about summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-05-10 14:47:51 +0200
committerBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-05-10 14:47:51 +0200
commite8aca66e743d59c884b1cf89a19a51a56b311dda (patch)
tree0298105da378e153c97d541e91a9d5919936774b
parentfix(hm/conf/gpg): Remove `onlykey` specific configuration (diff)
downloadnixos-config-e8aca66e743d59c884b1cf89a19a51a56b311dda.tar.gz
nixos-config-e8aca66e743d59c884b1cf89a19a51a56b311dda.zip
fix(hm/conf/gpg): Allow mutable keys and thus remove old keys
Diffstat (limited to '')
-rwxr-xr-xhm/soispha/conf/gpg/agent-program.sh6
-rw-r--r--hm/soispha/conf/gpg/default.nix32
-rw-r--r--hm/soispha/conf/gpg/keys/key_1bin754 -> 0 bytes
-rw-r--r--hm/soispha/conf/gpg/keys/key_2bin717 -> 51304 bytes
-rw-r--r--hm/soispha/conf/gpg/keys/key_3bin51304 -> 0 bytes
-rw-r--r--hm/soispha/conf/gpg/keys/key_4bin2080 -> 0 bytes
6 files changed, 9 insertions, 29 deletions
diff --git a/hm/soispha/conf/gpg/agent-program.sh b/hm/soispha/conf/gpg/agent-program.sh
deleted file mode 100755
index 47d8158f..00000000
--- a/hm/soispha/conf/gpg/agent-program.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/usr/bin/env dash
-
-# shellcheck source=/dev/null
-SHELL_LIBRARY_VERSION="2.1.2" . %SHELL_LIBRARY_PATH
-
-onlykey-gpg-agent -v --skey-slot=ECC32 --dkey-slot=ECC32 "$@"
diff --git a/hm/soispha/conf/gpg/default.nix b/hm/soispha/conf/gpg/default.nix
index ffc90ffe..15be872b 100644
--- a/hm/soispha/conf/gpg/default.nix
+++ b/hm/soispha/conf/gpg/default.nix
@@ -2,19 +2,12 @@
   config,
   pkgs,
   ...
-}: let
-  gpg-agent = {
-    enable = true;
-    enableZshIntegration = true;
-    enableScDaemon = true; # smartcards and such things
-    pinentryPackage = pkgs.pinentry-tty;
-  };
-in {
+}: {
   programs.gpg = {
     enable = true;
     homedir = "${config.xdg.dataHome}/gnupg/onlykey";
-    mutableKeys = false;
-    mutableTrust = false;
+    mutableKeys = true;
+    mutableTrust = true;
 
     settings = {
       default-key = "Benedikt Peetz <benedikt.peetz@b-peetz.de>";
@@ -23,24 +16,17 @@ in {
 
     publicKeys = [
       {
-        source = ./keys/key_1;
-        trust = "ultimate";
-      }
-      {
         source = ./keys/key_2;
-        trust = "ultimate";
-      }
-      {
-        source = ./keys/key_3;
-        trust = "full";
-      }
-      {
-        source = ./keys/key_4;
         trust = "full";
       }
     ];
   };
   services = {
-    inherit gpg-agent;
+    gpg-agent = {
+      enable = true;
+      enableZshIntegration = true;
+      enableScDaemon = true; # smartcards and such things
+      pinentryPackage = pkgs.pinentry-tty;
+    };
   };
 }
diff --git a/hm/soispha/conf/gpg/keys/key_1 b/hm/soispha/conf/gpg/keys/key_1
deleted file mode 100644
index b10b8b6c..00000000
--- a/hm/soispha/conf/gpg/keys/key_1
+++ /dev/null
Binary files differdiff --git a/hm/soispha/conf/gpg/keys/key_2 b/hm/soispha/conf/gpg/keys/key_2
index 0b06cf3b..22ffb931 100644
--- a/hm/soispha/conf/gpg/keys/key_2
+++ b/hm/soispha/conf/gpg/keys/key_2
Binary files differdiff --git a/hm/soispha/conf/gpg/keys/key_3 b/hm/soispha/conf/gpg/keys/key_3
deleted file mode 100644
index 22ffb931..00000000
--- a/hm/soispha/conf/gpg/keys/key_3
+++ /dev/null
Binary files differdiff --git a/hm/soispha/conf/gpg/keys/key_4 b/hm/soispha/conf/gpg/keys/key_4
deleted file mode 100644
index effb9eee..00000000
--- a/hm/soispha/conf/gpg/keys/key_4
+++ /dev/null
Binary files differ