41 lines
928 B
Nix
41 lines
928 B
Nix
{ pkgs ? import <nixpkgs> { } }:
|
|
pkgs.mkShell {
|
|
|
|
buildInputs = with pkgs; [
|
|
gnupg
|
|
git
|
|
vim
|
|
pcsclite
|
|
pinentry-curses
|
|
];
|
|
|
|
shellHook = ''
|
|
mkdir -p $HOME/.gnupg
|
|
echo "pinentry-program = ${pkgs.pinentry-curses}/bin/pinentry-curses" > $HOME/.gnupg/gpg-agent.conf
|
|
chmod 700 /root/.gnupg
|
|
chmod 600 /root/.gnupg/gpg-agent.conf
|
|
|
|
# Set the SSH agent socket for gpg-agent
|
|
export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
|
|
|
|
# Reload the gpg-agent to apply changes
|
|
gpg-connect-agent reloadagent /bye
|
|
|
|
# Import public key
|
|
export KEY_URL="$(gpg --card-status | grep URL | cut -d' ' -f6)"
|
|
curl $KEY_URL | gpg --import
|
|
gpg --card-status
|
|
|
|
gpgconf --kill gpg-agent
|
|
gpg-agent --daemon
|
|
|
|
touch dummy
|
|
gpg -r hans --encrypt dummy
|
|
gpg --decrypt dummy.gpg
|
|
|
|
|
|
# Clone the repository
|
|
git clone ssh://git@git.cluster.gay:2222/hans/nix.git
|
|
'';
|
|
}
|