mermet: knot: sourcephile.fr: add openpgpkey

[sourcephile-nix.git] / hosts / carotte / security.nix

diff --git a/hosts/carotte/security.nix b/hosts/carotte/security.nix
index 7f1af3edd2369c0561af4a88e804ce1e7d05a874..e582910085e263d6b9817e3facbd8e4e746e44aa 100644 (file)
--- a/hosts/carotte/security.nix
+++ b/hosts/carotte/security.nix
@@ -1,19 +1,17 @@
-{ inputs, pkgs, lib, config, ... }:
+{ lib, ... }:
 {
-security.lockKernelModules = false;
-security.virtualisation.flushL1DataCache = lib.mkForce null;
-security.gnupg.agent = {
-  keyring."C7BCEA3D090956E7D51E94ADFF53191D9FA89552" = {
-    passwordGpg = "gnupg/root.gpg";
+  security.lockKernelModules = false;
+  security.virtualisation.flushL1DataCache = lib.mkForce null;
+  /*
+  security.gnupg.agent = {
+    keyring."C7BCEA3D090956E7D51E94ADFF53191D9FA89552" = {
+      passwordGpg = "gnupg/root.gpg";
+      passwordFile = "/root/.gnupg.C7BCEA3D090956E7D51E94ADFF53191D9FA89552.txt";
+    };
   };
-};
-services.openssh.extraConfig = ''
-  # This is for removing remote gpg-agent's socket
-  StreamLocalBindUnlink yes
-'';
-/*
-environment.systemPackages = [
-  pkgs.tshark
-];
-*/
+  services.openssh.extraConfig = ''
+    # This is for removing remote gpg-agent's socket
+    StreamLocalBindUnlink yes
+  '';
+  */
 }