From 3f861ebe8e156d9ba7a24ee1a256a28be4cca56f Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sat, 5 Mar 2022 13:16:27 -0800 Subject: git: sign with GPG only when one desktop Move the configuration for git that requires the signing to pass, and use the `pass-git-helper` to manage the secrets. --- users/fcuny/desktop/trust/git-pass-mapping.ini | 9 +++++++++ users/fcuny/desktop/trust/pass.nix | 17 +++++++++++++++++ 2 files changed, 26 insertions(+) create mode 100644 users/fcuny/desktop/trust/git-pass-mapping.ini (limited to 'users/fcuny/desktop') diff --git a/users/fcuny/desktop/trust/git-pass-mapping.ini b/users/fcuny/desktop/trust/git-pass-mapping.ini new file mode 100644 index 0000000..5c5177b --- /dev/null +++ b/users/fcuny/desktop/trust/git-pass-mapping.ini @@ -0,0 +1,9 @@ +[DEFAULT] +line_username=1 +skip_username=10 + +[github.com/*] +target=git/github.com + +[git.fcuny.net*] +target=git/git.fcuny.net diff --git a/users/fcuny/desktop/trust/pass.nix b/users/fcuny/desktop/trust/pass.nix index 6ed346c..a552318 100644 --- a/users/fcuny/desktop/trust/pass.nix +++ b/users/fcuny/desktop/trust/pass.nix @@ -11,6 +11,23 @@ }; }; + programs.git = { + signing = { + key = config.programs.gpg.settings.default-key; + signByDefault = true; + }; + extraConfig = { + credential = { + helper = "${pkgs.gitAndTools.pass-git-helper}/bin/pass-git-helper"; + useHttpPath = true; + }; + }; + }; + + xdg.configFile."pass-git-helper/git-pass-mapping.ini" = { + source = ./git-pass-mapping.ini; + }; + services.password-store-sync.enable = true; # Ensure the password store things are in the systemd session -- cgit 1.4.1