kitten.sh
+1
-1
home/base/gpg.nix
+1
-1
home/base/gpg.nix
modules/server/encrypt/gitconfig.age
modules/server/encrypt/gitconfig.age
This is a binary file and will not be displayed.
+25
-1
modules/server/tangled.nix
+25
-1
modules/server/tangled.nix
···
1
-
{ lib, config, hostname, helpers, ... }:
1
+
{ lib, config, hostname, helpers, pkgs, ... }:
2
2
3
3
with lib;
4
4
let
···
33
33
listenAddr = "127.0.0.1:5555";
34
34
owner = cfg.tangled.owner;
35
35
};
36
+
};
37
+
38
+
programs.git = {
39
+
enable = true;
40
+
config = {
41
+
gpg.program = "${pkgs.gnupg}/bin/gpg";
42
+
receive = {
43
+
advertisePushOptions = true;
44
+
denyFastForwards = false;
45
+
fsckObjects = true;
46
+
autogc = true;
47
+
};
48
+
49
+
include.path = "/etc/gitconfig.private";
50
+
};
51
+
};
52
+
53
+
age.secrets."gitconfig.private" = {
54
+
symlink = false;
55
+
path = "/etc/gitconfig.private";
56
+
file = ./encrypt/gitconfig.age;
57
+
owner = cfg.tangled.owner;
58
+
group = cfg.tangled.owner;
59
+
mode = "0444";
36
60
};
37
61
};
38
62
}
+1
secrets.nix
+1
secrets.nix
···
9
9
"./modules/server/encrypt/tailscale.age".publicKeys = keys;
10
10
"./modules/server/encrypt/rclone.conf.age".publicKeys = keys;
11
11
"./modules/server/encrypt/tangled-knot-ssh.age".publicKeys = keys;
12
+
"./modules/server/encrypt/gitconfig.age".publicKeys = keys;
12
13
13
14
"./home/fonts/encrypt/DankMono-Regular.otf.age".publicKeys = keys;
14
15
"./home/fonts/encrypt/DankMono-Bold.otf.age".publicKeys = keys;