{ config, pkgs, lib, ... }: { xdg = { desktopEntries = { gscriptor = { name = "gscriptor"; settings = { NoDisplay = "true"; }; }; }; }; home = { packages = [ pkgs.pcsctools ]; sessionVariables = { GNUPGHOME = lib.mkForce "$HOME/.gnupg"; }; shellAliases = { gpg-card-relearn = "gpg-connect-agent 'scd serialno' 'learn --force' /bye"; }; }; wayland.windowManager.sway.extraConfig = '' exec_always 'gpgconf --kill gpg-agent' ''; programs = { zsh.initExtra = '' export GPG_TTY=$(tty) export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) gpgconf --launch gpg-agent ''; fish.interactiveShellInit = '' gpgconf --launch gpg-agent set -gx SSH_AUTH_SOCK (gpgconf --list-dirs agent-ssh-socket) ''; gpg = { enable = true; mutableTrust = true; mutableKeys = true; publicKeys = [ # my own key { trust = 5; source = "${pkgs.zaphyra-website}/gpg_pubkey.asc"; } #izzie@haaien.xyz { trust = 4; source = ( pkgs.fetchurl { url = "https://openpgpkey.haaien.xyz/.well-known/openpgpkey/haaien.xyz/hu/jp96shm14rsikewmfdxqyznfr8dpihzu"; sha256 = "sha256-D5Y8pxxrqxHTAaoxqehwY5VXvnKkKPp+H3IFZuuwJ8U="; } ); } #hannah@totient.eu { trust = 4; source = ( pkgs.fetchurl { url = "https://keys.openpgp.org/vks/v1/by-fingerprint/AB27F5D1136B20D3149FBCC00389451731A3ADDD"; sha256 = "sha256-1WPjGcqfhzDJkBDXhcyx1RPm0hggAV94bJNleo8DZvY="; } ); } # governikus german eid verificaion pubkey { trust = 3; source = ( pkgs.fetchurl { url = "https://www.governikus.de/wp-content/uploads/2023/06/governikusPubKey.asc"; sha256 = "sha256-eU7g+c2CAYGLxHCRb0qsnL3CvKgK3lWcKcgrS1WFwz0="; } ); } ]; settings.keyserver = "hkps://keyserver.ubuntu.com:443"; scdaemonSettings.disable-ccid = true; }; git.signing = { key = "4F1D8CCB"; signByDefault = true; }; }; services = { gpg-agent = { enable = true; enableSshSupport = true; enableExtraSocket = true; pinentry.package = pkgs.pinentry-gnome3; defaultCacheTtl = 600; defaultCacheTtlSsh = 600; sshKeys = [ "8C11B9BF8B535049F6C87A9CF0C595421E6B8798" "29FA1059F28D2ED1C6398F7CFA918605F53786C0" ]; }; }; }