add gpg configuration options

This commit is contained in:
Charlotte 🦝 Delenk 2022-02-02 16:55:39 +01:00
parent f9d88dc15c
commit b8e5b168a5
Signed by: darkkirb
GPG key ID: 015E3768A70AFBC5
3 changed files with 78 additions and 4 deletions

View file

@ -1,9 +1,13 @@
{ ... }: { { pkgs, ... }: {
programs.gpg = { programs.gpg = {
enable = true; enable = true;
mutableKeys = false; mutableKeys = false;
mutableTrust = false; mutableTrust = false;
publicKeys = [ publicKeys = [
{
source = ../../keys/lotte_chir.rs.pgp;
trust = 5;
}
{ {
source = ../../keys/darkkirb_darkkirb.de.pgp; source = ../../keys/darkkirb_darkkirb.de.pgp;
trust = 5; trust = 5;
@ -13,6 +17,37 @@
trust = 5; trust = 5;
} }
]; ];
scdaemonSettings = {
disable-ccid = true;
pcsc-driver = "${pkgs.pcsclite}/lib/libpcsclite.so.1";
reader-port = "Yubico YubiKey";
};
settings = {
# https://github.com/drduh/config/blob/master/gpg.conf
personal-cipher-preferences = "AES256 AES192 AES";
personal-digest-preferences = "SHA512 SHA384 SHA256";
personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed";
default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed";
cert-digest-algo = "SHA512";
s2k-digest-algo = "SHA512";
s2k-cipher-algo = "AES256";
charset = "utf-8";
fixed-list-mode = true;
no-comments = true;
no-emit-version = true;
no-greeting = true;
keyid-format = "0xlong";
list-options = "show-uid-validity";
verify-options = "show-uid-validity";
with-fingerprint = true;
with-key-origin = true;
require-cross-certification = true;
no-symkey-cache = true;
use-agent = true;
throw-keyids = true;
keyserver = [ "hkps://keys.openpgp.org" "hkps://keyserver.ubuntu.com:443" "hkps://hkps.pool.sks-keyservers.net" "hkps://pgp.ocf.berkeley.edu" ];
auto-key-locate = [ "local" "dane" "cert" "wkd" ];
};
}; };
services.gpg-agent = { services.gpg-agent = {
enable = true; enable = true;

View file

@ -317,11 +317,11 @@
"quazip": "quazip" "quazip": "quazip"
}, },
"locked": { "locked": {
"lastModified": 1643809586, "lastModified": 1643811450,
"narHash": "sha256-KfoiGN9NTiuZjmw37I9GhWbv73rvHd8smv69yGAMzcU=", "narHash": "sha256-qHyvKKwVymoyeRijb85UvF5MXiepfx6uXUZTC5AfhNI=",
"owner": "PolyMC", "owner": "PolyMC",
"repo": "PolyMC", "repo": "PolyMC",
"rev": "cf3c2482c9e7f743088b590f8c90cc3be1308718", "rev": "bff683e6d4701912c252f6d88598e35afaf20fc9",
"type": "github" "type": "github"
}, },
"original": { "original": {

39
keys/lotte_chir.rs.pgp Normal file
View file

@ -0,0 +1,39 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mDMEYfph3hYJKwYBBAHaRw8BAQdAWYTcPt/iW5HydB1kBRgUk9yDIvp6iwYu8zVB
yRsLPEi0JUNoYXJsb3R0ZSDwn6adIERlbGVuayA8bG90dGVAY2hpci5ycz6IkQQT
FgoAOQIbAQQLCQgHBBUKCQgFFgIDAQACHgUCF4AWIQTvXzZ6leC/pjkC2Gq049SA
HEnsXgUCYfpkSAIZAQAKCRC049SAHEnsXsxtAQDbyA2vxblzaqIASnWB3sxZdTv9
cMDVPsoHSBPjOKR4/AD+Kufu2movJkLh343yAXb3nSoy32H63qRqZz4a0TIXpQOJ
AjMEEAEKAB0WIQQgbaXh2gkEtu5JFro8713akVrssAUCYfpjUAAKCRA8713akVrs
sKLSD/94wq8Zj9auuQUsd9ObhxqbdGJ/V9NcatDgQgmwYPBkX3QmAhYtUMzXGcHK
zWZu9U0eIK+a9GXWRAh7ZvAEHt5zLQ/TCYbJ5LvKqzCMJWPxxYLWXEE6DEIHd7Q3
IjJwSy0IbDbFtoHjzf0RIB26tFUTUF+FL8DfbvuDnaflumjrhuJsf7dEhz737bC5
+w0z9P7SB0E+olrSKn6rVrbsS+0i68ys0VrjZmBisIMe4HJoOGgRAQaU0McfGqJD
7XFfdBk8eqFOICmmbA7h5BxESoICWamSTaboiYqOOcrzgh7f+1MKUiSP1i+G7zfE
vXnEkRosHopZWZZP30HvUZqJOzTrJ9pQNCab4+VJ4Koknnain3A3IDUT16HOmmWG
Vfe1XXbbaZaGvdzBudAxoxFBEV/b8cFNGHMZpr3zaB9OzBMadnhpTSJghp5U8j+w
ix54X2/Rnh+t3SgpJmDTcz/adH/xwz80lgghQhl8/deZ52YiWoP+G7uI/og5F29K
mFghPGEJwsgyYxW56O5s5smXc0cXQLdVLS7NCY1eq9zOa24h+fWjoC4xtQqO2W1o
+rXELIE/uNBnHosjBL2tXjpvpWIyZwdhkAQsnhYYqZ2U2t8lHgPOoCjYxsERoank
B6ZLiXkJG8LmKWNqe7HJ+cAJp+rbiW7qf+4QWI0V3E3Grfxv87QsQ2hhcmxvdHRl
IPCfpp0gRGVsZW5rIDxkYXJra2lyYkBkYXJra2lyYi5kZT6IjgQTFgoANhYhBO9f
NnqV4L+mOQLYarTj1IAcSexeBQJh+mQtAhsBBAsJCAcEFQoJCAUWAgMBAAIeBQIX
gAAKCRC049SAHEnsXpILAP9Lim+NpTdzo6/0uIRNp9xCcY6jKjUBOSemEvkfZqCH
RQEA4+ZfdPs2tZ6lBUm3g1xCnc26CCqrDfE+OqOs6k+ccA64MwRh+mPJFgkrBgEE
AdpHDwEBB0A80PFr8R7U69xomIUlvcc0YqNVkF6lcM3SBf0JNgRWP4j1BBgWCgAm
FiEE7182epXgv6Y5AthqtOPUgBxJ7F4FAmH6Y8kCGwIFCQHhM4AAgQkQtOPUgBxJ
7F52IAQZFgoAHRYhBC79cu8hxFgw7HriU6sr2Nry43EiBQJh+mPJAAoJEKsr2Nry
43Ei4NYA/AsOyJgBZq6MET81FjAa16fZWlACdGxqNMEv2XVtsp7PAQCTNdttTShA
84S/ZY5znPZQMxGtdDpVnXI+oQm8fkgRD25UAQD/NG/sUL9QZJGq/U0PTfOtS4Qs
iuCSoOZxOLguNeXrJwEAqRhzx4uk6xcl+BbLPA0+yUzI+sGBUnVRVcksFMSLAAe4
OARh+mPqEgorBgEEAZdVAQUBAQdAxyoJtLvOVoTnqMPcPCT7+3LnzAvGiU71TDqP
fVSyeg4DAQgHiH4EGBYKACYWIQTvXzZ6leC/pjkC2Gq049SAHEnsXgUCYfpj6gIb
DAUJAeEzgAAKCRC049SAHEnsXhiCAP9dySG3PazmDWK0XwM9dzOtGZsMpvj1Fstt
5Y5vdlJtjAD/ZUyul3Ari507nq7jjOIEX/5CGmCN8yRVFY1xhxBxQwK4MwRh+mQA
FgkrBgEEAdpHDwEBB0BRYmE4yDB+mMwK01jI0/K+Ioyw3k3UQHpHo0RP1v5yx4h+
BBgWCgAmFiEE7182epXgv6Y5AthqtOPUgBxJ7F4FAmH6ZAACGyAFCQHhM4AACgkQ
tOPUgBxJ7F7D/gEA9MN3aL0ZfbEhAw5s9XORLfbwOBBBZM6ycSIj0nFTHkgBAIsA
gTic9f0ZoRvUu8J3xKsXd3GjxPRU2sKlS680KaQH
=3Z2A
-----END PGP PUBLIC KEY BLOCK-----