smg1024/nix-darwin
1
0
Fork 0
mirror of https://github.com/smg1024/nix-darwin.git synced 2026-05-22 20:32:59 +09:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(git): git signing with ssh

Browse source
This commit is contained in:
Poby 2026-03-15 02:28:38 +09:00
parent 9ee6a07368
commit 357ef7f648
No known key found for this signature in database
2 changed files with 26 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.gitignore vendored
View file

@ -1,2 +1,6 @@
# MacOS
.DS_Store .DS_Store
# Nix
result result
.cache

24
home/git.nix
View file

@ -1,10 +1,30 @@
{ {config, ...}: let
signingPrincipal = "87608318+smg1024@users.noreply.github.com";
signingPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFuQ4STNnixjNDo38AyI0yABKAVfF3hupo66613IgfC7";
signingKeyPath = "${config.home.homeDirectory}/.config/sops-nix/secrets/github_ssh_key";
allowedSignersPath = "${config.home.homeDirectory}/.config/git/allowed_signers";
in {
home.file.".config/git/allowed_signers".text = ''
${signingPrincipal} ${signingPublicKey}
'';
programs.git = { programs.git = {
enable = true; enable = true;
signing = {
format = "ssh";
key = signingKeyPath;
signByDefault = true;
signer = "ssh-keygen";
};
settings = { settings = {
user = { user = {
name = "Poby"; name = "Poby";
email = "87608318+smg1024@users.noreply.github.com"; email = signingPrincipal;
};
gpg = {
ssh = {
allowedSignersFile = allowedSignersPath;
};
}; };
init.defaultBranch = "master"; init.defaultBranch = "master";
push = { push = {