Crypto : Add GNUPGHOME tmpfs template.

module/common/Crypto.nix

@@ -10,6 +10,11 @@
 	# Extra packages.
 	environment.systemPackages = with pkgs; [
 		yubikey-manager  # Yubikey Manager.
-		yubioath-desktop # OTP.
+		# yubioath-desktop # OTP.
 	];
+
+	# Store GPG data on tmpfs.
+	environment.variables = {
+		# GNUPGHOME = "$(mktemp -d -t gnupg-$(date +%Y-%m-%d)-XXXXXXXXXX)";
+	};
 }

module/common/Git.nix

@@ -1,4 +1,4 @@
-{ ... }: {
+{ secret, ... }: {
 	programs.git = {
 		enable = true;
 		config = {
@@ -7,6 +7,8 @@
 			pull.rebase          = true;
 			push.autoSetupRemote = true;
 			rebase.autoStash     = true;
+			user.signingkey      = secret.crypto.sign.key;
+			gpg.format           = secret.crypto.sign.format;
 		};
 	};
 }

part/Secret.nix

@@ -7,4 +7,14 @@
 		"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBL5NAm8S97EtfB/7DPf5Xl3Cqi3PlSO1V0m7fknNzz root@laptop"
 		"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIL2LI1iFDZC223aWqBVz9yusfB/XrRwsBKiL5warIF/ nix-on-droid@phone"
 	];
+
+	crypto = {
+		sign = {
+			format = "ssh";
+			key    = "";
+		};
+		publicKeys = [
+
+		];
+	};
 }