]> git.sev.monster Git - dotfiles.git/commitdiff
add gpg, update install.sh, fix .zshenv.local
authorsev <git@sev.monster>
Thu, 8 Oct 2020 14:20:14 +0000 (09:20 -0500)
committersev <git@sev.monster>
Thu, 8 Oct 2020 14:30:53 +0000 (09:30 -0500)
gpg configs added and install.sh updated for them
gpg agent started under .zshenv
fixed .zshenv.local not being read
removed oboslete dabuild references from install.sh

base/.zshenv
gpg/gpg-agent.conf [new file with mode: 0644]
gpg/gpg.conf [new file with mode: 0644]
install.sh

index 1809f47b900231ab9b2a36cbdd773e5e10f2df61..46b0e662703896389e5ad0116e72992a6b9dff16 100644 (file)
@@ -23,15 +23,22 @@ export XDG_RUNTIME_DIR=~/tmp
 export PYTHONSTARTUP=~/.pythonrc
 ## perl
 (( ${+commands[perl]} )) && eval $(perl -I $XDG_DATA_HOME/perl5/lib/perl5 -Mlocal::lib=$XDG_DATA_HOME/perl5)
+## gpg
+export GPG_TTY=$(tty)
+if [[ ! -v SSH_AUTH_SOCK ]] {
+       # set up SSH auth socket and start GPG agent
+       export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
+}
+gpg-connect-agent updatestartuptty /bye >/dev/null
 
 ### freebsd
-if [[ "$OSTYPE" =~ "^freebsd" ]]; then
+if [[ "$OSTYPE" =~ "^freebsd" ]] {
        export CLICOLOR=
        export LS_COLORS='di=34:ln=35:so=32:pi=33:ex=31:bd=46;34:cd=43;34:su=41;30:sg=46;30:tw=42;30:ow=43;30'
-fi
+}
 
 ### load site-specific
-if [[ -e "~/.zshenv.local" ]] && [[ ! -v _ZSHENV_LOADED ]] {
+if [[ -f ~/.zshenv.local ]] && [[ ! -v _ZSHENV_LOADED ]] {
        export _ZSHENV_LOADED=
        source ~/.zshenv.local
 }
diff --git a/gpg/gpg-agent.conf b/gpg/gpg-agent.conf
new file mode 100644 (file)
index 0000000..7b6f994
--- /dev/null
@@ -0,0 +1,3 @@
+enable-ssh-support
+default-cache-ttl 0
+pinentry-program /usr/bin/pinentry-x11
diff --git a/gpg/gpg.conf b/gpg/gpg.conf
new file mode 100644 (file)
index 0000000..0b30d7a
--- /dev/null
@@ -0,0 +1,43 @@
+# cryptography preferences
+personal-cipher-preferences AES256 AES192 AES
+personal-digest-preferences SHA512 SHA384 SHA256
+personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
+default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
+# key signing algo
+cert-digest-algo SHA512
+# symmetric operations algos
+s2k-digest-algo SHA512
+s2k-cipher-algo AES256
+
+# general
+expert
+charset utf-8
+use-agent
+default-key 0x747327ED5BA43ED5
+trusted-key 0x747327ED5BA43ED5
+
+# visual
+no-greeting
+keyid-format 0xlong
+list-options show-uid-validity
+verify-options show-uid-validity show-keyserver-urls
+with-fingerprint
+with-keygrip
+with-key-origin
+
+# hardening
+# disable caching of passphrase for symmetrical ops
+no-symkey-cache
+# disable recipient key ID in messages
+throw-keyids
+
+# keyservers
+keyserver hkps://keys.openpgp.org
+keyserver hkps://hkps.pool.sks-keyservers.net
+keyserver hkps://pgp.ocf.berkeley.edu
+keyserver hkps://pgp.mit.edu
+keyserver hkps://keyring.debian.org
+keyserver hkps://keyserver.ubuntu.com
+keyserver hkps://attester.flowcrypt.com
+keyserver hkps://zimmermann.mayfirst.org
+keyserver-options auto-key-retrieve
index 23a19100b0e37ddf97cc31f8e328fd660b7b464d..25e094a1845ce034326a6673ac67c934cf4565d8 100755 (executable)
@@ -21,7 +21,7 @@ fi
 
 # create preferred folder structure
 cd ~
-mkdir -p bin etc share share/fonts .urxvt/ext .icons .themes >$devnull 2>&1
+mkdir -p bin etc share share/fonts .urxvt/ext .icons .themes .gnupg >$devnull 2>&1
 mkdir -pm 700 var/tmp var/tmp/vim >$devnull 2>&1
 cd - >$devnull
 
@@ -47,16 +47,12 @@ l() {
 find base -mindepth 1 -maxdepth 1 | while read -r x; do
        l "$HOME/`basename "$x"`"
 done
-# requires existing source tree and `make dabuild`
-for x in dabuild dabuild-admin; do
-       x="$HOME/src/docker-abuild/$x"
-       if [ -e "$x" ]; then
-               l "$HOME/bin/`basename "$x"`" "$x"
-       fi
-done
 find bin share -mindepth 1 -maxdepth 1 | while read -r x; do
        l "$HOME/$x"
 done
+find fonts -mindepth 1 -maxdepth 1 -type d | while read -r x; do
+       l "$HOME/share/fonts/`basename "$x"`"
+done
 find xdg -mindepth 1 -maxdepth 1 | while read -r x; do
        l "$HOME/etc/`basename "$x"`"
 done
@@ -74,9 +70,14 @@ done
 find xorg/themes -mindepth 1 -maxdepth 1 -type d | while read -r x; do
        l "$HOME/.themes/`basename "$x"`"
 done
-find fonts -mindepth 1 -maxdepth 1 -type d | while read -r x; do
-       l "$HOME/share/fonts/`basename "$x"`"
+find gpg -mindepth 1 -maxdepth 1 \! -name '*.gpg' | while read -r x; do
+       l "$HOME/.gnupg/`basename "$x"`"
 done
+if which gpg >/dev/null; then
+       find gpg -mindepth 1 -maxdepth 1 -name '*.gpg' | while read -r x; do
+               gpg --import "$x"
+       done
+fi
 
 # run .zprofile to set up tmp
 # .zprofile also sources .zshenv for compatibility
This page took 0.073883 seconds and 4 git commands to generate.