gitea: re-enable serverside GPG signing

This commit is contained in:
teutat3s 2023-03-05 15:58:28 +01:00
parent cc57376e7f
commit f0caf9b5a1
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -38,11 +38,10 @@
FROM = ''"pub.solar git server" <gitea@pub.solar>''; FROM = ''"pub.solar git server" <gitea@pub.solar>'';
USER = "admins@pub.solar"; USER = "admins@pub.solar";
}; };
# currently broken, gpg core dumps "repository.signing" = {
#"repository.signing" = { SIGNING_KEY = "default";
# SIGNING_KEY = "default"; MERGES = "always";
# MERGES = "always"; };
#};
openid = { openid = {
ENABLE_OPENID_SIGNIN = true; ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true; ENABLE_OPENID_SIGNUP = true;
@ -54,10 +53,16 @@
}; };
}; };
# See: https://docs.gitea.io/en-us/signing/#installing-and-generating-a-gpg-key-for-gitea
# Required for gitea server side gpg signatures # Required for gitea server side gpg signatures
# configured / setup manually in # configured/setup manually in:
# /var/lib/gitea/data/home/.gitconfig and # /var/lib/gitea/data/home/.gitconfig
# /var/lib/gitea/data/home/.gnupg/ # /var/lib/gitea/data/home/.gnupg/
# sudo su gitea
# export GNUPGHOME=/var/lib/gitea/data/home/.gnupg
# gpg --quick-gen-key 'pub.solar gitea <gitea@pub.solar>' ed25519
# TODO: implement declarative GPG key generation and
# gitea gitconfig
programs.gnupg.agent = { programs.gnupg.agent = {
enable = true; enable = true;
pinentryFlavor = "curses"; pinentryFlavor = "curses";