diff --git a/users/malte/conf.nix b/users/malte/conf.nix index fd05382..d37edf8 100644 --- a/users/malte/conf.nix +++ b/users/malte/conf.nix @@ -1,6 +1,6 @@ { gpg = { - id = "BCE9E4BF632E7CED"; - grip = "869B80E964B00C46BEAD6122B780FB1B838234F6"; + id = "437B3369EAE401C4"; + grip = "A826E14C72FD63C377141B8155F5A51536A01E45"; }; } diff --git a/users/malte/gpg.nix b/users/malte/gpg.nix index 9269875..c923a0f 100644 --- a/users/malte/gpg.nix +++ b/users/malte/gpg.nix @@ -1,9 +1,30 @@ {pkgs, ...}: let conf = import ./conf.nix; -in { - home.packages = with pkgs; [yubikey-personalization]; + secret = pkgs.writeShellApplication { + name = "secret"; + runtimeInputs = [ + pkgs.gnupg + ]; + text = '' + output=~/"$1.$(date +%s).enc" + gpg --encrypt --armor --output "$output" -r 0x0000 -r 0x0001 -r 0x0002 "$1" && echo "$1" + ''; + }; - programs.gpg = {enable = true;}; + reveal = pkgs.writeShellApplication { + name = "reveal"; + runtimeInputs = [ + pkgs.gnupg + ]; + text = '' + output=$(echo "$1" | rev | cut -c16- | rev) + gpg --decrypt --output "$output" "$1" && echo "$1 -> $output" + ''; + }; +in { + home.packages = [pkgs.yubikey-personalization secret reveal]; + + programs.gpg.enable = true; services.gpg-agent = { enable = true; diff --git a/users/malte/mail.nix b/users/malte/mail.nix index 363f2f3..d2e39c1 100644 --- a/users/malte/mail.nix +++ b/users/malte/mail.nix @@ -179,7 +179,7 @@ }; gpg = { encryptByDefault = false; - key = "0xBCE9E4BF632E7CED"; + key = "0x${(import ./conf.nix).gpg.id}"; signByDefault = true; }; smtp.tls.enable = true; diff --git a/users/malte/pass.nix b/users/malte/pass.nix index a6a5575..fdf805b 100644 --- a/users/malte/pass.nix +++ b/users/malte/pass.nix @@ -37,7 +37,7 @@ in { programs.password-store = { enable = true; - settings = {PASSWORD_STORE_KEY = "BCE9E4BF632E7CED";}; + settings.PASSWORD_STORE_KEY = (builtins.import ./conf.nix).gpg.id; }; home.packages = [passmenu-bemenu pkgs.hackNerdLigatures]; diff --git a/users/malte/yubikey.pub b/users/malte/yubikey.pub index e4b2444..e311efd 100644 --- a/users/malte/yubikey.pub +++ b/users/malte/yubikey.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXnYMJtwgvSNpjysKzvRCjzyyQRB4yDtzynD7c5ALDZfRHvrgGQS11vk96ExClo66ll3vrFci5mBmGJf4/+yPBb3qiiovEHobjh5nIDHXYTg7tJDHivKIMQ3w8DmZwBKSLFlsH/UZe8NJVGrGRHGofWnTY/yw/FdbAkaKqvF/V+WGP7kR+dQ1pIqXXpP3phAu0WfO+E2838XxHAxLtm35GkE40GCX9dhXmjurxCeTSaJE6OYQ4/+z73fOZc1ebV/Ze6UZsGhOtzJPBIH19Ft0v9x86KoZabqgK3KDSHn9QKcM+Mm7o3tOthfQPlg1tCoxGueDJFI/0+AyjwBmQ1CUvNXpfmL4NE+6GRwRfZNsWoW0nPmC1B/c3rWk+JXYsxGQhvVeDk+1HXCFKghdPTSgpESua03A4UqLNadERYC9s2Q5TzSYQsV/8fpg4gCxlVRl/g1aUvbaCL09jmUkDJ4i36X+g8rvux5Q2CTpskLuhHeFVcC4/c1XXF+cJTwl1GjppEL0JFKgcjIwlyE8neR4PVlOq3UQqZdZEvzZigaLxtpwZMKNGhdIqS2/qqo/LlJ66/Y7TohimhsCRyHHqbf85Cha1z0Ct+9GtTdn9hpeC6Sb2Et+iN4gxdm+SWqPybZipeBL7b+ir5Ssxq1vIf/sbqKh7Kz699dwKSeRaAmJiew== openpgp:0xC43C0C72 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPeBWpo8tGJtBdzLAys2aI+pl9K4dR2clI5mEM4JQcyWseOdQyzIQamuPQ8n+ok/wjbLYh0PI54V35znMkHF3gsDcjxxU90HvCD+JuLBiZVVvpHbZFt7H1e1xM9QXh26yffeBTKQ7es0Dj4AXbEqJkb4WZKUQ3yhDA0JNlkCq4F+k5yzF5W52W2H+DtFRXy7L6c00562a9FrGKovfXEGmlNQwLIc1LoEGSURe7UIJxYwdWY2F2w/ity9W83fwYa6jmrQ2+822TJUqd5s2FI8/TIO4QzJhwIxQDigwX7BCgyvBAFSPkbnsVHM7xDlOHtg1Xz6e9JRwRJTnhbp3MDkzypvizGJDGOzzRKi5f8+9ks4Zd2fcfXpGB5Ovrlsr4nSm8N0PKods1K5dL2bFwoduPnArKjIMgsbriwhrjgFWIK00iiEQQafxqP7eXyTsPDslq/CCcEJ/qcyKKsxDMnH+LIUVz9Mq/rXKHvOBvs6wf3jExukyOsBBGkF0atqy64ynCCObUV2t1YMoxCxHg/3uEMz7QBo1HCmLwfSb84I698Wj20h3AL1GW07r3zUQko4aAnCwSYW81KgqZMc1U8REFCKlrDG3Bft+pcFnXj8vaCVJIGzruQRu0ME4A5FagOlrB/iMIh/pn4bBelAWewZO/bEhKpW+NStfmWNdUiewlPQ== openpgp:0x815261C7