modularize gpg

2024-11-29 00:56:20 -06:00 · 2024-11-29 00:56:20 -06:00 · a7827e619c
parent 4ec61784ed
commit a7827e619c
4 changed files with 57 additions and 24 deletions
--- a/home/modules/default.nix
+++ b/home/modules/default.nix
@ -13,5 +13,6 @@
    ./browsers.nix
    ./gui
    ./zsh
+    ./gpg.nix
  ];
 }
--- a/home/modules/gpg.nix
+++ b/home/modules/gpg.nix
@ -0,0 +1,49 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.local.services.gpg;
+in {
+  options.local.services.gpg = {
+    enable = mkEnableOption "gpg settings";
+    defaultKey = mkOption {
+      type = types.str;
+      description = "fingerprint of default public key to be used in gpg, git, email, etc.";
+      example = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
+    };
+  };
+  config = mkIf cfg.enable {
+    programs.gpg = {
+      enable = true;
+      settings = {
+        default-key = config.local.services.gpg.defaultKey;
+      };
+    };
+
+    services.gpg-agent = {
+      enable = true;
+      enableZshIntegration = true;
+      pinentryPackage = pkgs.pinentry-emacs;
+    };
+
+    accounts.email.accounts = {
+      "fabian@posixlycorrect.com" = {
+        gpg = {
+          encryptByDefault = true;
+          signByDefault = true;
+          key = config.local.services.gpg.defaultKey;
+        };
+      };
+    };
+
+    programs.git = {
+      signing = {
+        key = config.local.services.gpg.defaultKey;
+        signByDefault = true;
+      };
+    };
+  };
+}
--- a/home/modules/terminal/default.nix
+++ b/home/modules/terminal/default.nix
@ -38,23 +38,6 @@ in {
      enable = true;
      userEmail = "fabian@posixlycorrect.com";
      userName = "Fabian Montero";
-      #signing = {
-      #  key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-      #  signByDefault = true;
-      #};
-    };
-
-    programs.gpg = {
-      enable = true;
-      #settings = {
-      #  default-key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-      #};
-    };
-
-    services.gpg-agent = {
-      enable = true;
-      enableZshIntegration = true;
-      pinentryPackage = pkgs.pinentry-emacs;
    };

    accounts.email.accounts = {
@ -64,12 +47,6 @@ in {
        realName = "fabian";
        primary = true;
        flavor = "fastmail.com";
-
-        gpg = {
-          encryptByDefault = true;
-          signByDefault = true;
-          key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-        };
      };
    };
  };
--- a/home/platforms/fabian@posixlycorrect/default.nix
+++ b/home/platforms/fabian@posixlycorrect/default.nix
@ -43,7 +43,13 @@
    };
  };

-  local.services.zsh.enable = true;
+  local.services = {
+    zsh.enable = true;
+    gpg = {
+      enalbe = true;
+      defaultKey = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
+    };
+  };

  home = {
    stateVersion = "21.11"; # No tocar esto