toph/dot.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Setup git-crypt for secrets.nix, enables gnupg in nix as well.

Browse source
This commit is contained in:
Chris Toph 2025-04-23 20:00:11 -04:00
parent 3682ace397
commit 4c9b07a8f0
6 changed files with 35 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitattributes vendored
View file

@ -1,2 +1,5 @@
# Auto detect text files and perform LF normalization
* text=auto
# git-crypt
secrets.nix filter=git-crypt diff=git-crypt

25
.vscode/settings.json vendored
View file

@ -1,16 +1,25 @@
{
"explorer.fileNesting.patterns": {
".gitignore": ".gitattributes, .envrc, readme",
"flake.nix": "flake.lock, shell.nix, checks.nix"
},
"editor.formatOnSave": true,
"editor.formatOnSaveMode": "file",
"explorer.fileNesting.patterns": {
".gitignore": ".gitattributes, .envrc, readme",
"flake.nix": "flake.lock, shell.nix, secrets.nix"
},
"files.exclude": {
".git-crypt": true
},
"terminal.integrated.defaultProfile.linux": "fish-fhs",
"terminal.integrated.profiles.linux": {
// ...
"fish-fhs": {
"path": "systemd-run",
"args": ["--user", "--pty", "--quiet", "--same-dir", "--service-type=exec", "fish"]
"args": [
"--user",
"--pty",
"--quiet",
"--same-dir",
"--service-type=exec",
"fish"
],
"path": "systemd-run"
}
}
}
}

3
hosts/common/core/default.nix
View file

@ -21,6 +21,9 @@
# System-wide packages, in case we log in as root
environment.systemPackages = with pkgs; [
curl
git
git-crypt
gpg-tui
micro
openssh
ranger

9
hosts/common/core/gnupg.nix Normal file
View file

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
# GnuPG
programs.gnupg.agent = {
enable = true;
pinentryPackage = pkgs.pinentry-gnome3;
};
services.pcscd.enable = true;
}

BIN
secrets.nix Normal file
View file

Binary file not shown.

3
shell.nix
View file

@ -34,6 +34,9 @@ in
# Git for repo management
git
git-crypt
gnupg
gpg-tui
# Shells
fish