added programmatic dynamic generation of user defined keys

2026-03-24 00:29:43 -04:00 · 2024-05-15 11:02:29 -04:00 · 2024-05-15 11:02:29 -04:00 · 6ccfd709d0
commit 6ccfd709d0
parent 18a94b74fb
10 changed files with 41 additions and 20 deletions
--- a/src/user/configs/default.nix
+++ b/src/user/configs/default.nix
@ -2,7 +2,7 @@

 with lib;
 let
-gpg = config.modules.user.security.gpg;
+modules = config.modules.user;

 userConfigs = rec {
  name = "bryan";
@ -14,24 +14,16 @@ userConfigs = rec {

  groups = [ "wheel" "networkmanager" "home-manager" "input" ];

-  gitConfig = {
+  keys = import ./keys;
+
+  gitConfig = optionalAttrs modules.git.enable {
    userName = "Bryan Ramos";
    userEmail = email;
-    signing = optionalAttrs gpg.enable {
+    signing = optionalAttrs modules.security.gpg.enable {
      key = "F1F3466458452B2DF351F1E864D12BA95ACE1F2D";
      signByDefault = true;
    };
  };
-
-  pgpKey = {
-    text = import ./keys/pgpKey.nix;
-    trust = 5;
-  };
-
-  sshKeys = {
-    key1 = import ./keys/sshKey1.nix;
-    key2 = import ./keys/sshKey2.nix;
-  };
 };

 in
--- a/src/user/configs/keys/default.nix
+++ b/src/user/configs/keys/default.nix
@ -0,0 +1,26 @@
+with builtins;
+let
+  extractName = string:
+    let
+      metadata = [
+        "pub" "public" "priv" "private"
+        "key" "file" "." "_" "-" "pk"
+      ];
+    in
+      replaceStrings metadata (builtins.map (_: "") metadata) string;
+
+  constructKeys = dir: (
+    listToAttrs (
+      map (subdir: {
+        name = subdir;
+        value = listToAttrs (
+          map (file: {
+            name = extractName file;
+            value = readFile "${dir}/${subdir}/${file}";
+          }) (filter (node: (readDir "${dir}/${subdir}").${node} == "regular") (attrNames (readDir "${dir}/${subdir}")))
+        );
+      }) (filter (node: (readDir dir).${node} == "directory") (attrNames (readDir dir)))
+    )
+  );
+in
+  constructKeys ./.
--- a/src/user/configs/keys/pgp/primary.pub.key
+++ b/src/user/configs/keys/pgp/primary.pub.key
@ -1,4 +1,3 @@
-''
 -----BEGIN PGP PUBLIC KEY BLOCK-----

 mQINBGP0BgMBEAC2v+n9plI0p+TqIrmvz7JHoYbtUK3NDkyNeIsgS+sE5nfLB1Ef
@ -108,4 +107,3 @@ OEpwdDwa67AtzYKG0ssOJI+po9TlbKYS4O4H8XnPhYSOEw8eObNPYCX7jyAjXloo
 1hbflYLyMYo1BxGR6bPS9gJA2w==
 =5uun
 -----END PGP PUBLIC KEY BLOCK-----
-''
--- a/src/user/configs/keys/ssh/android.pub.key
+++ b/src/user/configs/keys/ssh/android.pub.key
--- a/src/user/configs/keys/ssh/primary.pub.key
+++ b/src/user/configs/keys/ssh/primary.pub.key
--- a/src/user/modules/security/modules/gpg/default.nix
+++ b/src/user/modules/security/modules/gpg/default.nix
@ -9,7 +9,12 @@ in
  config = mkIf cfg.enable {
    programs.gpg = {
      enable = true;
-      publicKeys = [ config.user.pgpKey ];
+      publicKeys = [
+        {
+          text = "${config.user.keys.pgp.primary}";
+          trust = 5;
+        }
+      ];
    };

    services.gpg-agent = {