pyrox.dev / nix
My Nix Configuration
fork atom
nix / homeModules / programs / gpg / default.nix
at a86232c26ef0b3fb894d1c20bc6fb6e8a9bf958a 1.4 kB view raw
1{ 2 pkgs, 3 lib, 4 config, 5 ... 6}: 7let 8 cfg = config.py.programs.gpg; 9in 10{ 11 options.py.programs.gpg.enable = lib.mkEnableOption "gpg"; 12 config.programs.gpg = lib.mkIf cfg.enable { 13 enable = true; 14 settings = { 15 personal-cipher-preferences = "AES256 AES192 AES"; 16 personal-digest-preferences = "SHA512 SHA384 SHA256"; 17 personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed"; 18 default-preference-list = "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; 19 cert-digest-algo = "SHA512"; 20 s2k-digest-algo = "SHA512"; 21 s2k-cipher-algo = "AES256"; 22 charset = "utf-8"; 23 fixed-list-mode = true; 24 no-comments = true; 25 no-emit-version = true; 26 no-greeting = true; 27 keyid-format = "0xlong"; 28 list-options = "show-uid-validity"; 29 verify-options = "show-uid-validity"; 30 with-fingerprint = true; 31 with-key-origin = true; 32 require-cross-certification = true; 33 no-symkey-cache = true; 34 use-agent = true; 35 throw-keyids = true; 36 default-key = "0xFE1D8A7D620C611F"; 37 trusted-key = "0xFE1D8A7D620C611F"; 38 keyserver = "hkps://keys.openpgp.org"; 39 }; 40 scdaemonSettings = { 41 card-timeout = "60"; 42 pcsc-shared = true; 43 # shared-access = true; 44 disable-ccid = true; 45 pcsc-driver = "${pkgs.pcsclite.out}/lib/libpcsclite.so"; 46 reader-port = "Yubico Yubi"; 47 }; 48 }; 49}