feat: Added gpg.conf

2023-01-21 22:31:49 +01:00 · 2023-01-21 22:31:49 +01:00 · a50249471d
parent 2e5c0dfe8d
commit a50249471d
4 changed files with 112 additions and 42 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -109,6 +109,7 @@
    wget
    htop
    gcc
+	tree
  ];

  # Some programs need SUID wrappers, can be configured further or are
--- a/data/gpg/gpg.conf.nix
+++ b/data/gpg/gpg.conf.nix
@ -0,0 +1,62 @@
+{
+# https://github.com/drduh/config/blob/master/gpg.conf
+# https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html
+# https://www.gnupg.org/documentation/manuals/gnupg/GPG-Esoteric-Options.html
+# Use AES256, 192, or 128 as cipher
+"personal-cipher-preferences" =  "AES256 AES192 AES";
+# Use SHA512, 384, or 256 as digest
+"personal-digest-preferences" =  "SHA512 SHA384 SHA256";
+# Use ZLIB, BZIP2, ZIP, or no compression
+"personal-compress-preferences" =  "ZLIB BZIP2 ZIP Uncompressed";
+# Default preferences for new keys
+"default-preference-list" =  "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed";
+# SHA512 as digest to sign keys
+"cert-digest-algo" =  "SHA512";
+# SHA512 as digest for symmetric ops
+"s2k-digest-algo" =  "SHA512";
+# AES256 as cipher for symmetric ops
+"s2k-cipher-algo" =  "AES256";
+# UTF-8 support for compatibility
+"charset" =  "utf-8";
+# Show Unix timestamps
+"fixed-list-mode" = true;
+# No comments in signature
+"no-comments" = true;
+# No version in signature
+"no-emit-version" = true;
+# Disable banner
+"no-greeting" = true;
+# Long hexidecimal key format
+"keyid-format 0xlong" = true;
+# Display UID validity
+"list-options" =  "show-uid-validity";
+"verify-options" =  "show-uid-validity";
+# Display all keys and their fingerprints
+"with-fingerprint" = true;
+# Display key origins and updates
+#with-key-origin
+# Cross-certify subkeys are present and valid
+"require-cross-certification" = true;
+# Disable caching of passphrase for symmetrical ops
+"no-symkey-cache" = true;
+# Enable smartcard
+"use-agent" = true;
+# Disable recipient key ID in messages
+"throw-keyids" = true;
+# Default/trusted key ID to use (helpful with throw-keyids)
+#default-key 0xFF3E7D88647EBCDB
+#trusted-key 0xFF3E7D88647EBCDB
+# Group recipient keys (preferred ID last)
+#group keygroup = 0xFF00000000000001 0xFF00000000000002 0xFF3E7D88647EBCDB
+# Keyserver URL
+#keyserver hkps://keys.openpgp.org
+#keyserver hkps://keyserver.ubuntu.com:443
+#keyserver hkps://hkps.pool.sks-keyservers.net
+#keyserver hkps://pgp.ocf.berkeley.edu
+# Proxy to use for keyservers
+#keyserver-options http-proxy=socks5-hostname://127.0.0.1:9050
+# Verbose output
+#verbose
+# Show expired subkeys
+#list-options show-unusable-subkeys
+}
--- a/users/common/default.nix
+++ b/users/common/default.nix
@ -3,17 +3,21 @@
  pkgs,
  ...
 }: {
-  programs.fzf.enable = true;
+	imports = [
+		./zsh.nix
+		];

  home.packages = with pkgs; [
    sqlite
    bat
    ripgrep
 	killall
+	fzf
  ];

  programs.gpg = {
    enable = true;
+	settings = import ../../data/gpg/gpg.conf.nix;
    scdaemonSettings.disable-ccid = true;
    publicKeys = [
      {
@ -60,45 +64,4 @@
 	};
  };

-  programs.zsh = {
-    enable = true;
-    initExtra = builtins.readFile ../../data/zsh/zshrc;
-    plugins = [
-      {
-        name = "powerlevel10k";
-        file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
-        src = pkgs.zsh-powerlevel10k;
-      }
-      {
-        name = "fzf-tab";
-        file = "share/fzf-tab/fzf-tab.plugin.zsh";
-        src = pkgs.zsh-fzf-tab;
-      }
-      {
-        name = "fast-syntax-highlighting";
-        file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
-        src = pkgs.zsh-fast-syntax-highlighting;
-      }
-      {
-        name = "zsh-histdb";
-        file = "sqlite-history.zsh";
-        src = pkgs.fetchFromGitHub {
-          owner = "larkery";
-          repo = "zsh-histdb";
-          rev = "30797f0";
-          sha256 = "PQIFF8kz+baqmZWiSr+wc4EleZ/KD8Y+lxW2NT35/bg=";
-        };
-      }
-	  {
-		name = "sd";
-		file = "sd.plugin.zsh";
-		src = pkgs.fetchFromGitHub {
-			owner = "ianthehenry";
-			repo = "sd";
-			rev = "v1.1.0";
-			sha256 = "X5RWCJQUqDnG2umcCk5KS6HQinTJVapBHp6szEmbc4U=";
-		};
-	  }
-    ];
-  };
 }
--- a/users/common/zsh.nix
+++ b/users/common/zsh.nix
@ -0,0 +1,44 @@
+  {config,pkgs,...}:
+{
+  programs.zsh = {
+    enable = true;
+    initExtra = builtins.readFile ../../data/zsh/zshrc;
+    plugins = [
+      {
+        name = "powerlevel10k";
+        file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
+        src = pkgs.zsh-powerlevel10k;
+      }
+      {
+        name = "fzf-tab";
+        file = "share/fzf-tab/fzf-tab.plugin.zsh";
+        src = pkgs.zsh-fzf-tab;
+      }
+      {
+        name = "fast-syntax-highlighting";
+        file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
+        src = pkgs.zsh-fast-syntax-highlighting;
+      }
+      {
+        name = "zsh-histdb";
+        file = "sqlite-history.zsh";
+        src = pkgs.fetchFromGitHub {
+          owner = "larkery";
+          repo = "zsh-histdb";
+          rev = "30797f0";
+          sha256 = "PQIFF8kz+baqmZWiSr+wc4EleZ/KD8Y+lxW2NT35/bg=";
+        };
+      }
+	  {
+		name = "sd";
+		file = "sd.plugin.zsh";
+		src = pkgs.fetchFromGitHub {
+			owner = "ianthehenry";
+			repo = "sd";
+			rev = "v1.1.0";
+			sha256 = "X5RWCJQUqDnG2umcCk5KS6HQinTJVapBHp6szEmbc4U=";
+		};
+	  }
+    ];
+  };
+}