From 12b275771f7cd38fe89080838b8d5bff9f0e1ebd Mon Sep 17 00:00:00 2001 From: Stefan Ellmauthaler Date: Sat, 9 Oct 2021 14:22:36 +0200 Subject: [PATCH] added tig and gpg Signed-off-by: Stefan Ellmauthaler --- home/config/nixpkgs/conf/gpgsm/chain.txt | 88 ++++++++++++++++++++ home/config/nixpkgs/conf/gpgsm/trustlist.txt | 30 +++++++ home/config/nixpkgs/git.nix | 19 +++++ home/config/nixpkgs/gpg.nix | 15 ++++ home/config/nixpkgs/home.nix | 2 + 5 files changed, 154 insertions(+) create mode 100644 home/config/nixpkgs/conf/gpgsm/chain.txt create mode 100644 home/config/nixpkgs/conf/gpgsm/trustlist.txt create mode 100644 home/config/nixpkgs/git.nix create mode 100644 home/config/nixpkgs/gpg.nix diff --git a/home/config/nixpkgs/conf/gpgsm/chain.txt b/home/config/nixpkgs/conf/gpgsm/chain.txt new file mode 100644 index 0000000..5f01400 --- /dev/null +++ b/home/config/nixpkgs/conf/gpgsm/chain.txt @@ -0,0 +1,88 @@ +subject= /C=DE/ST=Sachsen/L=Dresden/O=Technische Universitaet Dresden/CN=TU Dresden CA +-----BEGIN CERTIFICATE----- +MIIFljCCBH6gAwIBAgIMHG40JD862CwbzJE1MA0GCSqGSIb3DQEBCwUAMIGVMQsw +CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz +IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t +UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IDIwHhcNMTYxMjEyMTQzOTE2WhcNMzEwMjIyMjM1OTU5WjBzMQswCQYDVQQGEwJE +RTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEoMCYGA1UECgwf +VGVjaG5pc2NoZSBVbml2ZXJzaXRhZXQgRHJlc2RlbjEWMBQGA1UEAwwNVFUgRHJl +c2RlbiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOfggnONmNft +CebaQElj0mMf9D8ao/ez9Q3cwm04d18KaUbADLajcEvLE8YBzJmzQKJdfLdxKiJE +x/4klxIXeXH+jksh7plW4L2U74zIf3O0d1RmYsKoppYZOP1CVfJ1T76y9uBrpA9e +0bL/oi3uTLHuxyDCe3vXIgK3QgVeVupJP+TtuP2YbbSBLP9iN4vDE5RqAWnrDYJF +Mv3EWgNIcNQQU6w23ytb4W8Vfwlm/nM8tBdDOVt9S06Bq17sKBa4YIJ+V/y6xV7w +m/P/cPo0pPFsxrycOjJTxlx8Lk343+6Hov0tI+4h6uX8iB95RLOfDOJMMZS1Yr9q +3NyiZE1+cZkCAwEAAaOCAgUwggIBMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0P +AQH/BAQDAgEGMCkGA1UdIAQiMCAwDQYLKwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGC +LAEBBDAdBgNVHQ4EFgQUUv6+tyTCGwodRlKORCQq9EhAPQEwHwYDVR0jBBgwFoAU +k+PYMiba1fFKpZFK4OpL4qIMz+EwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDov +L2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3Js +LmNybDBAoD6gPIY6aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1n +Mi1jYS9wdWIvY3JsL2NhY3JsLmNybDCB3QYIKwYBBQUHAQEEgdAwgc0wMwYIKwYB +BQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBK +BggrBgEFBQcwAoY+aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1n +Mi1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwSgYIKwYBBQUHMAKGPmh0dHA6Ly9j +ZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNl +cnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQBM2ET8sDhpf8GfzHc9oCwzGzt/X+/o +kHK1T0cv5W44y7ftG6LmovMU49SPTfluGToRsMOeYFzDTpwYiqLjg3TXGs08Vuvo +JQOPuSvW8ZACrvZJfSdns6XDMNTzUxRXEtchvrYRkE7bsvt0t3yOlSH8YvkWsBa4 +vbAu9NdKkt0cDkoZobC5N4hI5Q0NfNM5Ac7HXr1h7dbLwC6arHPuw3B7j/jIGL5K +MP9bsh6d78nkxPSu4XcXH18EUPSJHgqPcSyVHspLqLKq0zkDXuGMOIT4ayX0baMh +/dkhanXmXp1XlOvq5Krnr+tV93z4vv8kqVDhslj3YIDeuW0PNRPJyxWF +-----END CERTIFICATE----- +subject= /C=DE/O=Verein zur Foerderung eines Deutschen Forschungsnetzes e. V./OU=DFN-PKI/CN=DFN-Verein Certification Authority 2 +-----BEGIN CERTIFICATE----- +MIIFEjCCA/qgAwIBAgIJAOML1fivJdmBMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD +VQQGEwJERTErMCkGA1UECgwiVC1TeXN0ZW1zIEVudGVycHJpc2UgU2VydmljZXMg +R21iSDEfMB0GA1UECwwWVC1TeXN0ZW1zIFRydXN0IENlbnRlcjElMCMGA1UEAwwc +VC1UZWxlU2VjIEdsb2JhbFJvb3QgQ2xhc3MgMjAeFw0xNjAyMjIxMzM4MjJaFw0z +MTAyMjIyMzU5NTlaMIGVMQswCQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1 +ciBGb2VyZGVydW5nIGVpbmVzIERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUu +IFYuMRAwDgYDVQQLEwdERk4tUEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDLYNf/ZqFBzdL6h5eKc6uZTepnOVqhYIBHFU6MlbLlz87TV0uNzvhWbBVV +dgfqRv3IA0VjPnDUq1SAsSOcvjcoqQn/BV0YD8SYmTezIPZmeBeHwp0OzEoy5xad +rg6NKXkHACBU3BVfSpbXeLY008F0tZ3pv8B3Teq9WQfgWi9sPKUA3DW9ZQ2PfzJt +8lpqS2IB7qw4NFlFNkkF2njKam1bwIFrEczSPKiL+HEayjvigN0WtGd6izbqTpEp +PbNRXK2oDL6dNOPRDReDdcQ5HrCUCxLx1WmOJfS4PSu/wI7DHjulv1UQqyquF5de +M87I8/QJB+MChjFGawHFEAwRx1npAgMBAAGjggF0MIIBcDAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFJPj2DIm2tXxSqWRSuDqS+KiDM/hMB8GA1UdIwQYMBaAFL9Z +IDYAeaCgImuM1fJh0rgsy4JKMBIGA1UdEwEB/wQIMAYBAf8CAQIwMwYDVR0gBCww +KjAPBg0rBgEEAYGtIYIsAQEEMA0GCysGAQQBga0hgiweMAgGBmeBDAECAjBMBgNV +HR8ERTBDMEGgP6A9hjtodHRwOi8vcGtpMDMzNi50ZWxlc2VjLmRlL3JsL1RlbGVT +ZWNfR2xvYmFsUm9vdF9DbGFzc18yLmNybDCBhgYIKwYBBQUHAQEEejB4MCwGCCsG +AQUFBzABhiBodHRwOi8vb2NzcDAzMzYudGVsZXNlYy5kZS9vY3NwcjBIBggrBgEF +BQcwAoY8aHR0cDovL3BraTAzMzYudGVsZXNlYy5kZS9jcnQvVGVsZVNlY19HbG9i +YWxSb290X0NsYXNzXzIuY2VyMA0GCSqGSIb3DQEBCwUAA4IBAQCHC/8+AptlyFYt +1juamItxT9q6Kaoh+UYu9bKkD64ROHk4sw50unZdnugYgpZi20wz6N35at8yvSxM +R2BVf+d0a7Qsg9h5a7a3TVALZge17bOXrerufzDmmf0i4nJNPoRb7vnPmep/11I5 +LqyYAER+aTu/de7QCzsazeX3DyJsR4T2pUeg/dAaNH2t0j13s+70103/w+jlkk9Z +PpBHEEqwhVjAb3/4ru0IQp4e1N8ULk2PvJ6Uw+ft9hj4PEnnJqinNtgs3iLNi4LY +2XjiVRKjO4dEthEL1QxSr2mMDwbf0KJTi1eYe8/9ByT0/L3D/UqSApcb8re2z2WK +GqK1chk5 +-----END CERTIFICATE----- +subject= /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2 +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUx +KzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAd +BgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNl +YyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgxMDAxMTA0MDE0WhcNMzMxMDAxMjM1 +OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnBy +aXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50 +ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUd +AqSzm1nzHoqvNK38DcLZSBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiC +FoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/FvudocP05l03Sx5iRUKrERLMjfTlH6VJi +1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx9702cu+fjOlbpSD8DT6Iavq +jnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGVWOHAD3bZ +wI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGj +QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/ +WSA2AHmgoCJrjNXyYdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhy +NsZt+U2e+iKo4YFWz827n+qrkRk4r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPAC +uvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNfvNoBYimipidx5joifsFvHZVw +IEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR3p1m0IvVVGb6 +g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlP +BSeOE6Fuwg== +-----END CERTIFICATE----- diff --git a/home/config/nixpkgs/conf/gpgsm/trustlist.txt b/home/config/nixpkgs/conf/gpgsm/trustlist.txt new file mode 100644 index 0000000..070a2f9 --- /dev/null +++ b/home/config/nixpkgs/conf/gpgsm/trustlist.txt @@ -0,0 +1,30 @@ +# This is the list of trusted keys. Comment lines, like this one, as +# well as empty lines are ignored. Lines have a length limit but this +# is not a serious limitation as the format of the entries is fixed and +# checked by gpg-agent. A non-comment line starts with optional white +# space, followed by the SHA-1 fingerprint in hex, followed by a flag +# which may be one of 'P', 'S' or '*' and optionally followed by a list of +# other flags. The fingerprint may be prefixed with a '!' to mark the +# key as not trusted. You should give the gpg-agent a HUP or run the +# command "gpgconf --reload gpg-agent" after changing this file. + +# Include the default trust list +include-default + +# CN=Deutsche Telekom Root CA 2 +# OU=T-TeleSec Trust Center +# O=Deutsche Telekom AG +# C=DE +85:A4:08:C0:9C:19:3E:5D:51:58:7D:CD:D6:13:30:FD:8C:DE:37:BF S relax + +# CN=T-TeleSec GlobalRoot Class 2 +# OU=T-Systems Trust Center +# O=T-Systems Enterprise Services GmbH +# C=DE +EA:B2:26:12:DB:87:4F:A1:8A:9D:82:FE:C1:4B:25:39:61:A8:CF:44 S relax + +# CN=T-TeleSec GlobalRoot Class 2 +# OU=T-Systems Trust Center +# O=T-Systems Enterprise Services GmbH +# C=DE +59:0D:2D:7D:88:4F:40:2E:61:7E:A5:62:32:17:65:CF:17:D8:94:E9 S relax diff --git a/home/config/nixpkgs/git.nix b/home/config/nixpkgs/git.nix new file mode 100644 index 0000000..d2c708c --- /dev/null +++ b/home/config/nixpkgs/git.nix @@ -0,0 +1,19 @@ +{ config, pkgs, ...}: +{ + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + userName = "Stefan Ellmauthaler"; + userEmail = "stefan.ellmauthaler@tu-dresden.de"; + extraConfig = { + core = { editor = "emacsclient"; }; + gpg = { + format = "x509"; + program = "gpgsm"; + }; + user = { signingKey = "0x4998BEEE"; }; + init = { defaultBranch = "main";}; + branch = { autosetuprebase = "always";}; + }; + }; +} diff --git a/home/config/nixpkgs/gpg.nix b/home/config/nixpkgs/gpg.nix new file mode 100644 index 0000000..cff542c --- /dev/null +++ b/home/config/nixpkgs/gpg.nix @@ -0,0 +1,15 @@ +{ config, pkgs, lib, ...}: +{ + home.file = { + ".gnupg/gpgsm.conf".text = '' + keyserver ldap.pca.dfn.de::::o=DFN-Verein,c=DE + ''; + ".gnupg/dirmngr_ldapservers.conf".text = "ldap.pca.dfn.de:389:::o=DFN-Verein,c=de,o=DFN-Verein,c=de"; + ".gnupg/trustlist.txt".source = ./conf/gpgsm/trustlist.txt; + ".gnupg/chain.txt".source = ./conf/gpgsm/chain.txt; + }; + + + + programs.gpg.enable = true; +} diff --git a/home/config/nixpkgs/home.nix b/home/config/nixpkgs/home.nix index 6e61f51..0602152 100644 --- a/home/config/nixpkgs/home.nix +++ b/home/config/nixpkgs/home.nix @@ -7,6 +7,8 @@ ./zsh.nix ./nextcloud.nix ./autorandr.nix + ./git.nix + ./gpg.nix ]; home.packages = [ pkgs.htop