From 7e28f6844448c337f68d860c908d7ea48b9910fa Mon Sep 17 00:00:00 2001
From: Dmitry Voronin <hi@voronind.com>
Date: Wed, 10 Apr 2024 11:55:19 +0300
Subject: [PATCH] Git : Configure log to show signatures.

---
 module/common/Git.nix             | 15 ++++++++-------
 module/common/bash/module/Git.nix |  2 +-
 part/Secret.nix                   |  5 +++--
 part/secret/public/Signers.key    |  1 +
 4 files changed, 13 insertions(+), 10 deletions(-)
 create mode 100644 part/secret/public/Signers.key

diff --git a/module/common/Git.nix b/module/common/Git.nix
index acf17d5..7c51fcd 100644
--- a/module/common/Git.nix
+++ b/module/common/Git.nix
@@ -2,13 +2,14 @@
 	programs.git = {
 		enable = true;
 		config = {
-			credential.helper    = "store";
-			init.defaultBranch   = "main";
-			pull.rebase          = true;
-			push.autoSetupRemote = true;
-			rebase.autoStash     = true;
-			user.signingkey      = builtins.readFile secret.crypto.sign.key;
-			gpg.format           = secret.crypto.sign.format;
+			credential.helper          = "store";
+			init.defaultBranch         = "main";
+			pull.rebase                = true;
+			push.autoSetupRemote       = true;
+			rebase.autoStash           = true;
+			user.signingkey            = builtins.readFile secret.crypto.sign.key;
+			gpg.ssh.allowedSignersFile = toString(secret.crypto.sign.allowed);
+			gpg.format                 = secret.crypto.sign.format;
 		};
 	};
 }
diff --git a/module/common/bash/module/Git.nix b/module/common/bash/module/Git.nix
index 49bae66..578baba 100644
--- a/module/common/bash/module/Git.nix
+++ b/module/common/bash/module/Git.nix
@@ -26,7 +26,7 @@
 
 		# Git log.
 		function gl() {
-			git log "''${@}"
+			git log --show-signature "''${@}"
 		}
 
 		# Git status.
diff --git a/part/Secret.nix b/part/Secret.nix
index 605fba0..0d54bc3 100644
--- a/part/Secret.nix
+++ b/part/Secret.nix
@@ -11,8 +11,9 @@
 
 	crypto = {
 		sign = {
-			format = "ssh";
-			key    = ./secret/public/Ssh.key;
+			format  = "ssh";
+			key     = ./secret/public/Ssh.key;
+			allowed = ./secret/public/Signers.key;
 		};
 		publicKeys = [
 			./secret/public/Gpg.key
diff --git a/part/secret/public/Signers.key b/part/secret/public/Signers.key
new file mode 100644
index 0000000..be20b6c
--- /dev/null
+++ b/part/secret/public/Signers.key
@@ -0,0 +1 @@
+*@voronind.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEYEf391IwXxQC+kVtpM/GetqN3XKzl0EYag8HbQcnDky6JGAJ5y3E0kADAzTpRcZcMtzUa0i0MxhuVu+zfWP0zwtyTafurzkFTy1jZyroO5gOcq/MMr7r9Y/2EqKsvMGYHhHN4fbj7ZBwcbIsP/tajqmp0z4E6FRQZO0X5XIF9S8lBLXBKctCbwnNdcxigwrCPN23wgtt/VHVLI31vd2kqLG3J1y7PTrsi/8OFRhJNanDV524pVcscjbwhRAS3BgdIWYXnwChls2touEXZA+B5k2RJBGGWT5b5WWmW6RQ+675kgQvGem8tOvwUSsQnCNW/Dv/5p18uvxJpc+FElYchMzcNxdnsAGogkOaJK/IMbyIKxxZ8TBtuQzxJh7KANb9oI4LCBz6rFjTTh1Hvc6Y7CCsWxN9TB0jkNCcK2IbopTm6NZ0oAgSS9qgCT3g4UXcnOIEJ+8cUH1dCZYIvgzk75Bk6A/VqwuRVjQehUjWjTcthoxcss3kG5yvK8LZKpn1JfLh148YzFBMxNlKndWycsqsb1W+KoTo+lu6x0uRplh9O5vZDJgoKVUYI/vW1BZ9/GsaMG8EBReInsqnFRMR5i2wxRH+KAgX600XP6gD6ik/1BWs/VH5vQEktjXMEW+4TdlbVsSTeoWje9Opv/881UeXJ+GZEq19Q49h58fMBw== openpgp:0xDCE51BCE