diff --git a/modules/programs/gpg.nix b/modules/programs/gpg.nix index 145389212..07e2fe277 100644 --- a/modules/programs/gpg.nix +++ b/modules/programs/gpg.nix @@ -18,6 +18,16 @@ let listsAsDuplicateKeys = true; } cfg.scdaemonSettings; + dirmngrCfgText = generators.toKeyValue { + inherit mkKeyValue; + listsAsDuplicateKeys = true; + } cfg.dirmngrSettings; + + gpgsmCfgText = generators.toKeyValue { + inherit mkKeyValue; + listsAsDuplicateKeys = true; + } cfg.gpgsmSettings; + primitiveType = types.oneOf [ types.str types.bool ]; publicKeyOpts = { config, ... }: { @@ -187,6 +197,41 @@ in { ''; }; + dirmngrSettings = mkOption { + type = + types.attrsOf (types.either primitiveType (types.listOf types.str)); + example = literalExpression '' + { + allow-version-check = true; + keyserver = "ldaps://ldap.example.com"; + } + ''; + description = '' + Dirmngr configuration options. Available options are described + in + [ + {manpage}`dirmngr(1)` + ](https://www.gnupg.org/documentation/manuals/gnupg/Dirmngr-Options.html) + ''; + }; + + gpgsmSettings = mkOption { + type = + types.attrsOf (types.either primitiveType (types.listOf types.str)); + example = literalExpression '' + { + with-key-data = true; + } + ''; + description = '' + GPGSM configuration options. Available options are described + in + [ + {manpage}`gpgsm(1)` + ](https://www.gnupg.org/documentation/manuals/gnupg/GPGSM-Options.html) + ''; + }; + homedir = mkOption { type = types.path; example = literalExpression ''"''${config.xdg.dataHome}/gnupg"''; @@ -266,6 +311,14 @@ in { # no defaults for scdaemon }; + programs.gpg.dirmngrSettings = { + # no defaults for dirmngr + }; + + programs.gpg.gpgsmSettings = { + # no defaults for gpgsm + }; + home.packages = [ cfg.package ]; home.sessionVariables = { GNUPGHOME = cfg.homedir; }; @@ -273,6 +326,10 @@ in { home.file."${cfg.homedir}/scdaemon.conf".text = scdaemonCfgText; + home.file."${cfg.homedir}/dirmngr.conf".text = dirmngrCfgText; + + home.file."${cfg.homedir}/gpgsm.conf".text = gpgsmCfgText; + # Link keyring if keys are not mutable home.file."${cfg.homedir}/pubring.kbx" = mkIf (!cfg.mutableKeys && cfg.publicKeys != [ ]) {