Skip to content

Commit b6d62d0

Browse files
stackptrclaude
andauthored
feat: add rc.gpg home module for Yubikey identity signing (#450)
* feat(home): create rc.gpp home module * chore: use GPG identity on Rhizome * fix: reduce GPG cache TTL * feat: set options for Yubikey * feat: disable external cache * refactor(home): consolidate GPG and git signing config into rc.gpg module Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent e987d4f commit b6d62d0

File tree

6 files changed

+48
-24
lines changed

6 files changed

+48
-24
lines changed

home/default.nix

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@
77
}: {
88
imports = [
99
./programs
10-
./services.nix
1110
];
1211

1312
age.identityPaths = [

home/services.nix

Lines changed: 0 additions & 12 deletions
This file was deleted.

hosts/Rhizome/home.nix

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
{pkgs, ...}: {
2+
rc.gpg.enable = true;
3+
}

modules/home/default.nix

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
./programs
55
./development.nix
66
./editor.nix
7+
./gpg.nix
78
./scm.nix
89
./ssh.nix
910
./utilities.nix

modules/home/gpg.nix

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
config,
3+
lib,
4+
pkgs,
5+
...
6+
}: let
7+
inherit (lib) mkIf;
8+
9+
cfg = config.rc.gpg;
10+
in {
11+
options = {
12+
rc.gpg = {
13+
enable = lib.mkEnableOption "GPG-based identity configuration";
14+
};
15+
};
16+
17+
config = mkIf cfg.enable {
18+
programs.gpg = {
19+
enable = true;
20+
settings = {
21+
default-key = "413D1A0152BCB08D2E3DDACAF88C08579051AB48";
22+
};
23+
};
24+
25+
programs.git.signing = {
26+
key = "F88C08579051AB48";
27+
signByDefault = true;
28+
};
29+
30+
services.gpg-agent = {
31+
enable = true;
32+
enableScDaemon = true;
33+
enableSshSupport = true;
34+
enableZshIntegration = true;
35+
defaultCacheTtlSsh = 600;
36+
maxCacheTtlSsh = 3600;
37+
noAllowExternalCache = true;
38+
pinentry.package = with pkgs;
39+
if stdenv.isDarwin
40+
then pinentry_mac
41+
else pinentry-tty;
42+
};
43+
};
44+
}

modules/home/scm.nix

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -51,10 +51,6 @@ in {
5151

5252
programs.git = {
5353
enable = true;
54-
signing = {
55-
key = "F88C08579051AB48";
56-
signByDefault = true;
57-
};
5854
settings = {
5955
user = {
6056
name = "✿ corey";
@@ -72,13 +68,6 @@ in {
7268
enable = true;
7369
enableGitIntegration = true;
7470
};
75-
76-
programs.gpg = {
77-
enable = true;
78-
settings = {
79-
default-key = "413D1A0152BCB08D2E3DDACAF88C08579051AB48";
80-
};
81-
};
8271
})
8372

8473
(mkIf gitCfg.enableHubWrapper {

0 commit comments

Comments
 (0)