diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-10-18 17:07:46 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-10-18 17:07:46 +0200 |
| commit | c52c7f314ccadcc2fcd91e28c8fd1b88f6d5ce0c (patch) | |
| tree | e8b947710b467b32740598ff574982097836f66c /modules/home/conf/gpg/default.nix | |
| parent | chore(pkgs/yt): 1.2.1 -> 1.3.0 (diff) | |
| download | nixos-config-c52c7f314ccadcc2fcd91e28c8fd1b88f6d5ce0c.zip | |
refactor(modules): Move all system modules to `by-name`
From now on all modules should be added to the new `by-name` directory. This should help remove the (superficial and utterly useless) distinction between `home-manager` and `NixOS` modules.
Diffstat (limited to 'modules/home/conf/gpg/default.nix')
| -rw-r--r-- | modules/home/conf/gpg/default.nix | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/modules/home/conf/gpg/default.nix b/modules/home/conf/gpg/default.nix deleted file mode 100644 index 1acdf628..00000000 --- a/modules/home/conf/gpg/default.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - programs.gpg = { - enable = true; - homedir = "${config.xdg.dataHome}/gnupg"; - mutableKeys = true; - mutableTrust = true; - - settings = { - default-key = "Benedikt Peetz <benedikt.peetz@b-peetz.de>"; - # TODO: add more - }; - - publicKeys = [ - { - source = ./keys/key_1.asc; - trust = "ultimate"; - } - { - source = ./keys/key_2.asc; - trust = "full"; - } - ]; - }; - services = { - gpg-agent = { - enable = true; - enableZshIntegration = true; - enableScDaemon = true; # smartcards and such things - - # Cache the key passwords - defaultCacheTtl = 60 * 50; - defaultCacheTtlSsh = 60 * 50; - maxCacheTtl = 60 * 50; - maxCacheTtlSsh = 60 * 50; - - pinentryPackage = pkgs.pinentry-curses; - # pinentryPackage = pkgs.pinentry-tty; - - enableSshSupport = true; - sshKeys = let - removeSpace = str: builtins.replaceStrings [" "] [""] str; - in [ - (removeSpace "8321 ED3A 8DB9 99A5 1F3B F80F F268 2914 EA42 DE26") - ]; - }; - }; - - programs.zsh.initExtraFirst = lib.mkBefore '' - export GPG_TTY=$(tty) - - # Magic copied from the gpg-agent manual - unset SSH_AGENT_PID - if [ "''${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then - export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" - fi - - - # Ensure that get gpg agent is started (necessary because ssh does not start it - # automatically and has it's tty updated) - gpg-connect-agent /bye - ''; -} |