home/chloe/programs/cli/git.nix at master · sapphic.moe/flake

sapphic.moe / flake

❄️ Dotfiles for our NixOS system configuration.

flake / home / chloe / programs / cli / git.nix

at master 997 B view raw

 1{
 2  lib,
 3  pkgs,
 4  osConfig,
 5  ...
 6}:
 7
 8let
 9  signingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICM6XP+CNc2CStEDe/W4LfkcRcG98obQiM2aqnydCRbX";
10
11  opSshSignPath =
12    if (osConfig ? wsl) then
13      "/mnt/c/Users/Chloe/AppData/Local/1Password/app/8/op-ssh-sign-wsl"
14    else if pkgs.stdenv.hostPlatform.isDarwin then
15      "/Applications/1Password.app/Contents/MacOS/op-ssh-sign"
16    else
17      "${pkgs._1password-gui}/bin/op-ssh-sign";
18in
19{
20  home.file.".ssh/allowed_signers".text = "* ${signingKey}";
21
22  programs.git = {
23    enable = true;
24
25    settings = lib.mkMerge [
26      {
27        user = {
28          name = "Chloe A";
29          email = "chloe@sapphic.moe";
30          signingkey = signingKey;
31        };
32
33        gpg = {
34          format = "ssh";
35          ssh.program = opSshSignPath;
36          ssh.allowedSignersFile = "~/.ssh/allowed_signers";
37        };
38
39        commit.gpgsign = true;
40      }
41
42      (lib.mkIf (osConfig ? wsl) {
43        core.sshCommand = "ssh.exe";
44      })
45    ];
46  };
47}