2025-01-23 14:26:51 +00:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
2025-01-24 18:06:22 +00:00
|
|
|
let
|
|
|
|
|
|
|
|
|
|
keysDir = ../../../files/keys;
|
|
|
|
|
keys = lib.attrsets.mapAttrsToList (name: type: "${keysDir}/${name}") (builtins.readDir keysDir);
|
|
|
|
|
|
|
|
|
|
in
|
2025-01-23 14:26:51 +00:00
|
|
|
{
|
|
|
|
|
home-manager.users.${config.user} = {
|
2025-01-24 18:06:22 +00:00
|
|
|
|
|
|
|
|
# install keys into gpg keyring
|
2025-01-23 14:26:51 +00:00
|
|
|
programs.gpg = {
|
|
|
|
|
enable = true;
|
2025-01-24 18:06:22 +00:00
|
|
|
publicKeys = map (file: { source = file; trust = 5; }) keys;
|
2025-01-23 14:26:51 +00:00
|
|
|
};
|
|
|
|
|
|
2025-01-24 18:06:22 +00:00
|
|
|
# global gpg agent
|
2025-01-23 14:26:51 +00:00
|
|
|
services.gpg-agent = {
|
|
|
|
|
enable = true;
|
|
|
|
|
enableExtraSocket = true;
|
|
|
|
|
enableSshSupport = true;
|
2025-01-23 22:20:47 +00:00
|
|
|
pinentryPackage = pkgs.pinentry-curses;
|
2025-01-23 14:26:51 +00:00
|
|
|
};
|
2025-01-24 18:06:22 +00:00
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# yubikey support
|
|
|
|
|
services = {
|
|
|
|
|
pcscd.enable = true;
|
|
|
|
|
udev.packages = with pkgs; [
|
|
|
|
|
yubikey-personalization
|
|
|
|
|
];
|
2025-01-23 14:26:51 +00:00
|
|
|
};
|
|
|
|
|
}
|
