Encryption

2025-04-18 13:52:08 +03:00
parent 49e0d86e06
commit bc2da7b287
7 changed files with 35 additions and 3 deletions
@@ -1,3 +1,3 @@
 {
-  imports = [./mail.nix];
+  imports = [./mail.nix ./encryption.nix];
 }
@@ -0,0 +1,29 @@
 { lib, config, pkgs, ... }:
 let
  isEnabled =
    config.azos.encryption.enable;
 in {
    options.azos.encryption.enable = lib.mkOption {
      default = true;
      example = true;
      type = lib.types.bool;
    };
    config = lib.mkIf isEnabled {
      programs.password-store = {
        enable = true;
        settings = {
          PASSWORD_STORE_KEY = "076AA297579A0064";
        };
      };
      home.packages = with pkgs; [
        yubikey-personalization
        gnupg
      ];
      home.file.".ssh/config".source = ./ssh-config;
      home.file.".ssh/gpg-as-ssh.pub".source = ./gpg-as-ssh.pub;
      home.file.".gnupg/sshcontrol".source = ./sshcontrol;
    };
 }
@@ -0,0 +1 @@
 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBFZRqiTsOCAJPMqUyMeLd2MbyjdGoyqDVq5/Inhb6EOaM1NUGG4b6FPmYgFLyJIm5LC9BOo6M7npiaiOs/zMqp+hoGLNQUNwm5/G0uy1bjkEfKdUTdGnJ2+M9rkxrR1c+KXrjkiqECqTbnPE4mJbGyVxBW2MwMeP5w8c0DB5KO528PetvHMPPQuEdXyZzDI4kKtVpMlJoPIrIGlNFX0G/wrgXcM4zU1snOTuYGqZnWW++4kBsgIlRKpf/bLJyUMTp30eLVr0fQ6OMBtj1tzUUBaaowU6VGYQQDU/rIh/NpkA2cEVPXZegM4OohkAqrJBFPIAg90WD9Z/SyQlz0Jn8PpAloP0Cuq2vVRr+QLEwxqGiFq91YQ2VtwksMHwJGVrXRCNegpxTZQijWMEd+o0FD2cEd7Ftw6v2L6g12GJ3QGX/q0d/u0GongLLa9fPXl4VoAu7AL+cUcbX/SS7RCG8kYAR3DwOazVbK0NWEdwvWdoSU4lZ3j2at1xqMGjHjyLiTeUqZBjm+Sl5MJWIYNg+8hnONljvggg4SzDFDAkgVLZtOCaZibsMA1ucGR7VRCM09uoaEI4/ZS5pCBtYcp8X67Bv67Og8s2NFf5sUfYBPPKpdBSs+dEPycNVff6JlmzfNiyzLawacGKIDWYSgkOl43N/5ehtpsL3HMZ+5SVNIw== (none)
@@ -4,7 +4,7 @@ let
  isEnabled =
    config.azos.mail.enable;
 in {
-    optionns.azos.mail.enable = lib.mkOption {
+    options.azos.mail.enable = lib.mkOption {
      default = true;
      example = true;
      type = lib.types.bool;
@@ -0,0 +1 @@
 IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh
@@ -0,0 +1 @@
 61D809B46CEE2A0AF799C4C2FADB0F61A19EEABD
		`@@ -0,0 +1 @@`
							ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBFZRqiTsOCAJPMqUyMeLd2MbyjdGoyqDVq5/Inhb6EOaM1NUGG4b6FPmYgFLyJIm5LC9BOo6M7npiaiOs/zMqp+hoGLNQUNwm5/G0uy1bjkEfKdUTdGnJ2+M9rkxrR1c+KXrjkiqECqTbnPE4mJbGyVxBW2MwMeP5w8c0DB5KO528PetvHMPPQuEdXyZzDI4kKtVpMlJoPIrIGlNFX0G/wrgXcM4zU1snOTuYGqZnWW++4kBsgIlRKpf/bLJyUMTp30eLVr0fQ6OMBtj1tzUUBaaowU6VGYQQDU/rIh/NpkA2cEVPXZegM4OohkAqrJBFPIAg90WD9Z/SyQlz0Jn8PpAloP0Cuq2vVRr+QLEwxqGiFq91YQ2VtwksMHwJGVrXRCNegpxTZQijWMEd+o0FD2cEd7Ftw6v2L6g12GJ3QGX/q0d/u0GongLLa9fPXl4VoAu7AL+cUcbX/SS7RCG8kYAR3DwOazVbK0NWEdwvWdoSU4lZ3j2at1xqMGjHjyLiTeUqZBjm+Sl5MJWIYNg+8hnONljvggg4SzDFDAkgVLZtOCaZibsMA1ucGR7VRCM09uoaEI4/ZS5pCBtYcp8X67Bv67Og8s2NFf5sUfYBPPKpdBSs+dEPycNVff6JlmzfNiyzLawacGKIDWYSgkOl43N/5ehtpsL3HMZ+5SVNIw== (none)
		`@@ -0,0 +1 @@`
							`IdentityAgent ${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh`