PATCH] feat(1p): add 1password

---
 modules/nixos/services/1p/default.nix  | 36 ++++++++++++++++++++++++++
 systems/x86_64-linux/earth/default.nix | 12 +++------
 2 files changed, 40 insertions(+), 8 deletions(-)
 create mode 100644 modules/nixos/services/1p/default.nix

diff --git a/modules/nixos/services/1p/default.nix b/modules/nixos/services/1p/default.nix
new file mode 100644
index 0000000..349b165
--- /dev/null
+++ b/modules/nixos/services/1p/default.nix
@@ -0,0 +1,36 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+with lib;
+with lib.custom; let
+  cfg = config.services._1password;
+in {
+  options.services._1password = with types; {
+    enable = mkBoolOpt false "Enable 1Password";
+
+    polkitPolicyOwnerUsername = mkStringOpt "zoey" "The username to own the polkit policy";
+  };
+
+  config = mkIf cfg.enable {
+    programs._1password.enable = true;
+    programs._1password-gui = {
+      enable = true;
+      # Certain features, including CLI integration and system authentication support,
+      # require enabling PolKit integration on some desktop environments (e.g. Plasma).
+      polkitPolicyOwners = [cfg.polkitPolicyOwnerUsername];
+    };
+
+    environment.etc = {
+      "1password/custom_allowed_browsers" = {
+        text = ''
+          librewolf
+          firefox
+        '';
+        mode = "0755";
+      };
+    };
+  };
+}
diff --git a/systems/x86_64-linux/earth/default.nix b/systems/x86_64-linux/earth/default.nix
index b59a0fd..b9231a9 100644
--- a/systems/x86_64-linux/earth/default.nix
+++ b/systems/x86_64-linux/earth/default.nix
@@ -38,6 +38,10 @@
     };
   };
   services.gnome.gnome-keyring.enable = true;
+  services._1password = {
+    enable = true;
+    polkitPolicyOwnerUsername = "zoey";
+  };
 
   # Bootloader.
   boot.loader.systemd-boot.enable = lib.mkForce false;
@@ -87,14 +91,6 @@
     initialHashedPassword = "$6$rounds=2000000$rFBJH7LwdEHvv.0i$HdHorWqp8REPdWPk5fEgZXX1TujRJkMxumGK0f0elFN0KRPlBjJMW2.35A.ID/o3eC/hGTwbSJAcJcwVN2zyV/";
   };
 
-  users.users.zack = {
-    isNormalUser = true;
-    description = "zack";
-    extraGroups = ["networkmanager" "wheel" "docker" "libvirtd" "plugdev"];
-    shell = pkgs.zsh;
-    initialHashedPassword = "$6$rounds=2000000$rFBJH7LwdEHvv.0i$HdHorWqp8REPdWPk5fEgZXX1TujRJkMxumGK0f0elFN0KRPlBjJMW2.35A.ID/o3eC/hGTwbSJAcJcwVN2zyV/";
-  };
-
   users.groups.plugdev = {};
 
   snowfallorg.users.zoey = {