78 lines
1.9 KiB
Nix
78 lines
1.9 KiB
Nix
{ config, lib, ... }:
|
|
let
|
|
account = config.repo.account;
|
|
in
|
|
{
|
|
flake.modules.homeManager.git =
|
|
{
|
|
config,
|
|
osConfig,
|
|
...
|
|
}:
|
|
let
|
|
machine = osConfig.meta.machine;
|
|
allowedSignersFile = "${config.xdg.configHome}/git/allowed_signers";
|
|
|
|
mkScope =
|
|
scope:
|
|
let
|
|
email = account.emails.${scope}.address;
|
|
key = machine.sourceControl.${scope};
|
|
hasSigningKey = key != null && key.publicKey != null;
|
|
in
|
|
{
|
|
allowedSigners = lib.optional hasSigningKey "${email} ${key.publicKey}";
|
|
git = {
|
|
user = {
|
|
name = account.realName;
|
|
inherit email;
|
|
}
|
|
// lib.optionalAttrs hasSigningKey {
|
|
signingKey = "${key.privateKeyPath}.pub";
|
|
};
|
|
}
|
|
// lib.optionalAttrs hasSigningKey {
|
|
gpg.ssh.allowedSignersFile = allowedSignersFile;
|
|
};
|
|
};
|
|
|
|
personal = mkScope "personal";
|
|
work = mkScope "work";
|
|
in
|
|
{
|
|
xdg.configFile."git/allowed_signers".text = lib.concatStringsSep "\n" (
|
|
personal.allowedSigners ++ work.allowedSigners ++ [ "" ]
|
|
);
|
|
|
|
programs.git = {
|
|
enable = true;
|
|
signing.format = "ssh";
|
|
ignores = [
|
|
".claude/"
|
|
".codex"
|
|
];
|
|
settings = {
|
|
init.defaultBranch = "main";
|
|
user = {
|
|
name = account.realName;
|
|
email = account.emails.personal.address;
|
|
};
|
|
};
|
|
includes = [
|
|
{
|
|
condition = "gitdir:${account.nixosConfigurationPath}/";
|
|
contents = personal.git;
|
|
}
|
|
{
|
|
condition = "gitdir:${config.xdg.userDirs.projects}/";
|
|
contents = personal.git;
|
|
}
|
|
{
|
|
condition = "gitdir:${config.home.homeDirectory}/work/";
|
|
contents = work.git;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|