mirror of
https://github.com/nix-community/home-manager
synced 2024-11-26 06:30:28 +00:00
gpg: allow specifying trust levels by name
This commit is contained in:
parent
4108989d19
commit
78aa7cceff
2 changed files with 19 additions and 9 deletions
|
@ -40,30 +40,40 @@ let
|
||||||
};
|
};
|
||||||
|
|
||||||
trust = mkOption {
|
trust = mkOption {
|
||||||
type = types.nullOr (types.enum [ 1 2 3 4 5 ]);
|
type = types.nullOr (types.enum ["unknown" 1 "never" 2 "marginal" 3 "full" 4 "ultimate" 5]);
|
||||||
default = null;
|
default = null;
|
||||||
|
apply = v:
|
||||||
|
if isString v then
|
||||||
|
{
|
||||||
|
unknown = 1;
|
||||||
|
never = 2;
|
||||||
|
marginal = 3;
|
||||||
|
full = 4;
|
||||||
|
ultimate = 5;
|
||||||
|
}.${v}
|
||||||
|
else v;
|
||||||
description = ''
|
description = ''
|
||||||
The amount of trust you have in the key ownership and the care the
|
The amount of trust you have in the key ownership and the care the
|
||||||
owner puts into signing other keys. The available levels are
|
owner puts into signing other keys. The available levels are
|
||||||
<variablelist>
|
<variablelist>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><literal>1</literal></term>
|
<term><literal>unknown</literal> or <literal>1</literal></term>
|
||||||
<listitem><para>I don't know or won't say.</para></listitem>
|
<listitem><para>I don't know or won't say.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><literal>2</literal></term>
|
<term><literal>never</literal> or <literal>2</literal></term>
|
||||||
<listitem><para>I do NOT trust.</para></listitem>
|
<listitem><para>I do NOT trust.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><literal>3</literal></term>
|
<term><literal>marginal</literal> or <literal>3</literal></term>
|
||||||
<listitem><para>I trust marginally.</para></listitem>
|
<listitem><para>I trust marginally.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><literal>4</literal></term>
|
<term><literal>full</literal> or <literal>4</literal></term>
|
||||||
<listitem><para>I trust fully.</para></listitem>
|
<listitem><para>I trust fully.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><literal>5</literal></term>
|
<term><literal>ultimate</literal> or <literal>5</literal></term>
|
||||||
<listitem><para>I trust ultimately.</para></listitem>
|
<listitem><para>I trust ultimately.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
</variablelist>
|
</variablelist>
|
||||||
|
@ -94,7 +104,7 @@ let
|
||||||
keyId="$(gpgKeyId "$1")"
|
keyId="$(gpgKeyId "$1")"
|
||||||
trust="$2"
|
trust="$2"
|
||||||
if [[ -n $keyId ]] ; then
|
if [[ -n $keyId ]] ; then
|
||||||
echo -e "trust\n$trust\ny\nquit" \
|
{ echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \
|
||||||
| ${gpg} --no-tty --command-fd 0 --edit-key "$keyId"
|
| ${gpg} --no-tty --command-fd 0 --edit-key "$keyId"
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,14 +14,14 @@
|
||||||
"https://keybase.io/rycee/pgp_keys.asc?fingerprint=36cacf52d098cc0e78fb0cb13573356c25c424d4";
|
"https://keybase.io/rycee/pgp_keys.asc?fingerprint=36cacf52d098cc0e78fb0cb13573356c25c424d4";
|
||||||
sha256 = "082mjy6llvrdry6i9r5gx97nw9d89blnam7bghza4ynsjk1mmx6c";
|
sha256 = "082mjy6llvrdry6i9r5gx97nw9d89blnam7bghza4ynsjk1mmx6c";
|
||||||
};
|
};
|
||||||
trust = 1;
|
trust = 1; # "unknown"
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
source = pkgs.fetchurl {
|
source = pkgs.fetchurl {
|
||||||
url = "https://www.rsync.net/resources/pubkey.txt";
|
url = "https://www.rsync.net/resources/pubkey.txt";
|
||||||
sha256 = "16nzqfb1kvsxjkq919hxsawx6ydvip3md3qyhdmw54qx6drnxckl";
|
sha256 = "16nzqfb1kvsxjkq919hxsawx6ydvip3md3qyhdmw54qx6drnxckl";
|
||||||
};
|
};
|
||||||
trust = 2;
|
trust = "never";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue