gpg: add module
This commit is contained in:
parent
8991fe2e90
commit
0db26fc3ab
|
@ -1099,6 +1099,13 @@ in
|
|||
A new module is available: 'services.xsuspender'.
|
||||
'';
|
||||
}
|
||||
|
||||
{
|
||||
time = "2019-06-03T21:47:10+00:00";
|
||||
message = ''
|
||||
A new module is available: 'programs.gpg'.
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -54,6 +54,7 @@ let
|
|||
(loadModule ./programs/git.nix { })
|
||||
(loadModule ./programs/gnome-terminal.nix { })
|
||||
(loadModule ./programs/go.nix { })
|
||||
(loadModule ./programs/gpg.nix { })
|
||||
(loadModule ./programs/home-manager.nix { })
|
||||
(loadModule ./programs/htop.nix { })
|
||||
(loadModule ./programs/info.nix { })
|
||||
|
|
62
modules/programs/gpg.nix
Normal file
62
modules/programs/gpg.nix
Normal file
|
@ -0,0 +1,62 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.programs.gpg;
|
||||
|
||||
cfgText =
|
||||
concatStringsSep "\n"
|
||||
(attrValues
|
||||
(mapAttrs (key: value:
|
||||
if isString value
|
||||
then "${key} ${value}"
|
||||
else optionalString value key)
|
||||
cfg.settings));
|
||||
|
||||
in {
|
||||
options.programs.gpg = {
|
||||
enable = mkEnableOption "GnuPG";
|
||||
|
||||
settings = mkOption {
|
||||
type = types.attrsOf (types.either types.str types.bool);
|
||||
example = {
|
||||
no-comments = false;
|
||||
s2k-cipher-algo = "AES128";
|
||||
};
|
||||
description = ''
|
||||
GnuPG configuration options. Available options are described
|
||||
in the gpg manpage:
|
||||
<link xlink:href="https://gnupg.org/documentation/manpage.html"/>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
programs.gpg.settings = {
|
||||
personal-cipher-preferences = mkDefault "AES256 AES192 AES";
|
||||
personal-digest-preferences = mkDefault "SHA512 SHA384 SHA256";
|
||||
personal-compress-preferences = mkDefault "ZLIB BZIP2 ZIP Uncompressed";
|
||||
default-preference-list = mkDefault "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed";
|
||||
cert-digest-algo = mkDefault "SHA512";
|
||||
s2k-digest-algo = mkDefault "SHA512";
|
||||
s2k-cipher-algo = mkDefault "AES256";
|
||||
charset = mkDefault "utf-8";
|
||||
fixed-list-mode = mkDefault true;
|
||||
no-comments = mkDefault true;
|
||||
no-emit-version = mkDefault true;
|
||||
keyid-format = mkDefault "0xlong";
|
||||
list-options = mkDefault "show-uid-validity";
|
||||
verify-options = mkDefault "show-uid-validity";
|
||||
with-fingerprint = mkDefault true;
|
||||
require-cross-certification = mkDefault true;
|
||||
no-symkey-cache = mkDefault true;
|
||||
throw-keyids = mkDefault true;
|
||||
use-agent = mkDefault true;
|
||||
};
|
||||
|
||||
home.packages = [ pkgs.gnupg ];
|
||||
|
||||
home.file.".gnupg/gpg.conf".text = cfgText;
|
||||
};
|
||||
}
|
|
@ -39,6 +39,7 @@ import nmt {
|
|||
// import ./modules/misc/fontconfig
|
||||
// import ./modules/programs/alacritty
|
||||
// import ./modules/programs/bash
|
||||
// import ./modules/programs/gpg
|
||||
// import ./modules/programs/ssh
|
||||
// import ./modules/programs/tmux
|
||||
// import ./modules/programs/zsh;
|
||||
|
|
3
tests/modules/programs/gpg/default.nix
Normal file
3
tests/modules/programs/gpg/default.nix
Normal file
|
@ -0,0 +1,3 @@
|
|||
{
|
||||
gpg-override-defaults = ./override-defaults.nix;
|
||||
}
|
19
tests/modules/programs/gpg/override-defaults-expected.conf
Normal file
19
tests/modules/programs/gpg/override-defaults-expected.conf
Normal file
|
@ -0,0 +1,19 @@
|
|||
cert-digest-algo SHA512
|
||||
charset utf-8
|
||||
default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
|
||||
fixed-list-mode
|
||||
keyid-format 0xlong
|
||||
list-options show-uid-validity
|
||||
|
||||
no-emit-version
|
||||
no-symkey-cache
|
||||
personal-cipher-preferences AES256 AES192 AES
|
||||
personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
|
||||
personal-digest-preferences SHA512 SHA384 SHA256
|
||||
require-cross-certification
|
||||
s2k-cipher-algo AES128
|
||||
s2k-digest-algo SHA512
|
||||
throw-keyids
|
||||
use-agent
|
||||
verify-options show-uid-validity
|
||||
with-fingerprint
|
21
tests/modules/programs/gpg/override-defaults.nix
Normal file
21
tests/modules/programs/gpg/override-defaults.nix
Normal file
|
@ -0,0 +1,21 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
config = {
|
||||
programs.gpg = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
no-comments = false;
|
||||
s2k-cipher-algo = "AES128";
|
||||
};
|
||||
};
|
||||
|
||||
nmt.script = ''
|
||||
assertFileExists home-files/.gnupg/gpg.conf
|
||||
assertFileContent home-files/.gnupg/gpg.conf ${./override-defaults-expected.conf}
|
||||
'';
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue