ghoscht/nix-config
ghoscht/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Enable git ssh code signing

Browse source
This commit is contained in:
GHOSCHT 2023-10-15 14:29:15 +02:00
parent bbe2325d97
commit ed685e870f
No known key found for this signature in database
2 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
modules/shell/git.nix
View file

@ -6,10 +6,23 @@
... ...
}: { }: {
home-manager.users.${vars.user} = { home-manager.users.${vars.user} = {
home.file.".ssh/allowed_signers".text = "* ${builtins.readFile ../../rsc/config/git/git.pub}";
home.file.".ssh/git.pub" = {
source = ../../rsc/config/git/git.pub;
};
programs.git = { programs.git = {
enable = true; enable = true;
userName = "GHOSCHT"; userName = "GHOSCHT";
userEmail = "31184695+GHOSCHT@users.noreply.github.com"; userEmail = "31184695+GHOSCHT@users.noreply.github.com";
extraConfig = {
# Sign all commits using ssh key
commit.gpgsign = true;
gpg.format = "ssh";
gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers";
user.signingkey = "~/.ssh/git.pub";
};
}; };
}; };
} }

1
rsc/config/git/git.pub Executable file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMEJg5bmZmaysJr/jgiXasjWDoxk8djsZzDJybhxiw1S 31184695+GHOSCHT@users.noreply.github.com