summaryrefslogtreecommitdiff
path: root/programs/gpg/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'programs/gpg/default.nix')
-rw-r--r--programs/gpg/default.nix36
1 files changed, 36 insertions, 0 deletions
diff --git a/programs/gpg/default.nix b/programs/gpg/default.nix
new file mode 100644
index 0000000..e45617d
--- /dev/null
+++ b/programs/gpg/default.nix
@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+let
+
+ keysDir = ../../files/keys;
+ keys = lib.attrsets.mapAttrsToList (name: type: "${keysDir}/${name}") (builtins.readDir keysDir);
+ gpgKeys = builtins.filter (path: lib.strings.hasSuffix "asc" path) keys;
+
+in
+{
+ home-manager.users.${config.user} = {
+
+ # install keys into gpg keyring
+ programs.gpg = {
+ enable = true;
+ publicKeys = map (path: { source = path; trust = 5; }) gpgKeys;
+ };
+
+ # global gpg agent
+ services.gpg-agent = {
+ enable = true;
+ enableExtraSocket = true;
+ enableSshSupport = true;
+ pinentry.package = pkgs.pinentry-curses;
+ };
+
+ };
+
+ # yubikey support
+ services = {
+ pcscd.enable = true;
+ udev.packages = with pkgs; [
+ yubikey-personalization
+ ];
+ };
+}
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-22 17:32:04 +0000