diff options
-rw-r--r-- | home/git/default.nix | 23 | ||||
-rw-r--r-- | home/pass/default.nix | 4 |
2 files changed, 16 insertions, 11 deletions
diff --git a/home/git/default.nix b/home/git/default.nix index f5fd924..557485b 100644 --- a/home/git/default.nix +++ b/home/git/default.nix @@ -1,9 +1,8 @@ { lib, config, pkgs, ... }: let - inherit (builtins) readFile fromTOML; cfg = config.my.home.git; - sshPub = fromTOML (readFile ./../../../configs/ssh-pubkeys.toml); + sshPub = builtins.fromTOML (builtins.readFile ../../configs/ssh-pubkeys.toml); in { options.my.home.git = with lib; { @@ -11,19 +10,31 @@ in }; config = lib.mkIf cfg.enable { + home.file.".ssh/allowed_signers".text = lib.concatMapStrings (x: "franck@fcuny.net ${x}\n") (with sshPub; [ aptos work git ykey-laptop ]); + programs.git = { enable = true; aliases = { s = "status --short --branch"; amend = "commit --amend --no-edit"; - review = "push origin HEAD:refs/for/main"; + }; + signing = { + key = "key::${sshPub.ykey-laptop}"; + signByDefault = true; }; extraConfig = { core.whitespace = "trailing-space,space-before-tab"; color.ui = "true"; + + gpg = { + format = "ssh"; + ssh.allowedSignersFile = "~/.ssh/allowed_signers"; + }; # abort if the remote branch does not match the local one push.default = "simple"; + init.defaultBranch = "main"; + pull.rebase = true; rebase = { # Automatically create a temporary stash entry before the @@ -32,13 +43,11 @@ in # Print a warning if some commits are removed missingCommitsCheck = "warn"; }; + branch.autosetuprebase = "remote"; branch.sort = "authordate"; + commit.template = "${config.xdg.dataHome}/git/commit.template"; - commit.gpgsign = true; - gpg.format = "ssh"; - user.signingkey = "~/.ssh/fcuny_id_ed25519.pub"; - gpg.ssh.allowedSignersFile = "${config.xdg.dataHome}/git/allowed_signers"; }; userName = "Franck Cuny"; userEmail = "franck@fcuny.net"; diff --git a/home/pass/default.nix b/home/pass/default.nix index d79d486..c3e06f6 100644 --- a/home/pass/default.nix +++ b/home/pass/default.nix @@ -17,10 +17,6 @@ in }; programs.git = { - signing = { - key = config.programs.gpg.settings.default-key; - signByDefault = true; - }; extraConfig = { credential = { helper = "${pkgs.gitAndTools.pass-git-helper}/bin/pass-git-helper"; |