diff options
author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-20 16:06:57 +0200 |
---|---|---|
committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-20 16:14:24 +0200 |
commit | 5156e1aae36a153be98b6832ab3ced7be2b2faee (patch) | |
tree | 3f050d3bc567af4c72f87e0925d21c3521436e45 /hm/soispha/conf/gpg/default.nix | |
parent | refactor(hm/conf/zsh): Remove old zsh-prompt file (diff) | |
download | nixos-config-5156e1aae36a153be98b6832ab3ced7be2b2faee.zip |
refactor(hm): Rename to `modules/home`
Diffstat (limited to 'hm/soispha/conf/gpg/default.nix')
-rw-r--r-- | hm/soispha/conf/gpg/default.nix | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/hm/soispha/conf/gpg/default.nix b/hm/soispha/conf/gpg/default.nix deleted file mode 100644 index 2f644422..00000000 --- a/hm/soispha/conf/gpg/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - programs.gpg = { - enable = true; - homedir = "${config.xdg.dataHome}/gnupg"; - mutableKeys = true; - mutableTrust = true; - - settings = { - default-key = "Benedikt Peetz <benedikt.peetz@b-peetz.de>"; - # TODO: add more - }; - - publicKeys = [ - { - source = ./keys/key_1.asc; - trust = "ultimate"; - } - { - source = ./keys/key_2.asc; - trust = "full"; - } - ]; - }; - services = { - gpg-agent = { - enable = true; - enableZshIntegration = true; - enableScDaemon = true; # smartcards and such things - - # Cache the key passwords - defaultCacheTtl = 60 * 50; - defaultCacheTtlSsh = 60 * 50; - maxCacheTtl = 60 * 50; - maxCacheTtlSsh = 60 * 50; - - pinentryPackage = pkgs.pinentry-curses; - # pinentryPackage = pkgs.pinentry-tty; - - enableSshSupport = true; - sshKeys = let - removeSpace = str: builtins.replaceStrings [" "] [""] str; - in [ - (removeSpace "8321 ED3A 8DB9 99A5 1F3B F80F F268 2914 EA42 DE26") - ]; - }; - }; - - programs.zsh.initExtraFirst = lib.mkBefore '' - export GPG_TTY=$(tty) - - # Magic copied from the gpg-agent manual - unset SSH_AGENT_PID - if [ "''${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then - export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" - fi - - - # Ensure that get gpg agent is started (necessary because ssh does not start it - # automatically) - gpg-connect-agent /bye - ''; -} |