From b8d6e0d83a098b090d97f2eee0d3164377a93476 Mon Sep 17 00:00:00 2001
From: lonkaars <loek@pipeframe.xyz>
Date: Mon, 4 Mar 2024 13:51:20 +0100
Subject: fix git gpg commit signing

---
 .config/git/config           | 29 -----------------------------
 .config/git/config##template | 31 +++++++++++++++++++++++++++++++
 .local/share/bin/gpg-git     |  5 +++++
 .profile                     |  5 +++++
 4 files changed, 41 insertions(+), 29 deletions(-)
 delete mode 100644 .config/git/config
 create mode 100644 .config/git/config##template
 create mode 100755 .local/share/bin/gpg-git

diff --git a/.config/git/config b/.config/git/config
deleted file mode 100644
index a6b0949..0000000
--- a/.config/git/config
+++ /dev/null
@@ -1,29 +0,0 @@
-[user]
-	email = loek@pipeframe.xyz
-	name = lonkaars
-	signingkey = 1081FFE2B963ADB5BDCF4DA6D0E3BC76E355B6CC
-[credential]
-	helper = cache --timeout 7200
-	helper = store
-[color]
-	ui = true
-[filter "lfs"]
-	clean = git-lfs clean -- %f
-	smudge = git-lfs smudge -- %f
-	process = git-lfs filter-process
-	required = true
-[pull]
-	rebase = false
-[alias]
-	adda = add -A
-	a = add -A
-	c = commit
-	s = status
-	ps = push
-	pl = pull
-	l = log
-	d = diff
-[init]
-	defaultBranch = master
-[commit]
-	gpgsign = true
diff --git a/.config/git/config##template b/.config/git/config##template
new file mode 100644
index 0000000..09efdff
--- /dev/null
+++ b/.config/git/config##template
@@ -0,0 +1,31 @@
+[init]
+	defaultBranch = master
+[user]
+	email = loek@pipeframe.xyz
+	name = lonkaars
+	signingkey = {{ env.GPG_ID_GIT }}
+[commit]
+	gpgsign = true
+[gpg]
+	program = {{ env.XDG_DATA_HOME }}/bin/gpg-git
+[credential]
+	helper = cache --timeout 7200
+	helper = store
+[color]
+	ui = true
+[filter "lfs"]
+	clean = git-lfs clean -- %f
+	smudge = git-lfs smudge -- %f
+	process = git-lfs filter-process
+	required = true
+[pull]
+	rebase = false
+[alias]
+	adda = add -A
+	a = add -A
+	c = commit
+	s = status
+	ps = push
+	pl = pull
+	l = log
+	d = diff
diff --git a/.local/share/bin/gpg-git b/.local/share/bin/gpg-git
new file mode 100755
index 0000000..281b793
--- /dev/null
+++ b/.local/share/bin/gpg-git
@@ -0,0 +1,5 @@
+#!/bin/sh
+GPG_KEY_ID="$GPG_ID_GIT" # see ~/.profile
+GPG_KEY_PASSPHRASE="$(pass "gpg/$GPG_KEY_ID.asc" | head -n1)"
+echo "gpg $*" >> ~/gpg-git.txt
+gpg --batch --no-tty --pinentry-mode loopback --passphrase "$GPG_KEY_PASSPHRASE" "$@"
diff --git a/.profile b/.profile
index 83f2477..55c4cdd 100644
--- a/.profile
+++ b/.profile
@@ -92,6 +92,11 @@ export DOTNET_CLI_TELEMETRY_OPTOUT=1
 export _JAVA_OPTIONS="-Djava.util.prefs.userRoot=$XDG_CONFIG_HOME/java -Dawt.useSystemAAFontSettings=on -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel"
 export _JAVA_AWT_WM_NONREPARENTING=1
 
+# GPG key IDs
+export GPG_ID_DEFAULT="1081FFE2B963ADB5BDCF4DA6D0E3BC76E355B6CC"
+export GPG_ID_GIT="$GPG_ID_DEFAULT"
+export GPG_ID_PASSWORD_STORE="A12ADDD26335FA960FE3C78A9FC7A0100BC4C971"
+
 # secrets
 [ -f "$HOME/.env" ] && . "$HOME/.env"
 
-- 
cgit v1.2.3