From 7d45b0584aa941eb4178bd63058d222bfb84d56c Mon Sep 17 00:00:00 2001
From: Nathan McCarty <nathan@mccarty.io>
Date: Wed, 26 Apr 2023 01:24:42 -0400
Subject: [PATCH] Refactor git ssh signing

---
 home-manager/common/programs/core.nix | 10 ++++++++++
 home-manager/options.nix              |  1 +
 machines/productivity-vm/home.nix     | 14 ++++----------
 machines/wsl/home.nix                 | 13 ++++---------
 4 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/home-manager/common/programs/core.nix b/home-manager/common/programs/core.nix
index 00a75b1..3f7976e 100644
--- a/home-manager/common/programs/core.nix
+++ b/home-manager/common/programs/core.nix
@@ -74,6 +74,16 @@ with lib; {
           signByDefault = lib.mkDefault config.nathan.programs.util.git.gpgSign;
         };
       })
+    (mkIf (config.nathan.programs.util.git.enable
+      && config.nathan.programs.util.git.sshSign) {
+        programs.git = {
+          extraConfig = {
+            commit.gpgsign = true;
+            gpg.format = "ssh";
+            user.signingkey = "~/.ssh/id_ed25519.pub";
+          };
+        };
+      })
     (mkIf config.nathan.programs.util.git.enable {
       # Git adjacent packages
       home.packages = [
diff --git a/home-manager/options.nix b/home-manager/options.nix
index 9f0a68b..f8bf359 100644
--- a/home-manager/options.nix
+++ b/home-manager/options.nix
@@ -22,6 +22,7 @@ with nLib; {
             enable = mkEnableOptionT "git";
             gpgSign =
               mkDefaultOption "git signatures" config.nathan.config.isDesktop;
+            sshSign = mkDefaultOption "git ssh signatures" false;
           };
           # Bat configuration, enabled by default
           bat = mkEnableOptionT "bat";
diff --git a/machines/productivity-vm/home.nix b/machines/productivity-vm/home.nix
index 49df456..d58635c 100644
--- a/machines/productivity-vm/home.nix
+++ b/machines/productivity-vm/home.nix
@@ -7,7 +7,10 @@
     programs = {
       media.enable = false;
       util = { wine = true; };
-      git = { gpgSign = false; };
+      git = {
+        gpgSign = false;
+        sshSign = true;
+      };
       # games = { launcher = true; };
       # media.nicotineService = true;
     };
@@ -60,13 +63,4 @@
     # Lock mako notifs to main display
     output = "Virtual-1";
   };
-
-  # Setup git commit signing with ssh key
-  programs.git = {
-    extraConfig = {
-      commit.gpgsign = true;
-      gpg.format = "ssh";
-      user.signingkey = "~/.ssh/id_ed25519.pub";
-    };
-  };
 }
diff --git a/machines/wsl/home.nix b/machines/wsl/home.nix
index 1c01ed9..a19b412 100644
--- a/machines/wsl/home.nix
+++ b/machines/wsl/home.nix
@@ -9,7 +9,10 @@
       };
     };
     programs = {
-      util = { productivity = true; };
+      util = {
+        productivity = true;
+        git.sshSign = true;
+      };
       devel = {
         core = true;
         rust = true;
@@ -22,12 +25,4 @@
       };
     };
   };
-  # Setup git commit signing with ssh key
-  programs.git = {
-    extraConfig = {
-      commit.gpgsign = true;
-      gpg.format = "ssh";
-      user.signingkey = "~/.ssh/id_ed25519.pub";
-    };
-  };
 }