Add git-crypt
Add .gitattributes for git-crypt, this detects files matching *.crypt.*
this allows us to put secrets files anywhere in the repository.
Add 2 git-crypt collaborators
BE99ADB5 Samuel Shuert <coded@clicks.codes>
22772E7A Minion3665 <minion@clicks.codes>
Change-Id: Iffcfd9ff0f7f1cf4991ffa2e89b4403f0d29f675
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/410
Reviewed-by: Skyler Grey <minion@clicks.codes>
Tested-by: Samuel Shuert <coded@clicks.codes>
diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
new file mode 100644
index 0000000..665b10e
--- /dev/null
+++ b/.git-crypt/.gitattributes
@@ -0,0 +1,4 @@
+# Do not edit this file. To specify the files to encrypt, create your own
+# .gitattributes file in the directory where your files are.
+* !filter !diff
+*.gpg binary
diff --git a/.git-crypt/keys/default/0/76E0B09A741C4089522111E5F27E3E5922772E7A.gpg b/.git-crypt/keys/default/0/76E0B09A741C4089522111E5F27E3E5922772E7A.gpg
new file mode 100644
index 0000000..a135b10
--- /dev/null
+++ b/.git-crypt/keys/default/0/76E0B09A741C4089522111E5F27E3E5922772E7A.gpg
Binary files differ
diff --git a/.git-crypt/keys/default/0/BC82DF237610AE9113EB075900E944BFBE99ADB5.gpg b/.git-crypt/keys/default/0/BC82DF237610AE9113EB075900E944BFBE99ADB5.gpg
new file mode 100644
index 0000000..84e58a0
--- /dev/null
+++ b/.git-crypt/keys/default/0/BC82DF237610AE9113EB075900E944BFBE99ADB5.gpg
Binary files differ
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..441b501
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+*.crypt.* filter=git-crypt diff=git-crypt
\ No newline at end of file
diff --git a/homes/x86_64-linux/coded@shorthair/default.nix b/homes/x86_64-linux/coded@shorthair/default.nix
index 85b2f01..21ce924 100644
--- a/homes/x86_64-linux/coded@shorthair/default.nix
+++ b/homes/x86_64-linux/coded@shorthair/default.nix
@@ -45,6 +45,7 @@
delta.enable = true;
stgit.enable = true;
gitReview.enable = true;
+ gitCrypt.enable = true;
auth.clicksUsername = "coded";
};
diff --git a/homes/x86_64-linux/minion@greylag/default.nix b/homes/x86_64-linux/minion@greylag/default.nix
index e651678..2783ba4 100644
--- a/homes/x86_64-linux/minion@greylag/default.nix
+++ b/homes/x86_64-linux/minion@greylag/default.nix
@@ -112,6 +112,7 @@
delta.enable = true;
stgit.enable = true;
gitReview.enable = true;
+ gitCrypt.enable = true;
auth.clicksUsername = "minion";
gpg.enable = true;
};
diff --git a/modules/home/git/default.nix b/modules/home/git/default.nix
index b8ac878..04a1915 100644
--- a/modules/home/git/default.nix
+++ b/modules/home/git/default.nix
@@ -9,6 +9,7 @@
gitReview.enable = lib.mkEnableOption "Enable git review";
delta.enable = lib.mkEnableOption "Enable delta, an alternative pager for git diffs that highlights syntax";
stgit.enable = lib.mkEnableOption "Install StGit, a tool that makes working with stacked patches easier";
+ gitCrypt.enable = lib.mkEnableOption "Install git-crypt, a transparent file encryption tool for git repositories";
auth = {
clicksUsername = lib.mkOption {
type = lib.types.str;
@@ -35,7 +36,8 @@
home.packages =
(if config.chimera.git.gitReview.enable then [ pkgs.git-review ] else [ ])
- ++ (if config.chimera.git.stgit.enable then [ pkgs.stgit ] else [ ]);
+ ++ (if config.chimera.git.stgit.enable then [ pkgs.stgit ] else [ ])
+ ++ (if config.chimera.git.gitCrypt.enable then [ pkgs.git-crypt ] else [ ]);
programs.zsh.shellAliases =
if config.chimera.git.gitReview.enable then { "gr!" = "git review"; } else { };