From 8f1ca25dba2260cbd5f8026a0542b3c0fe7f4bcf Mon Sep 17 00:00:00 2001 From: Michael Mandl Date: Wed, 10 Jul 2024 12:58:04 +0200 Subject: [PATCH] refactor: extract gpg config --- flake.nix | 6 +- git.nix | 4 +- {horsch/gpg => gpg}/default.nix | 6 +- {horsch/gpg => gpg}/horsch.pub.asc | 0 {horsch/gpg => gpg}/molez.pub.asc | 0 {horsch/gpg => gpg}/vi-bim.pub.asc | 0 horsch/home.nix | 2 +- private/gpg/default.nix | 21 ------- private/gpg/pubring.asc | 99 ------------------------------ private/home.nix | 2 +- 10 files changed, 10 insertions(+), 130 deletions(-) rename {horsch/gpg => gpg}/default.nix (89%) rename {horsch/gpg => gpg}/horsch.pub.asc (100%) rename {horsch/gpg => gpg}/molez.pub.asc (100%) rename {horsch/gpg => gpg}/vi-bim.pub.asc (100%) delete mode 100644 private/gpg/default.nix delete mode 100644 private/gpg/pubring.asc diff --git a/flake.nix b/flake.nix index 6fc16e2..b9eb1ff 100644 --- a/flake.nix +++ b/flake.nix @@ -28,7 +28,8 @@ user = "mandlm"; userName = "Michael Mandl"; userEmail = "mandlm@molez.net"; - userSigningKey = "4AA25D647AA54CC7"; + gpgSigningKey = "4AA25D647AA54CC7"; + gpgSSHKeys = [ "1F937AC8F77ED74CE24EAAE79B5601F73C6D115F" ]; theme = "dark"; }; }; @@ -43,7 +44,8 @@ user = "mmandl"; userName = "Michael Mandl"; userEmail = "michael.mandl@horsch.com"; - userSigningKey = "088ED38F036C7AF2"; + gpgSigningKey = "088ED38F036C7AF2"; + gpgSSHKeys = [ "AEB2BF3FF9CF9529E9A3C6F1A202D21686FF9278" ]; theme = "dark"; }; }; diff --git a/git.nix b/git.nix index ebd6389..739bf02 100644 --- a/git.nix +++ b/git.nix @@ -1,4 +1,4 @@ -{ pkgs, userName, userEmail, userSigningKey, ... }: +{ pkgs, userName, userEmail, gpgSigningKey, ... }: { programs = { @@ -11,7 +11,7 @@ inherit userEmail; signing = { - key = userSigningKey; + key = gpgSigningKey; signByDefault = true; }; diff --git a/horsch/gpg/default.nix b/gpg/default.nix similarity index 89% rename from horsch/gpg/default.nix rename to gpg/default.nix index 9adcf94..4a3069c 100644 --- a/horsch/gpg/default.nix +++ b/gpg/default.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, gpgSSHKeys, ... }: { services.gpg-agent = { @@ -6,9 +6,7 @@ enableZshIntegration = true; pinentryPackage = pkgs.pinentry-curses; enableSshSupport = true; - sshKeys = [ - "AEB2BF3FF9CF9529E9A3C6F1A202D21686FF9278" - ]; + sshKeys = gpgSSHKeys; defaultCacheTtl = 3600 * 12; defaultCacheTtlSsh = 3600 * 12; maxCacheTtl = 3600 * 12; diff --git a/horsch/gpg/horsch.pub.asc b/gpg/horsch.pub.asc similarity index 100% rename from horsch/gpg/horsch.pub.asc rename to gpg/horsch.pub.asc diff --git a/horsch/gpg/molez.pub.asc b/gpg/molez.pub.asc similarity index 100% rename from horsch/gpg/molez.pub.asc rename to gpg/molez.pub.asc diff --git a/horsch/gpg/vi-bim.pub.asc b/gpg/vi-bim.pub.asc similarity index 100% rename from horsch/gpg/vi-bim.pub.asc rename to gpg/vi-bim.pub.asc diff --git a/horsch/home.nix b/horsch/home.nix index 7fc5243..535176f 100644 --- a/horsch/home.nix +++ b/horsch/home.nix @@ -24,6 +24,7 @@ ../eza.nix ../fzf.nix ../git.nix + ../gpg ../neovim ../picocom.nix ../podman.nix @@ -33,7 +34,6 @@ ../starship.nix ../tree.nix ../zoxide.nix - ./gpg ./ssh.nix ./zsh.nix ]; diff --git a/private/gpg/default.nix b/private/gpg/default.nix deleted file mode 100644 index fcd5f77..0000000 --- a/private/gpg/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ pkgs, ... }: - -{ - services.gpg-agent = { - enable = true; - enableZshIntegration = true; - pinentryPackage = pkgs.pinentry-gnome3; - enableSshSupport = true; - sshKeys = [ "1F937AC8F77ED74CE24EAAE79B5601F73C6D115F" ]; - }; - - programs.gpg = { - enable = true; - mutableKeys = true; - mutableTrust = true; - publicKeys = [{ - source = ./pubring.asc; - trust = "ultimate"; - }]; - }; -} diff --git a/private/gpg/pubring.asc b/private/gpg/pubring.asc deleted file mode 100644 index 02bccb3..0000000 --- a/private/gpg/pubring.asc +++ /dev/null @@ -1,99 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- - -mQINBF75iDUBEADKT7HJf29rKofixOegZt6C4fDWhgJuVa/tT/9CxBewpGuvt2an -JM9eTO2ZUWjcbYc4zNsMppANKyr0+i9tve7f+hA5sXDbUNXXjxJz0tu2L3qToTqK -fkvpy4D5dFQYB/N+9n1JKouXNcZKmoTzH9ur6gxmDTdrKcOzjsJQvFjg/nf3jLzT -kj1REcCFxCqXQBVbnWObnaM/+2coofA11XO8KcA/qyVf2014Vj+LCtg8cYUWwOGn -1nomHkJpqAD1k1wYfiEq+2wwgYP9Qvb1WhHzfpRmLT6C1RR9gqnWdNhkRPNrEXOV -2lIAdKg0JJ2jZaOvblGfSA5ObndgwjCMu+0eE5bwSTYAXKwFoZC8/q78t1q2Wrgt -s9+zUWFQiTltXtGhtwiaZLEmkj8Dlg3C3EltaJAOX06AkVQiGY/DUfFL5uVXDSyE -2MBBFKk92ekGdFN6Vh1psw4lxQBUg/aGXA7zf+DR8UBQkGklDJPw0QbD15OEOsG0 -e1JbAa/rHt2w9a/Cn3Mzk18S0nwJXNmGk55Nm2TC5jNnP/COI6Pn2EE9t6RljBQT -jsOtolHy74ss3xz1c6Q4yLmDQUspxrL3T7DzpfhVQKIYiD9mKfV7mgROJfVRCobU -ZYekE4zvVNB8/unyxy4ZClD++qSODGT88p4FcedZvLJpjzX/QQBjScKycQARAQAB -tCBNaWNoYWVsIE1hbmRsIDxtYW5kbG1AbW9sZXoubmV0PokCVAQTAQgAPhYhBNvk -01IKur/fhA+Pz0qiXWR6pUzHBQJe+Yg1AhsjBQkJZgGABQsJCAcCBhUKCQgLAgQW -AgMBAh4BAheAAAoJEEqiXWR6pUzHowUP/ikckO6HTG1jdqa8Tioer5JFsjEvhD+w -Hdz6dOvdAcu+UntFgkpFPoCPi3U2I7OutC4mnSsWyA0KRQpAsrhKLHQbOpQp/mnj -T75e/MLLsmqqL2zS7hx5LjXihsG/BwUmPPn32XBi3yu/9bQbnwBkxteJLbpNPO4D -wMvIaV9KbZcQXGM99tnJL1jKXQAF8kr2VUKOogXMA5Nq4RgLDrJdFZ5zOr3l58sL -LFulX493+0coW1VIqc/NGqYEr71TmaVKOt69+5xGEZa5etBn3Ef4QAy94AgLjk7y -5u+CY1rJf8cmALt2Krh10abiM8TfnaZFq7i2E03xYhJccA/OH5KM6/TXW+AXVZiC -9uB3KD2OxSYz5C6SCTNAZ+vgKHD0ibpfIsELDgGIC96C1660a7WYUjFIUtsvYqG+ -L+s0OC5l4PKULOQEPJnZotQFUuJyOUmeXD+KKu0fhf1O/Iuuqy10EwhaFMk+VERZ -3alExEqWLlVOh/FYTsMfQN2NHF6FgCDsXJWLRk2wbL/Yg8JQ4Z5GPmjkLZgkdy2D -k9HbKpEtnKPHAfEwUK3l+kdkKVUZIpS+TMk9I7Ti8+NoY7sXJU/E2t6LgldE346P -JY6gskqPWpJtEVKxQidDpVs26ly4u92yYgraEFMUsky1pac6RukE3SCZKeUz0YVU -f9sTb9sn/Fz6uQINBF75iDUBEACwqwR/Zu9bpzFE+n1WXwQc6lEi84CwMqFi9y3F -0igFgJ+ClRUgCAVAX5sS+jR53PA0E2911aZ5/tS8JBjMeo5m+i2sIZW3HbpQv8OJ -XqfPUN7MOhcDoTYEuiL+zasjjGG9l6CN1sgfRZqRr0bv76XFJrBY0PaQycAdZDGr -MzrB6pCBqdhU0VBax4RT8aDo1863adJSAnIPBnCyAHACrHMWTboUsL00imY8OulS -B6ts9iBhCBRXCU+tRuAf8JSwNgGLsNAzneXoyat7B7miMnlD18ECFyC5OnbgyGi9 -v274sUYw8rgVjbLqDCbCJdfBuRF/aEC0tleS5ukaJpi4a8crCbxNrUxQtLN1/zv/ -jRF99vvGfZDzsGMQwKdKxgRvIWfE6ajEh1ANu7tx7bGJtroPcVZEfcqpaJfodp5P -EQmfyQ4dQOlPBr8kzD6pbVp/5kSe4/3N66pkaoMnY1SiLhcLyl3POhlPS2rBLpOO -Oh4v8hHK2tedle30AieXTCuLtFF7z/L+qBq8BsZsw6MDpp1MQfyh+ST6k+9rcHfA -VulfLm1yqgDpGt9t7JCgwTzHf4x1P1ooQBKx7LTk06+ovbr3ourShRRZvMrp0ZpK -nMITr9urvDw8gYRknbB5TlIGhHTy6Lm2XJYjb3Gok8ZyIOef5rbRD4EezBAK0XOY -b1WtzQARAQABiQI8BBgBCAAmFiEE2+TTUgq6v9+ED4/PSqJdZHqlTMcFAl75iDUC -GwwFCQlmAYAACgkQSqJdZHqlTMdRgBAAlpd9k6GB3NjmMtKtiNSsifGcRcOSbbMP -tQdMkwpFYx2gxlSJ0ANGidkCW7HcCLpEce6RunsS0o/lp9gXO7J+r0IfoLX6BhZq -EhrIMz0UyRgWJUQzq9/lyJnINLtY0JoEmvaDdAnGV4H4MoR4Pm+KioP5JHwFBUue -//M2PlBhmvuTQsoVIucZERx6gPOJDXV0GyytviSRB8BSvS0Ts+ayzbM0KgUqw6tb -p9ghej2vQImmzvkoF9RSBfe8oyRJ2qP17/uriaqUn4ETYoXyV65j8HPoxs+adyRY -I+yHlCfI27ft9rbTfZavEZSLLlUzqpzs2BfIqRLclwRm5QfIxbyZ2xwH6FCfjv0z -qH8WTFW5iSJpwCzIrVeAKyGawyHuU+Ww6qujJbhKDMzOl/UTyMtpNRnqqH+9sNaU -FuydeynUenih4/FBYwLGYIFM6rHVXCv0OYtOasyriNxCRDqbfT2NtSn8yj0Q8erp -GAcygR/FR37HTF3GRSXG3nlypzZOuaaD35OOpI6265LKPswZB5TbQB+Ggay2p2hU -EgMFmGaH+cxFjfD08CBuWaBQOlPv+1TTpnUAQc/Yx2HsnDJrtkznSN2JXrBNabfj -GBdIZ3fqpsYGf8J3EQf2/weT12oGFjXdjPRcOTu9Dord2AtgZYOdNwDNIJyBciB6 -0bwMRPpj0JGZAg0EXvmEoQEQAMIrSpPKCGZpbs/zHDTVPsQ1VlCSc2W8o+lxPM4b -nRO3l/MJnghH7KaHW7o7Kyo0JoX6ABD23aEKQKiCxPIUb5Ci8TmTGxtDyGNHJvXy -TxrU8Zl+KORfxybQllnwCC8iqtQicyfuC8JTzNc5blA3nc2gMtIeGid7qScqM3Qa -gZyBCWwqW5tzS1QmOhffsD/5IdCTcm7iSMGxEsvggRGzkJaaYwFyicf/38M2d6I6 -VsRvPCiSJMAl+vwKbnnNI6SwJ7r/8rNxO4VKhino78vVadJmnfJP8H4OfN89Q/Vm -aMhN9rlgD/TSP1IAlW6Mn3QkGJ7Jj6Bg/Le6H66pGauq0Oym40d8Azu8CC70B1o9 -6XcgcLQw0h4kzhvT/Dq666YlWe4ednz5OrqO8M01ZMEG22y52eWYCpQ31ziso2dj -yzodU803CgNbFynDrPNVjxb1Y46oDGxc1RZ1ubKK8Ow2Lg5ZGUYOEXPJ7ywYWaSP -c9QANhRRvOJ//8Lm4TRNitGM6jA/d80X19stvwlnjuQn/qyNRYx48Hgdo4ppsVMe -WQ82IviSuq1kFaSjzRuOYnCnMQJ0EzQlplxs12kp9b0bmsx0DyHnyWVPoaSPGdEC -Cl1No/d6lVoW29SKsYDxVSCgW8zElgmGmNDSJMag5VSyBzSWJOQV4JIrj+PSMfrd -zZHRABEBAAG0H01pY2hhZWwgTWFuZGwgPG1hbmRsQHZpLWJpbS5kZT6JAlQEEwEI -AD4WIQSn/A/3b5p5qlndLylOYPRCJ/YRtAUCXvmEoQIbIwUJCWYBgAULCQgHAgYV -CgkICwIEFgIDAQIeAQIXgAAKCRBOYPRCJ/YRtFcdD/9HT724U0DPK3NLZN5vLtWq -2F0+ND49w1Nmatf5PG4zYBJp0ztns+BSuekk1XBW5TXFg+D1Nj1KyQXE/vlsS+hT -D8O7Qd+X9mFcAJbsIpNSif6EaOhk5AzorWbMUC+viThsQD9qBSAwNzRtHjR77qmp -nyHI//cEJ/F+GQopubyZSEVc+0M2hoq5ZMQzwvaN0KuZqTLdeGFj3uJnF8rfx16h -gr7x2IkPK3V2S1cmYuKJoIl+aGDELAISUHOkXD6uWeygW3CKOm8XGFrcN/E5f+Sh -qhR6OCEwuSikRle6mHnrUVV4y8AWR4RNS/IWpcEA/+KITy/hVvF/yhLijdC3lXu5 -j4eMJryKmnUUxq7REYRq7L1uljvJwyd5Bgp3RLDYfRKxmi8a3EwpkH6sal654aed -lSdv27DuHlfpbK81kDYT/IvM8+R+L9aE5Kmla+KP1XgyJMyAOsmL8KTCCdJmKxUT -Mi5df3qeCqNGUHhugCyRTO5aOJj4nPmjWbNuc7n+vOjJOkd4ZvPY8l7cU0h33+Ot -+bbK23F56VsyRAFHt57U7sAY4GAX5QgE87hahhbz3YgjtaQOfsiDzGBGBwHLBxcZ -AGrGHX3YYxQ3OBrAC4BRyI3AZ2X8bdujpqKxF6Qajdw9S0Ppo9HqRuXCqcUB0KIH -hFIQXAFKG+IuEAwLBZx61bkCDQRe+YShARAA2PsPv3RawFEw/4TUW9DPR2InF+FJ -a6flc+jmGr2oKLbU02PTCsQHS8KmPwjp5/8tL6GJ8KervGgwfwK5E4u+pcurmOpJ -3OgHFgWNY7B8m3dihXWR+LZS/6O6MiY0ihhvkE7/NGkVNM/alCR527QRu2psJzbP -AB5i9jeb2YMk6mkhCPT1QH1m29KvX1uOd038FWlBhlokZ4b8XXT81cw3EFjwiJWJ -Q+VqHbtSXBfnwjFk/f3ZLKXYPkBYW6GGbSaI2EAoAjmC/DH4uY3gUjd3PVIkXjKo -HfiPnAcgIkxvYtf9FAbU2LCfPfwHQrpz39bAJCA82sJmd9hcp7mL8HBsAnC+asQ7 -O8+pkV9HEvDvvXv574E0q5bLcB5pBx4vokwSamTctZ9gVWym7uYmr9tFzRLYAJGj -1cO939hPgUu/POhx5vd5HUDb+yYi3yuZ6jcxUksQ1hcVgoN4tJCNXzm03heZJwVO -ykQUm8eTutafML9dTUIDTbsijXfMe7nUkZNiJ1dArfcCQjsbQvRv5zSg9d9nv4J9 -xznADgXXmc9B3DxZSS0JnM/VYnuAS32uhYiu7ZbE4gsO8l7LT/w9ajDMr2x4d+Ud -I67TnaK8VfF2bfv+5RFnz2CcpkO2XK+/uH1L/Z1pTaJyagH5yr8HuKjyAgQ8tCCE -1sQ13BGvEwFhGLkAEQEAAYkCPAQYAQgAJhYhBKf8D/dvmnmqWd0vKU5g9EIn9hG0 -BQJe+YShAhsMBQkJZgGAAAoJEE5g9EIn9hG0rgQQAILF/S4BypQZvK806L/Nr0LU -pyYBSrVQbdRLI0axDxAJ4wTyJJCB2wbgmQ8nnPJt42fzXq0bcOTFnIiZ5J6vXMou -dZ74/ZkRMhpluB869nP2hFcBJbbKsPf+6raEvMNRwcRk7Knep0wCuHw87t7xo7QK -Zs1oBpJDqdJ8StocSotw8d7Nd2FZ7pU3qPGiOqbg8th/UDgYhqeM2jLOFHJ5FN5t -JbcNWPcG2sDQPtd2u8RAoXTmoHBYa/07CrOhmFfUxE0yoOJxLZgVJNgzfmMX+Q6l -4IjnRfpQmH5PINncJmWN/FB//MRDRtTjHdI9UAyyXOHdnaquT7SfwQXE8SHKInsd -XcDAKNqRzNOG/92FOsbbhgRx2kyrhDdJRsh4zgV2OsNwBkY6wWUMM632PpIBauJN -yAFNm1Xle81CCxO43APDVnfpxC2nkkoHwy6vJlF3S4DwRTbCPLMonMMyY43pRZnR -Kumv0YJKKK8gV4hTYp1bc4fVDIgyfUmunFFA+LDwC09YbWSi9XJ7VveYD3T+l+qx -Brq7XvOXTd3E6F31Q+U+cU95YFCRUL3yVl+U4hpHdOB0K4gORNlUKhFNfzz1iyUS -tDXut79lup1kknfC4Fm3oJQFELMbnorkbnxp2HZnSjP2+yY9riV9vrCmN7+YihZC -iL8jv/hUCyjfKBN5Qa14 -=dpaN ------END PGP PUBLIC KEY BLOCK----- diff --git a/private/home.nix b/private/home.nix index a55d592..700d018 100644 --- a/private/home.nix +++ b/private/home.nix @@ -61,6 +61,7 @@ ../firefox.nix ../fzf.nix ../git.nix + ../gpg ../kitty.nix ../neovim ../nextcloud.nix @@ -70,7 +71,6 @@ ../sway ../tree.nix ../zoxide.nix - ./gpg ./zsh.nix ]; }