diff options
author | Franck Cuny <franck@fcuny.net> | 2024-03-04 15:10:15 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2024-03-04 15:10:15 -0800 |
commit | a2def2bfcc9d9777934cfc192a13fbc12773924f (patch) | |
tree | e1d2b5d7c9d4ee9fda41823ecb06e20e0ce4e09a | |
parent | move all home-manager settings under the profiles (diff) | |
download | world-a2def2bfcc9d9777934cfc192a13fbc12773924f.tar.gz |
don't sign git commits
Simplify the configuration as this is not something I currently use.
-rw-r--r-- | configs/ssh-pubkeys.toml | 16 | ||||
-rw-r--r-- | nix/profiles/home-manager/git.nix | 18 |
2 files changed, 1 insertions, 33 deletions
diff --git a/configs/ssh-pubkeys.toml b/configs/ssh-pubkeys.toml deleted file mode 100644 index d14462a..0000000 --- a/configs/ssh-pubkeys.toml +++ /dev/null @@ -1,16 +0,0 @@ -# this used to be the main key for my laptop -aptos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl" -# this used to be the key I used to sign commits -git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItMKXWzH00xS7kYJzDCIr/PM9DaZw+imK/byjrY5WNv" -# this is the key from work -work = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSWhXmnUplM+xltD0sYiJ6AsjkwHvbjTYLA7GHXHja9" - -ykey-laptop = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIGX4+CuUjiX6Doi4n6RqmznzFUyRrxKhEFvuIxROzXDKAAAABHNzaDo=" -ykey-keyring = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDnU4Xd8bElZYVWDbknlIgskR/q7ORrbvO0FLnJMQX+eAAAABHNzaDo=" -ykey-backup = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINEGiZpKcXQtB7P7k5puV5OAeMlnB7qRLm+HRI5/OKTbAAAABHNzaDo=" - -# this key is used to perform backups -restic = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/0b3IjqeCHQ+b4qZoptrmG/twV4Zj4BIH1yl7Y5cW9" - -# 1password -op = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF9r1KALhtItqMjxHQS0/5eWJm4UF/i38QATZIi1Pqm2" diff --git a/nix/profiles/home-manager/git.nix b/nix/profiles/home-manager/git.nix index ce9c0a9..d7b07c3 100644 --- a/nix/profiles/home-manager/git.nix +++ b/nix/profiles/home-manager/git.nix @@ -1,22 +1,10 @@ -{ lib, pkgs, config, ... }: -let - sshPub = builtins.fromTOML ( - builtins.readFile ../../../configs/ssh-pubkeys.toml - ); -in +{ pkgs, config, ... }: { - home.file.".ssh/allowed_signers".text = lib.concatMapStrings (x: "franck@fcuny.net ${x}\n") (with sshPub; [ aptos work git ykey-laptop op ]); - programs.git = { enable = true; userName = "Franck Cuny"; userEmail = "franck@fcuny.net"; - signing = { - key = "key::${sshPub.op}"; - signByDefault = true; - }; - aliases = { amend = "commit --amend"; ll = "log --pretty=\"format:%h %G? %aN %s\""; @@ -26,10 +14,6 @@ in core.whitespace = "trailing-space,space-before-tab"; color.ui = "true"; - gpg.format = "ssh"; - gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers"; - gpg.ssh.program = "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"; - # abort if the remote branch does not match the local one push.default = "simple"; |