diff options
Diffstat (limited to 'modules/common/gnupg.nix')
| -rw-r--r-- | modules/common/gnupg.nix | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/modules/common/gnupg.nix b/modules/common/gnupg.nix new file mode 100644 index 0000000..c0f10f9 --- /dev/null +++ b/modules/common/gnupg.nix @@ -0,0 +1,58 @@ +{ + config, + lib, + ... +}: +with lib; let + cfg = config.nixfiles.modules.gnupg; +in { + options.nixfiles.modules.gnupg.enable = mkEnableOption "GnuPG"; + + config = mkIf cfg.enable { + hm.programs.gpg = { + enable = true; + + settings = + { + display-charset = "utf-8"; + enable-progress-filter = true; + fixed-list-mode = true; + keyid-format = "0xlong"; + no-comments = true; + no-emit-version = true; + no-greeting = true; + with-fingerprint = true; + throw-keyids = false; + + use-agent = true; + + armor = true; + + no-random-seed-file = true; + + list-options = "show-uid-validity"; + verify-options = "show-uid-validity"; + } + // (let + cipherAlgos = ["AES256" "AES192" "AES"]; + digestAlgos = ["SHA512" "SHA384" "SHA256" "SHA224"]; + compressionAlgos = ["ZLIB" "BZIP2" "ZIP" "Uncompressed"]; + + cs = concatStringsSep " "; + in { + default-preference-list = + cs (cipherAlgos ++ digestAlgos ++ compressionAlgos); + + personal-cipher-preferences = cs cipherAlgos; + personal-digest-preferences = cs digestAlgos; + personal-compress-preferences = cs compressionAlgos; + + s2k-cipher-algo = head cipherAlgos; + s2k-digest-algo = head digestAlgos; + + digest-algo = head digestAlgos; + cert-digest-algo = head digestAlgos; + }); + }; + }; +} |