Mirrors/home-manager
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
1837 commits 48 branches 0 tags 53 MiB
Commit graph

14 commits

Author SHA1 Message Date
Naïm Favier 5eb2102aef
gpg: create homedir with 700 permissions (#2823) 
It can happen in some cases that home-manager first runs before gpg
creates its homedir, and it creates it with 755 permissions which the
user then needs to change by hand.

Do this in the module instead: before linking files, make sure the
homedir exists, and if it doesn't, create it with the right permissions.

(cherry picked from commit 399a3dfeaf)
 2022-04-26 12:35:48 +02:00
Sam Willcocks 236c6ec214
gpg: fix handling of multiple public keys 
When processing `publicKeys` entries, handle entries that contain
multiple public keys (i.e. gpg --show-key returns multiple `pub`
lines) properly, setting the trust level for each key.

PR #2897

(cherry picked from commit 620ed197f3)
 2022-04-25 01:05:45 +02:00
Robert Helgesson e997bf4c98
gpg: apply nixfmt 2022-04-25 00:46:58 +02:00
Naïm Favier 697cc8c68e
gpg: allow specifying trust levels by name 
(cherry picked from commit 78aa7cceff)
 2021-12-19 00:59:29 +01:00
Miles Breslin e0bfb57d62
gpg: support declarative trust and public keys 
PR #810

(cherry picked from commit ea1794a798)
 2021-12-19 00:59:09 +01:00
Naïm Favier bd11e2c5e6
Replace usage of literalExample 
Instead use the new function `literalExpression`. See

  https://github.com/NixOS/nixpkgs/pull/136909
 2021-10-13 00:16:10 +02:00
Nicolas Berbiche cced902dda
gpg: document lists are converted to duplicate keys (#2025) 2021-05-18 22:58:38 -06:00
Cole Mickens c0ba8c526d
gpg: can configure scdaemon.conf (#1960) 2021-04-28 14:39:58 -04:00
Cole Mickens d437baa41c
gnupg/gpg-agent: gnupg package is configurable (#1949) 2021-04-27 16:40:05 -04:00
Robert Helgesson ebbbd4f2b5
gpg: fix homedir option documentation 
Previously the documentation had a dependency on the configuration.
 2021-04-15 08:53:13 +02:00
fricklerhandwerk 348b5a5a69
gpg: make homedir configurable 2021-04-14 23:44:34 +02:00
Nicolas Berbiche eb3a0342a8
gpg: allow for duplicate keys in config (#1814) 
Allow for duplicate keys in the form of a list of strings.

Also update the `settings` example configuration to use `literalExample`.
 2021-02-21 00:37:46 -05:00
Bjarki Ágúst Guðmundsson 41f918499b
gpg: sane default for throw-keyids option 
The [throw-keyids](https://www.gnupg.org/gph/en/manual/r2110.html)
option "hides the receiver of the encrypted data as a countermeasure
against traffic analysis." However, it also slows down decryption, and
even breaks some applications; see e.g.
https://github.com/open-keychain/open-keychain/issues/626

I think the sane default would be to leave it off, just as it is off
by default in gpg. The typical user will probably not need this level
of security, and will probably prefer a better user experience (faster
decryption and compatibility with a wider range of applications).

Closes #838
 2019-09-11 19:30:26 +02:00
Jaka Hudoklin 0db26fc3ab
gpg: add module 2019-06-03 23:50:50 +02:00