65 lines
1.8 KiB
Nix
65 lines
1.8 KiB
Nix
{ pkgs, ... }:
|
|
|
|
# See https://github.com/nix-community/home-manager/issues/3095
|
|
let
|
|
pinentryRofi = pkgs.writeShellApplication {
|
|
name = "pinentry-rofi-with-env";
|
|
text = ''
|
|
PATH="$PATH:${pkgs.coreutils}/bin:${pkgs.rofi}/bin"
|
|
"${pkgs.pinentry-rofi}/bin/pinentry-rofi" "$@"
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
home.packages = with pkgs; [
|
|
pinentry-rofi
|
|
pinentry-gnome3
|
|
];
|
|
|
|
programs.gpg = {
|
|
enable = true;
|
|
scdaemonSettings = {
|
|
disable-ccid = true;
|
|
};
|
|
settings = {
|
|
personal-cipher-preferences = "AES256 AES192 AES";
|
|
personal-digest-preferences = "SHA512 SHA384 SHA256";
|
|
personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed";
|
|
default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed";
|
|
cert-digest-algo = "SHA512";
|
|
s2k-digest-algo = "SHA512";
|
|
s2k-cipher-algo = "AES256";
|
|
charset = "utf-8";
|
|
no-comments = true;
|
|
no-emit-version = true;
|
|
no-greeting = true;
|
|
keyid-format = "0xlong";
|
|
list-options = "show-uid-validity";
|
|
verify-options = "show-uid-validity";
|
|
with-fingerprint = true;
|
|
require-cross-certification = true;
|
|
no-symkey-cache = true;
|
|
armor = true;
|
|
use-agent = true;
|
|
throw-keyids = true;
|
|
keyserver = "hkps://keyserver.ubuntu.com:443";
|
|
};
|
|
};
|
|
|
|
services.gpg-agent = {
|
|
enable = true;
|
|
enableZshIntegration = true;
|
|
enableNushellIntegration = true;
|
|
defaultCacheTtl = 60;
|
|
maxCacheTtl = 120;
|
|
enableSshSupport = true;
|
|
sshKeys = [ "8E42E6C65D5F9894CFFF294851AB0CEB5F0B1FAA" ];
|
|
pinentry.package = pkgs.pinentry-gnome3;
|
|
# under extraConfig
|
|
# pinentry-program ${pinentryRofi}/bin/pinentry-rofi-with-env
|
|
extraConfig = ''
|
|
ttyname $GPG_TTY
|
|
'';
|
|
};
|
|
}
|