gitea: re-enable serverside GPG signing

This commit is contained in:
teutat3s 2023-03-05 15:58:28 +01:00
parent cc57376e7f
commit f0caf9b5a1
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -38,11 +38,10 @@
FROM = ''"pub.solar git server" <gitea@pub.solar>'';
USER = "admins@pub.solar";
};
# currently broken, gpg core dumps
#"repository.signing" = {
# SIGNING_KEY = "default";
# MERGES = "always";
#};
"repository.signing" = {
SIGNING_KEY = "default";
MERGES = "always";
};
openid = {
ENABLE_OPENID_SIGNIN = true;
ENABLE_OPENID_SIGNUP = true;
@ -54,10 +53,16 @@
};
};
# See: https://docs.gitea.io/en-us/signing/#installing-and-generating-a-gpg-key-for-gitea
# Required for gitea server side gpg signatures
# configured / setup manually in
# /var/lib/gitea/data/home/.gitconfig and
# configured/setup manually in:
# /var/lib/gitea/data/home/.gitconfig
# /var/lib/gitea/data/home/.gnupg/
# sudo su gitea
# export GNUPGHOME=/var/lib/gitea/data/home/.gnupg
# gpg --quick-gen-key 'pub.solar gitea <gitea@pub.solar>' ed25519
# TODO: implement declarative GPG key generation and
# gitea gitconfig
programs.gnupg.agent = {
enable = true;
pinentryFlavor = "curses";