Add gpg
I haven't chosen what pinentry to use, so for now I've set it to
curses, which should make it useable while we look for a proper
solution
Additionally, when git is set to gpg sign by default we need to install
gpg so this change also auto-enables gpg when git wants to sign with it
Change-Id: Ic8fafb1d2ece87f6ccff22241b7e3fc0c9d1c2e0
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/402
Tested-by: Skyler Grey <minion@clicks.codes>
Reviewed-by: Samuel Shuert <coded@clicks.codes>
diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix
index 23f3d78..b8ac878 100644
--- a/modules/home/git/default.nix
+++ b/modules/home/git/default.nix
@@ -15,9 +15,23 @@
description = "Username for Clicks Gerrit";
};
};
+ gpg = {
+ enable = lib.mkEnableOption "Enable signing with gpg";
+ commit = lib.mkOption {
+ type = lib.types.bool;
+ description = "Enable gpg signing for commits by default";
+ default = true;
+ };
+ push = lib.mkOption {
+ type = lib.types.bool;
+ description = "Enable gpg signing for pushes by when asked by the server";
+ default = true;
+ };
+ };
};
config = {
+ chimera.gpg.enable = lib.mkIf config.chimera.git.gpg.enable true;
home.packages =
(if config.chimera.git.gitReview.enable then [ pkgs.git-review ] else [ ])
@@ -42,7 +56,7 @@
extraConfig = {
init.defaultBranch = "main";
advice.skippedcherrypicks = false;
- commit.gpgsign = true;
+ commit.gpgsign = lib.mkIf config.chimera.git.gpg.enable config.chimera.git.gpg.commit;
credential.helper = "cache";
core = {
repositoryformatversion = 0;
@@ -59,7 +73,7 @@
};
push = {
autoSetupRemote = true;
- gpgSign = "if-asked";
+ gpgSign = lib.mkIf config.chimera.git.gpg.enable (if config.chimera.git.gpg.push then "if-asked" else false);
};
url = {
"ssh://git@github.com/".pushInsteadOf = "https://github.com/";