aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIgor Pashev <pashev.igor@gmail.com>2016-11-16 18:18:38 +0300
committerIgor Pashev <pashev.igor@gmail.com>2016-11-16 18:18:38 +0300
commit6892709b0772291f359a6b8fab71d1d33860756a (patch)
tree01fec0c547616705c45135c0cdbd6fd71ff6ee38
parent5d05fae6a3a3b49961f15ca55ce9e6a31bea758d (diff)
downloadnixsap-6892709b0772291f359a6b8fab71d1d33860756a.tar.gz
nixpkgs 16.09: *backup: use pubring.kbx
https://www.gnupg.org/faq/whats-new-in-2.1.html If no pubring.gpg is found, gpg defaults to the new keybox format and creates a pubring.kbx keybox file. If such a keybox file already exists, for example due to the use of gpgsm, it will also be used for OpenPGP keys. However, if a pubring.gpg is found and no keybox file with OpenPGP keys exists, the old pubring.gpg will be used. Take care: GnuPG versions before 2.1 will always use the pubring.gpg file and not know anything about keys stored in the keybox file.
-rw-r--r--modules/apps/filebackup.nix6
-rw-r--r--modules/apps/mysqlbackup.nix6
-rw-r--r--modules/apps/pgbackup.nix6
3 files changed, 9 insertions, 9 deletions
diff --git a/modules/apps/filebackup.nix b/modules/apps/filebackup.nix
index ec3d84d..badc707 100644
--- a/modules/apps/filebackup.nix
+++ b/modules/apps/filebackup.nix
@@ -17,9 +17,9 @@ let
gpgPubKeys = flatten [ cfg.encrypt ];
gpg = "${pkgs.gpg}/bin/gpg2";
- pubring = pkgs.runCommand "pubring.gpg" {} ''
+ pubring = pkgs.runCommand "pubring.kbx" {} ''
${gpg} --homedir . --import ${toString gpgPubKeys}
- cp pubring.gpg $out
+ cp pubring.kbx $out
'';
default = d: t: mkOption { type = t; default = d; };
@@ -175,7 +175,7 @@ let
${optionalString (gpgPubKeys != []) ''
# shellcheck disable=SC2174
mkdir --mode=0700 -p '${privateDir}/gnupg'
- ln -sf ${pubring} '${privateDir}/gnupg/pubring.gpg'
+ ln -sf ${pubring} '${privateDir}/gnupg/pubring.kbx'
''}
failed=0
diff --git a/modules/apps/mysqlbackup.nix b/modules/apps/mysqlbackup.nix
index e7d81eb..5ab0f74 100644
--- a/modules/apps/mysqlbackup.nix
+++ b/modules/apps/mysqlbackup.nix
@@ -15,9 +15,9 @@ let
gpgPubKeys = flatten [ cfg.encrypt ];
gpg = "${pkgs.gpg}/bin/gpg2";
- pubring = pkgs.runCommand "pubring.gpg" {} ''
+ pubring = pkgs.runCommand "pubring.kbx" {} ''
${gpg} --homedir . --import ${toString gpgPubKeys}
- cp pubring.gpg $out
+ cp pubring.kbx $out
'';
default = d: t: mkOption { type = t; default = d; };
@@ -287,7 +287,7 @@ let
${optionalString (gpgPubKeys != []) ''
# shellcheck disable=SC2174
mkdir --mode=0700 -p '${privateDir}/gnupg'
- ln -sf ${pubring} '${privateDir}/gnupg/pubring.gpg'
+ ln -sf ${pubring} '${privateDir}/gnupg/pubring.kbx'
''}
${concatStringsSep "\n" (
diff --git a/modules/apps/pgbackup.nix b/modules/apps/pgbackup.nix
index 7f7c7ca..099fe35 100644
--- a/modules/apps/pgbackup.nix
+++ b/modules/apps/pgbackup.nix
@@ -17,9 +17,9 @@ let
gpgPubKeys = flatten [ cfg.encrypt ];
gpg = "${pkgs.gpg}/bin/gpg2";
- pubring = pkgs.runCommand "pubring.gpg" {} ''
+ pubring = pkgs.runCommand "pubring.kbx" {} ''
${gpg} --homedir . --import ${toString gpgPubKeys}
- cp pubring.gpg $out
+ cp pubring.kbx $out
'';
default = d: t: mkOption { type = t; default = d; };
@@ -224,7 +224,7 @@ let
${optionalString (gpgPubKeys != []) ''
# shellcheck disable=SC2174
mkdir --mode=0700 -p '${privateDir}/gnupg'
- ln -sf ${pubring} '${privateDir}/gnupg/pubring.gpg'
+ ln -sf ${pubring} '${privateDir}/gnupg/pubring.kbx'
''}
failed=0