From a15c05491ea0b1eea57d8a7a18a195679b1eea3f Mon Sep 17 00:00:00 2001
From: Noah Masur <7386960+nmasur@users.noreply.github.com>
Date: Tue, 26 Mar 2024 13:07:26 -0400
Subject: [PATCH] git ssh signing

---
 modules/common/shell/git.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/common/shell/git.nix b/modules/common/shell/git.nix
index 82b593b..631bade 100644
--- a/modules/common/shell/git.nix
+++ b/modules/common/shell/git.nix
@@ -38,6 +38,12 @@ in {
           push = { autoSetupRemote = "true"; };
           init = { defaultBranch = "master"; };
           rebase = { autosquash = "true"; };
+          gpg = {
+            format = "ssh";
+            ssh.allowedSignersFile = "~/.config/git/allowed-signers";
+          };
+          commit.gpgsign = true;
+          tag.gpgsign = true;
         };
         ignores = [ ".direnv/**" "result" ];
         includes = [{
@@ -52,6 +58,11 @@ in {
         [user]
             name = "${config.fullName}"
             email = "7386960+nmasur@users.noreply.github.com"
+            signingkey = ~/.ssh/id_ed25519
+      '';
+
+      xdg.configFile."git/allowed-signers".text = ''
+        7386960+nmasur@users.noreply.github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s
       '';
 
       programs.fish.shellAbbrs = {