diff options
author | Alan Pearce | 2017-02-22 10:28:31 +0100 |
---|---|---|
committer | Alan Pearce | 2017-02-22 10:28:31 +0100 |
commit | 8ea44e87da66487793cd8cf886d1ded87d124d1f (patch) | |
tree | 4fe9a7d4a95bcc8b7ccaeb063c2048e8eae7b4c9 /tag-emacs | |
parent | 24ec8ea3b03d84b22b25ebd895abc0e9ef07dfa5 (diff) | |
download | nixfiles-8ea44e87da66487793cd8cf886d1ded87d124d1f.tar.lz nixfiles-8ea44e87da66487793cd8cf886d1ded87d124d1f.tar.zst nixfiles-8ea44e87da66487793cd8cf886d1ded87d124d1f.zip |
Add system for loading extra encrypted configuration
Diffstat (limited to 'tag-emacs')
-rw-r--r-- | tag-emacs/emacs.d/init.org | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/tag-emacs/emacs.d/init.org b/tag-emacs/emacs.d/init.org index cf71075e..9a8c298e 100644 --- a/tag-emacs/emacs.d/init.org +++ b/tag-emacs/emacs.d/init.org @@ -1251,6 +1251,59 @@ rather useful. (bind-key* "C-x r M-w" #'copy-rectangle) #+END_SRC +** Auxillary Configuration + +#+BEGIN_SRC emacs-lisp +;; (require 'pinentry) +;; (require 'epa) + +(defvar have-private-key + (file-exists-p (expand-file-name "secring.gpg" "~/.gnupg/"))) + +(defvar gpg-agent-ssh-sock + (or (getenv "GPG_AGENT_INFO") + (concat "/run/user/" (number-to-string (user-uid)) "/gnupg/S.gpg-agent.ssh"))) + +(defun read-gpg-file (file) + (let ((file-to-decrypt (expand-file-name file user-emacs-directory)) + (ctx (epg-make-context epa-protocol))) + (if (file-exists-p file-to-decrypt) + (epg-decrypt-file ctx file-to-decrypt nil) + (message "Decrypting %s...failed" file-to-decrypt) + (error "File %s does not exist" file-to-decrypt)))) + +(defun load-gpg (file) + (if have-private-key + (load file) + (message "WARNING: Couldn't load %s (No gpg key found)" file))) + +; load this in a post-frame hook because gpg-agent asks for a password on first +; startup and caches it. Don't want emacs daemon to hang because of gpg-agent. +(defun load-private-data () + (interactive) + (if (not have-private-key) + (message "ERROR: Private GPG key not found") + (unless (getenv "GPG_AGENT_INFO") + (start-process "gpg-agent" nil "gpg-agent" "--daemon") + (setenv "SSH_AUTH_SOCK" gpg-agent-ssh-sock)) + (setq password-cache-expiry nil + pinentry--socket-dir temporary-file-directory) + (unless (file-exists-p (concat pinentry--socket-dir "pinentry")) + (pinentry-start) + (add-hook 'kill-emacs-hook 'pinentry-stop)) + (add-to-list 'load-suffixes ".el.gpg") + (load-gpg "private") + (kill-buffer "*Pinentry*"))) + +(defun first-frame-hook (frame) + (remove-hook 'after-make-frame-functions 'first-frame-hook) + (run-at-time nil nil 'load-private-data)) + +(add-hook 'after-make-frame-functions 'first-frame-hook) +#+END_SRC + + + * Minibuffer Sometimes I want to use the minibuffer, but I’m already inside it. |