From e7c53dbb63ad9feca8fd048edfd96e7a5c8b18db Mon Sep 17 00:00:00 2001 From: ItsDrike Date: Thu, 4 Apr 2024 21:48:31 +0200 Subject: [PATCH] Add gpg --- home/programs/terminal/tools/default.nix | 1 + home/programs/terminal/tools/git/default.nix | 3 -- home/programs/terminal/tools/gpg.nix | 29 ++++++++++++++++++++ 3 files changed, 30 insertions(+), 3 deletions(-) create mode 100644 home/programs/terminal/tools/gpg.nix diff --git a/home/programs/terminal/tools/default.nix b/home/programs/terminal/tools/default.nix index 42cb526..8a18a3e 100644 --- a/home/programs/terminal/tools/default.nix +++ b/home/programs/terminal/tools/default.nix @@ -1,5 +1,6 @@ _: { imports = [ ./git + ./gpg.nix ]; } diff --git a/home/programs/terminal/tools/git/default.nix b/home/programs/terminal/tools/git/default.nix index 3ffa9c2..3761d1a 100644 --- a/home/programs/terminal/tools/git/default.nix +++ b/home/programs/terminal/tools/git/default.nix @@ -9,9 +9,6 @@ in ./aliases.nix ]; - # TODO: Figure out how to manage gpg keys properly in nix/home-manager - # (right now, I'm importing my keys manually) - programs.git = { enable = true; package = pkgs.gitAndTools.gitFull; diff --git a/home/programs/terminal/tools/gpg.nix b/home/programs/terminal/tools/gpg.nix new file mode 100644 index 0000000..eb75a87 --- /dev/null +++ b/home/programs/terminal/tools/gpg.nix @@ -0,0 +1,29 @@ +{ config, ... }: { + programs = { + gpg = { + enable = true; + homedir = "${config.xdg.dataHome}/gnupg"; + + # I manage the keys manually + mutableKeys = true; + mutableTrust = true; + + settings = { + keyserver = "hkps://keys.openpgp.org"; + + # Don't leak information in signature + no-emit-version = ""; + no-comments = ""; + export-options = "export-minimal"; + + # Display the long format of the key ID and show fingerprints by default + keyid-format = "0xlong"; + with-fingerprint = ""; + + # Display UID validity of the keys + list-options = "show-uid-validity"; + verify-options = "show-uid-validity"; + }; + }; + }; +}