1
0
Fork 0
mirror of https://github.com/nix-community/home-manager synced 2024-12-23 10:19:48 +01:00

gpg: allow specifying trust levels by name

This commit is contained in:
Naïm Favier 2021-12-16 04:54:56 +01:00 committed by Robert Helgesson
parent 4108989d19
commit 78aa7cceff
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
2 changed files with 19 additions and 9 deletions

View file

@ -40,30 +40,40 @@ let
};
trust = mkOption {
type = types.nullOr (types.enum [ 1 2 3 4 5 ]);
type = types.nullOr (types.enum ["unknown" 1 "never" 2 "marginal" 3 "full" 4 "ultimate" 5]);
default = null;
apply = v:
if isString v then
{
unknown = 1;
never = 2;
marginal = 3;
full = 4;
ultimate = 5;
}.${v}
else v;
description = ''
The amount of trust you have in the key ownership and the care the
owner puts into signing other keys. The available levels are
<variablelist>
<varlistentry>
<term><literal>1</literal></term>
<term><literal>unknown</literal> or <literal>1</literal></term>
<listitem><para>I don't know or won't say.</para></listitem>
</varlistentry>
<varlistentry>
<term><literal>2</literal></term>
<term><literal>never</literal> or <literal>2</literal></term>
<listitem><para>I do NOT trust.</para></listitem>
</varlistentry>
<varlistentry>
<term><literal>3</literal></term>
<term><literal>marginal</literal> or <literal>3</literal></term>
<listitem><para>I trust marginally.</para></listitem>
</varlistentry>
<varlistentry>
<term><literal>4</literal></term>
<term><literal>full</literal> or <literal>4</literal></term>
<listitem><para>I trust fully.</para></listitem>
</varlistentry>
<varlistentry>
<term><literal>5</literal></term>
<term><literal>ultimate</literal> or <literal>5</literal></term>
<listitem><para>I trust ultimately.</para></listitem>
</varlistentry>
</variablelist>
@ -94,7 +104,7 @@ let
keyId="$(gpgKeyId "$1")"
trust="$2"
if [[ -n $keyId ]] ; then
echo -e "trust\n$trust\ny\nquit" \
{ echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \
| ${gpg} --no-tty --command-fd 0 --edit-key "$keyId"
fi
}

View file

@ -14,14 +14,14 @@
"https://keybase.io/rycee/pgp_keys.asc?fingerprint=36cacf52d098cc0e78fb0cb13573356c25c424d4";
sha256 = "082mjy6llvrdry6i9r5gx97nw9d89blnam7bghza4ynsjk1mmx6c";
};
trust = 1;
trust = 1; # "unknown"
}
{
source = pkgs.fetchurl {
url = "https://www.rsync.net/resources/pubkey.txt";
sha256 = "16nzqfb1kvsxjkq919hxsawx6ydvip3md3qyhdmw54qx6drnxckl";
};
trust = 2;
trust = "never";
}
];
};