feat(gpg): setup for mailvelope
This commit is contained in:
parent
c0b8ad503e
commit
2ebda844f2
1 changed files with 33 additions and 2 deletions
|
@ -1,10 +1,18 @@
|
||||||
{
|
{
|
||||||
config,
|
config,
|
||||||
|
lib,
|
||||||
pkgs,
|
pkgs,
|
||||||
...
|
...
|
||||||
}: let
|
}: let
|
||||||
inherit (pkgs.stdenv.hostPlatform) isLinux;
|
inherit (pkgs.stdenv.hostPlatform) isLinux isDarwin;
|
||||||
key = "0x0B89BC45007EE9CC";
|
key = "0x0B89BC45007EE9CC";
|
||||||
|
mailvelopeConfig = builtins.toJSON {
|
||||||
|
name = "gpgmejson";
|
||||||
|
description = "JavaScript binding for GnuPG";
|
||||||
|
path = pkgs.unstable.gpgme.dev + /bin/gpgme-json;
|
||||||
|
type = "stdio";
|
||||||
|
allowed_extensions = ["jid1-AQqSMBYb0a8ADg@jetpack"];
|
||||||
|
};
|
||||||
in {
|
in {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
gnupg-pkcs11-scd
|
gnupg-pkcs11-scd
|
||||||
|
@ -16,6 +24,26 @@ in {
|
||||||
yubikey-personalization
|
yubikey-personalization
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# two amazing examples of glorious XDG compliance
|
||||||
|
home.file = {
|
||||||
|
"Library/Application Support/Mozilla/NativeMessagingHosts/gpgmejson.json" = {
|
||||||
|
enable = isDarwin;
|
||||||
|
text = mailvelopeConfig;
|
||||||
|
};
|
||||||
|
".mozilla/native-messaging-hosts/gpgmejson.json" = {
|
||||||
|
enable = isLinux;
|
||||||
|
text = mailvelopeConfig;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#NOTE: yet another workaround for gpgme on Darwin, since Firefox isn't aware of $GNUPGHOME
|
||||||
|
home.activation = lib.mkIf isDarwin {
|
||||||
|
linkGnupgHome = lib.hm.dag.entryAfter ["writeBoundary"] ''
|
||||||
|
$DRY_RUN_CMD ln -s $VERBOSE_ARG \
|
||||||
|
${config.programs.gpg.homedir} ${config.home.homeDirectory}/.gnupg
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
programs.gpg = {
|
programs.gpg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
homedir = "${config.xdg.configHome}/gnupg";
|
homedir = "${config.xdg.configHome}/gnupg";
|
||||||
|
@ -63,8 +91,11 @@ in {
|
||||||
no-symkey-cache = true;
|
no-symkey-cache = true;
|
||||||
# Enable smartcard
|
# Enable smartcard
|
||||||
use-agent = true;
|
use-agent = true;
|
||||||
|
|
||||||
|
#NOTE:Mailvelope does not support this
|
||||||
# Disable recipient key ID in messages
|
# Disable recipient key ID in messages
|
||||||
throw-keyids = true;
|
# throw-keyids = true;
|
||||||
|
|
||||||
# Default/trusted key ID to use (helpful with throw-keyids)
|
# Default/trusted key ID to use (helpful with throw-keyids)
|
||||||
default-key = key;
|
default-key = key;
|
||||||
trusted-key = key;
|
trusted-key = key;
|
||||||
|
|
Loading…
Reference in a new issue