From feb03b9630430af407dc078fb18d7a7d6d17e101 Mon Sep 17 00:00:00 2001
From: Quentin Aristote <quentin@aristote.fr>
Date: Thu, 2 Mar 2023 18:36:54 +0100
Subject: home: set up gpg properly

---
 modules/home-manager/personal/environment.nix |  8 ++++++++
 modules/home-manager/personal/profiles.nix    | 18 +++++++++---------
 2 files changed, 17 insertions(+), 9 deletions(-)

(limited to 'modules')

diff --git a/modules/home-manager/personal/environment.nix b/modules/home-manager/personal/environment.nix
index 7518c33..3783400 100644
--- a/modules/home-manager/personal/environment.nix
+++ b/modules/home-manager/personal/environment.nix
@@ -16,4 +16,12 @@
     };
     sessionVariables = { CDPATH = "~"; };
   };
+
+  services.gpg-agent = {
+    enableBashIntegration = lib.mkDefault config.programs.bash.enable;
+    pinentryFlavor =
+      lib.mkDefault (if config.personal.gui.enable then "gtk2" else "tty");
+    grabKeyboardAndMouse =
+      lib.mkDefault false; # insecure, but necessary with keepass auto-type
+  };
 }
diff --git a/modules/home-manager/personal/profiles.nix b/modules/home-manager/personal/profiles.nix
index 3d9f6ba..0f66566 100644
--- a/modules/home-manager/personal/profiles.nix
+++ b/modules/home-manager/personal/profiles.nix
@@ -20,7 +20,7 @@ in {
 
   config = lib.mkMerge [
     (lib.mkIf cfg.dev {
-      home.packages = with pkgs; [ gnupg python3 ];
+      home.packages = with pkgs; [ python3 ];
       programs = {
         alacritty.enable = lib.mkDefault config.personal.gui.enable;
         direnv.enable = lib.mkDefault true;
@@ -43,6 +43,8 @@ in {
         ".config/venv-manager/config/default.nix".source =
           lib.mkDefault config.personal.home.dotfiles.venv-manager;
       };
+
+      services.gpg-agent.enableSshSupport = true;
     })
 
     (lib.mkIf cfg.multimedia {
@@ -84,10 +86,8 @@ in {
         (config.personal.gui.enable && cfg.social.identities.personal)
         [ signal-desktop ];
       programs.thunderbird.enable = lib.mkDefault config.personal.gui.enable;
-      services.gpg-agent = {
-        enable = true;
-        enableSshSupport = true;
-      };
+      programs.gpg.enable = true;
+      services.gpg-agent.enable = true;
 
       accounts.email.accounts = let
         gpg = {
@@ -160,12 +160,12 @@ in {
           thunderbird = {
             enable = true;
             profiles = [ "default" ];
-            settings = id: thunderbirdSettings id // {
+            settings = id:
+              thunderbirdSettings id // {
                 "mail.identity.id_${id}.archive_folder" =
                   "imap://qaristote@clipper.ens.fr/Archive";
-                "mail.server.server_${id}.trash_folder_name" =
-                  "Trash";
-            };
+                "mail.server.server_${id}.trash_folder_name" = "Trash";
+              };
           };
         };
       };
-- 
cgit v1.2.3