nix: remove networking.domainAliases
[sourcephile-nix.git] / shell / modules / tools / security / gnupg.nix
index 02e3da6074261afbf8d96976250ef14c578969a6..c5821bed2f0a3b16030a6b5b05d21c4ae80fb59a 100644 (file)
@@ -202,10 +202,6 @@ let
     set -eu
     set -o pipefail
     ${info}
-    ${pkgs.coreutils}/bin/install -dm0700 -D ${gnupg.gnupgHome}
-    ${pkgs.coreutils}/bin/ln -snf ${gnupg.gpgConf}      ${gnupg.gnupgHome}/gpg.conf
-    ${pkgs.coreutils}/bin/ln -snf ${gnupg.gpgAgentConf} ${gnupg.gnupgHome}/gpg-agent.conf
-    ${pkgs.coreutils}/bin/ln -snf ${gnupg.dirmngrConf}  ${gnupg.gnupgHome}/dirmngr.conf
     '' +
     generateKeys gnupg.keys
   );
@@ -426,7 +422,7 @@ options.gnupg = {
   };
   gpgConf = lib.mkOption {
     type = types.lines;
-    apply = s: pkgs.writeText "gpg.conf" s;
+    apply = s: pkgs.writeText "gpg.conf" (s+"\n"+gnupg.gpgExtraConf);
     default = ''
       auto-key-locate keyserver
       cert-digest-algo SHA512
@@ -454,6 +450,13 @@ options.gnupg = {
       GnuPG's gpg.conf content.
     '';
   };
+  gpgExtraConf = lib.mkOption {
+    type = types.lines;
+    default = "";
+    description = ''
+      GnuPG's gpg.conf extra content.
+    '';
+  };
 };
 config = lib.mkIf gnupg.enable {
   nix-shell.buildInputs = [
@@ -465,6 +468,10 @@ config = lib.mkIf gnupg.enable {
   ];
   nix-shell.shellHook = ''
     # gnupg
+    ${pkgs.coreutils}/bin/install -dm0700 -D ${gnupg.gnupgHome}
+    ${pkgs.coreutils}/bin/ln -snf ${gnupg.gpgConf}      ${gnupg.gnupgHome}/gpg.conf
+    ${pkgs.coreutils}/bin/ln -snf ${gnupg.gpgAgentConf} ${gnupg.gnupgHome}/gpg-agent.conf
+    ${pkgs.coreutils}/bin/ln -snf ${gnupg.dirmngrConf}  ${gnupg.gnupgHome}/dirmngr.conf
     export GNUPGHOME=${gnupg.gnupgHome}
     install -dm700 "$GNUPGHOME"
     export GPG_TTY=$(${pkgs.coreutils}/bin/tty)