Erwin Boskma
5a63157643
This makes use of ED25519-SK keys that provide 2FA for SSH. Also, switch to using the SSH key to sign git commits
34 lines
572 B
Nix
34 lines
572 B
Nix
{ pkgs
|
|
, config
|
|
, lib
|
|
, ...
|
|
}:
|
|
with lib; let
|
|
cfg = config.eboskma.programs.gpg;
|
|
in
|
|
{
|
|
options.eboskma.programs.gpg = {
|
|
enable = mkEnableOption "enable gpg";
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
home.packages = with pkgs; [
|
|
pinentry-gnome
|
|
];
|
|
|
|
programs.gpg = {
|
|
enable = true;
|
|
};
|
|
|
|
services.gpg-agent = {
|
|
enable = true;
|
|
pinentryFlavor = "gnome3";
|
|
# enableSshSupport = true;
|
|
# defaultCacheTtlSsh = 14400;
|
|
# maxCacheTtlSsh = 14400;
|
|
extraConfig = ''
|
|
allow-loopback-pinentry
|
|
'';
|
|
};
|
|
};
|
|
}
|