7 changed files with 22 additions and 48 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -8,7 +8,6 @@ keys:
  - &matrix age1pm647k04hhwm2dmqh07hnzflkurfevefcyf8xlhmc83a07n77e3sltyt0d
  - &tounge age15vjvppw2gzjwmtlptefhrhqtjyu0a07v488a9s25a3k2vtpqc9uqvw6vl6
  - &fusion age1fe57fel46lk5n9t34lh5nl909gk88trwy9ttgxqk3up9d83wxsnsdmuu3a
-  - &productivity-vm age1n5g03x8p54kzx9nktqgasjugqjydz8u0rw9zcdx5l9c486h3me6qtnh57s
 creation_rules:
  - path_regex: secrets/all/.*
    key_groups:
@ -21,7 +20,6 @@ creation_rules:
          - *matrix
          - *tounge
          - *fusion
-          - *productivity-vm
  - path_regex: secrets/levitation
    key_groups:
      - age:
--- a/home-manager/common/programs/core.nix
+++ b/home-manager/common/programs/core.nix
@ -74,16 +74,6 @@ with lib; {
          signByDefault = lib.mkDefault config.nathan.programs.util.git.gpgSign;
        };
      })
-    (mkIf (config.nathan.programs.util.git.enable
-      && config.nathan.programs.util.git.sshSign) {
-        programs.git = {
-          extraConfig = {
-            commit.gpgsign = true;
-            gpg.format = "ssh";
-            user.signingkey = "~/.ssh/id_ed25519.pub";
-          };
-        };
-      })
    (mkIf config.nathan.programs.util.git.enable {
      # Git adjacent packages
      home.packages = [
--- a/home-manager/options.nix
+++ b/home-manager/options.nix
@ -22,7 +22,6 @@ with nLib; {
            enable = mkEnableOptionT "git";
            gpgSign =
              mkDefaultOption "git signatures" config.nathan.config.isDesktop;
-            sshSign = mkDefaultOption "git ssh signatures" false;
          };
          # Bat configuration, enabled by default
          bat = mkEnableOptionT "bat";
--- a/info/ssh-keys.nix
+++ b/info/ssh-keys.nix
@ -1,23 +0,0 @@
-{ config, lib, pkgs }: rec {
-  keys = {
-    # yubikey ssh key
-    "yubikey" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRs6zVljIlQEZ8F+aEBqqbpeFJwCw3JdveZ8TQWfkev cardno:000615938515";
-    # WSL key
-    "wsl" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXEV5lvLQ1CcPuJANv5AiYxtcRFEYXD5nODCazWnYC5 nathan@mccarty.io";
-    # Phone key
-    "phone" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFR0zpmBCb0iEOeeI6SBwgucddNzccfQ5Zmdgib5iSmF nix-on-droid@localhost";
-    # Tablet key
-    "tablet" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKltqneJjfdLjOvnWQC2iP7hP7aTYkURPiR8LFjB7z87 nix-on-droid@localhost";
-    # Macbook key
-    "extremophile" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLIZC4A4OhpTvfoL5jeMb1Ong9CwZ/URCYZL6y4Gp7b nathan@extremophile.local";
-    # vm key
-    "productivity-vm" =
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMgtdTJThr5/vfUswQb3ee6A++W1OxAOGFQJTE8xDuHv nathan@productivity-vm";
-  };
-  list = builtins.attrValues keys;
-}
--- a/machines/productivity-vm/home.nix
+++ b/machines/productivity-vm/home.nix
@ -7,10 +7,6 @@
    programs = {
      media.enable = false;
      util = { wine = true; };
-      git = {
-        gpgSign = false;
-        sshSign = true;
-      };
      # games = { launcher = true; };
      # media.nicotineService = true;
    };
--- a/machines/wsl/home.nix
+++ b/machines/wsl/home.nix
@ -9,10 +9,7 @@
      };
    };
    programs = {
-      util = {
-        productivity = true;
-        git.sshSign = true;
-      };
+      util = { productivity = true; };
      devel = {
        core = true;
        rust = true;
@ -25,4 +22,12 @@
      };
    };
  };
+  # Setup git commit signing with ssh key
+  programs.git = {
+    extraConfig = {
+      commit.gpgsign = true;
+      gpg.format = "ssh";
+      user.signingkey = "~/.ssh/id_ed25519.pub";
+    };
+  };
 }
--- a/modules/linux/user.nix
+++ b/modules/linux/user.nix
@ -1,7 +1,5 @@
 { config, lib, pkgs, ... }:
-let
-  nc = config.nathan.config;
-  ssh = import ../../info/ssh-keys.nix { };
+let nc = config.nathan.config;
 in with lib; {
  config = mkMerge [
    {
@ -34,7 +32,18 @@ in with lib; {
            ];
            hashedPassword =
              "$6$ShBAPGwzKZuB7eEv$cbb3erUqtVGFo/Vux9UwT2NkbVG9VGCxJxPiZFYL0DIc3t4GpYxjkM0M7fFnh.6V8MoSKLM/TvOtzdWbYwI58.";
-            openssh.authorizedKeys.keys = ssh.list;
+            openssh.authorizedKeys.keys = [
+              # yubikey ssh key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRs6zVljIlQEZ8F+aEBqqbpeFJwCw3JdveZ8TQWfkev cardno:000615938515"
+              # WSL key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGXEV5lvLQ1CcPuJANv5AiYxtcRFEYXD5nODCazWnYC5 nathan@mccarty.io"
+              # Phone key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFR0zpmBCb0iEOeeI6SBwgucddNzccfQ5Zmdgib5iSmF nix-on-droid@localhost"
+              # Tablet key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKltqneJjfdLjOvnWQC2iP7hP7aTYkURPiR8LFjB7z87 nix-on-droid@localhost"
+              # Macbook key
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLIZC4A4OhpTvfoL5jeMb1Ong9CwZ/URCYZL6y4Gp7b nathan@extremophile.local"
+            ];
          })
        ];
      };