Daholli/nixos-config
1
0
Fork 0
Code Issues 3 Pull requests Releases Packages Activity Actions

first attempt at setting up yubikey and commit signing using it (secondary key)

Browse source
This commit is contained in:
Christoph Hollizeck 2024-06-05 23:14:18 +02:00
parent cdd702a656
commit bd949ce723
Signed by: Daholli
GPG key ID: 249300664F2AF2C7
5 changed files with 46 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

9
modules/nixos/tools/git/default.nix
View file

@ -17,8 +17,7 @@ in
userName = mkOpt types.str user.fullName "The name to use git with";
userEmail = mkOpt types.str user.email "The email to use git with";
signingKey =
mkOpt types.str "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN4iH29edivUi+k94apb6pasWq8qphfhYo0d6B2GhISf"
"The key ID to sign commits with.";
mkOpt types.str "6995A5FF33791B7B" "The key ID to sign commits with.";
};
config = mkIf cfg.enable {
@ -34,7 +33,7 @@ in
lfs.enable = true;
signing = {
key = cfg.signingKey;
signByDefault = mkIf _1password.enable true;
signByDefault = mkIf gpg.enable true;
};
extraConfig = {
init = {
@ -49,10 +48,6 @@ in
safe = {
directory = "${config.users.users.${user.name}.home}/projects/config";
};
gpg = {
format = "ssh";
"ssh".program = "${pkgs._1password-gui}/bin/op-ssh-sign";
};
};
};
};