modularize gpg

home/modules/default.nix

@@ -13,5 +13,6 @@
     ./browsers.nix
     ./gui
     ./zsh
+    ./gpg.nix
   ];
 }

home/modules/gpg.nix

@@ -0,0 +1,49 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.local.services.gpg;
+in {
+  options.local.services.gpg = {
+    enable = mkEnableOption "gpg settings";
+    defaultKey = mkOption {
+      type = types.str;
+      description = "fingerprint of default public key to be used in gpg, git, email, etc.";
+      example = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
+    };
+  };
+  config = mkIf cfg.enable {
+    programs.gpg = {
+      enable = true;
+      settings = {
+        default-key = config.local.services.gpg.defaultKey;
+      };
+    };
+
+    services.gpg-agent = {
+      enable = true;
+      enableZshIntegration = true;
+      pinentryPackage = pkgs.pinentry-emacs;
+    };
+
+    accounts.email.accounts = {
+      "fabian@posixlycorrect.com" = {
+        gpg = {
+          encryptByDefault = true;
+          signByDefault = true;
+          key = config.local.services.gpg.defaultKey;
+        };
+      };
+    };
+
+    programs.git = {
+      signing = {
+        key = config.local.services.gpg.defaultKey;
+        signByDefault = true;
+      };
+    };
+  };
+}

home/modules/terminal/default.nix

@@ -38,23 +38,6 @@ in {
       enable = true;
       userEmail = "fabian@posixlycorrect.com";
       userName = "Fabian Montero";
-      #signing = {
-      #  key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-      #  signByDefault = true;
-      #};
-    };
-
-    programs.gpg = {
-      enable = true;
-      #settings = {
-      #  default-key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-      #};
-    };
-
-    services.gpg-agent = {
-      enable = true;
-      enableZshIntegration = true;
-      pinentryPackage = pkgs.pinentry-emacs;
     };
 
     accounts.email.accounts = {
@@ -64,12 +47,6 @@ in {
         realName = "fabian";
         primary = true;
         flavor = "fastmail.com";
-
-        gpg = {
-          encryptByDefault = true;
-          signByDefault = true;
-          key = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
-        };
       };
     };
   };

home/platforms/fabian@posixlycorrect/default.nix

@@ -43,7 +43,13 @@
     };
   };
 
-  local.services.zsh.enable = true;
+  local.services = {
+    zsh.enable = true;
+    gpg = {
+      enalbe = true;
+      defaultKey = "7AA277E604A4173916BBB4E91FFAC35E1798174F";
+    };
+  };
 
   home = {
     stateVersion = "21.11"; # No tocar esto