enroll new key
This commit is contained in:
parent
dba17de73c
commit
c7d9d0f802
SSH key fingerprint:
SHA256:Q8IL6Y7sSKqzkyFdV1L0O/EflEh1fFV3tBtwxpapRH4
3 changed files with 18 additions and 1 deletions
|
|
@ -12,6 +12,8 @@ let
|
|||
getExe
|
||||
mkIf
|
||||
;
|
||||
|
||||
inherit (builtins) toString readFile;
|
||||
in
|
||||
{
|
||||
config = mkIf (enable && tooling.enable) {
|
||||
|
|
@ -27,10 +29,16 @@ in
|
|||
programs.git = {
|
||||
enable = true;
|
||||
lfs.enable = true;
|
||||
config = {
|
||||
config = let
|
||||
key_file = ../../ssh/id_ed25519_sk.pub;
|
||||
allowed_signers_file = pkgs.writeText "allowed_signers" ''${tooling.git_email} namespaces="git" ${readFile key_file}'';
|
||||
in {
|
||||
|
||||
init.defaultBranch = "main";
|
||||
credential.username = tooling.git_user;
|
||||
gpg.format = "ssh";
|
||||
user.signingkey = toString key_file;
|
||||
gpg.ssh.allowedSignersFile = toString allowed_signers_file;
|
||||
user.name = tooling.git_user;
|
||||
user.email = tooling.git_email;
|
||||
push.autoSetupRemote = true;
|
||||
|
|
|
|||
8
ssh/id_ed25519_sk
Normal file
8
ssh/id_ed25519_sk
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
-----BEGIN OPENSSH PRIVATE KEY-----
|
||||
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABBCVqu7bW
|
||||
JXmNfwjGd1xpahAAAAGAAAAAEAAABKAAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29t
|
||||
AAAAIIjwxJAnq4Z83CgU15LOMNK/ARTUPFALAexYMmax4bXVAAAABHNzaDoAAACgig1MsV
|
||||
LNCxt4ktfo7rMgPmBdBRmETuj08L/3XGD5A668Y7q4GfC731ghAuBlJ9YtnU1PwbbyLNmU
|
||||
xszcWVAVOqc5Ntq1R1Hk3bJnSIVV8HTR1Zxkj9JkYy0jpfC+7PbNbFq3/u7bbyWfrw5vSH
|
||||
26GE2kZOk79ArdNOCxcjx+o9i+AE4svF2WUrRLf9s8rDNm2tu5BAn5yCCkaQv75h9bsA==
|
||||
-----END OPENSSH PRIVATE KEY-----
|
||||
1
ssh/id_ed25519_sk.pub
Normal file
1
ssh/id_ed25519_sk.pub
Normal file
|
|
@ -0,0 +1 @@
|
|||
sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIjwxJAnq4Z83CgU15LOMNK/ARTUPFALAexYMmax4bXVAAAABHNzaDo= Yubi ssh
|
||||
Loading…
Reference in a new issue