From 1d60d94dccc191964a96e6e7d7363f83b0ead438 Mon Sep 17 00:00:00 2001
From: Mikael Voss <mvs@nyantec.com>
Date: Sat, 24 Aug 2024 18:15:18 +0200
Subject: [PATCH] home: Set SSH signing key correctly

---
 home/config/nil/home.nix | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/home/config/nil/home.nix b/home/config/nil/home.nix
index ae14f09..37d73b5 100644
--- a/home/config/nil/home.nix
+++ b/home/config/nil/home.nix
@@ -159,7 +159,9 @@ in {
     '';
   };
 
-  programs.git = {
+  programs.git = let
+    key = "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICczPHRwY9MAwDGlcB0QgMOJjcpLJhVU3covrW9RBS62AAAABHNzaDo=";
+  in {
     enable = true;
     #delta.enable = true;
 
@@ -172,7 +174,7 @@ in {
         fsync = "committed";
       };
 
-      user.signingKey = "key::sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICczPHRwY9MAwDGlcB0QgMOJjcpLJhVU3covrW9RBS62AAAABHNzaDo= primary";
+      user.signingKey = "key::${key}";
 
       init.defaultBranch = "main";
       pull.rebase = true;
@@ -181,7 +183,7 @@ in {
 
       gpg.format = "ssh";
       gpg.ssh.allowedSignersFile = toString (pkgs.writeText "allowed-signers" ''
-        ${config.programs.git.userEmail} AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAICczPHRwY9MAwDGlcB0QgMOJjcpLJhVU3covrW9RBS62AAAABHNzaDo=
+        ${config.programs.git.userEmail} ${key}
       '');
       commit.gpgSign = true;
       tag.gpgSign = true;