]> Git — Sourcephile - sourcephile-nix.git/blob - build/modules/gnupg.nix
nsf: try to limit hardcoding.
[sourcephile-nix.git] / build / modules / gnupg.nix
1 {config, ...}:
2 {
3 config = {
4 gnupg = {
5 enable = true;
6 keys = {
7 "Commonsoft <contact@commonsoft.coop>" = {
8 uid = "Commonsoft <contact@commonsoft.coop>";
9 algo = "rsa4096";
10 expire = "1y";
11 usage = ["cert" "sign"];
12 passPath = "commonsoft.coop/gnupg/contact@";
13 subKeys = [
14 { algo = "rsa4096"; expire = "1y"; usage = ["sign"];}
15 { algo = "rsa4096"; expire = "1y"; usage = ["encrypt"];}
16 { algo = "rsa4096"; expire = "1y"; usage = ["auth"];}
17 ];
18 backupRecipients = ["@julm@autogeree.net"];
19 };
20 };
21 };
22 };
23 }