encryption -> (passwords, pinentry)

4 years ago · 1d5e96acf8
6 changed files with 118 additions and 110 deletions
--- a/README.org
+++ b/README.org
@ -33,7 +33,7 @@ All of the options available for configuration are defined here. They may be ove
    feeds
    media
    terminal
-    encryption 
+    passwords pinentry 
    desktop
    writing 
    presentations
--- a/docs/tasks.org.gpg
+++ b/docs/tasks.org.gpg
--- a/init.el
+++ b/init.el
@ -11,7 +11,7 @@
    feeds
    media
    terminal
-    encryption 
+    passwords pinentry 
    desktop
    writing 
    presentations
--- a/modules/encryption.org
+++ b/modules/encryption.org
@ -1,108 +0,0 @@
-#+TITLE: Encryption
-#+AUTHOR: Christopher James Hayward
-#+EMAIL: chris@chrishayward.xyz
-
-#+PROPERTY: header-args:emacs-lisp :tangle encryption.el :comments org
-#+PROPERTY: header-args:shell      :tangle no
-#+PROPERTY: header-args            :results silent :eval no-export :comments org
-
-#+OPTIONS: num:nil toc:nil todo:nil tasks:nil tags:nil
-#+OPTIONS: skip:nil author:nil email:nil creator:nil timestamp:nil
-
-My source files encrypted with symmetric key encryption via *GPG*[fn:1]. This enables my workflow of storing my personal notes anywhere, including checked in to a public source repository. Emacs can cache the *GPG*[fn:1] password if you trust your session. *Pinentry*[fn:2] handled within Emacs to remain compatible without the [[file:desktop.org][Desktop]] module.
-
-* Configuring the gpg-agent
-:PROPERTIES:
-:header-args: :tangle ../config/gpg-agent.conf
-:END:
-
-When the *gpg-agent*[fn:1] loads it will read the configuration at ~~/.gnupg/gpg-agent.conf~. Override the default settings to allow Emacs to function as the *Pinentry*[fn:2] application.
-
-#+begin_src conf
-allow-emacs-pinentry
-allow-loopback-pinentry
-#+end_src
-
-** Restarting the gpg-agent
-
-You may need to restart the *gpg-agent*[fn:1] to load the configuration without rebooting.
-
-#+begin_src shell
-gpgconf --reload gpg-agent
-#+end_src
-
-** Creating a symbolic link
-
-Create the symbolic link to the configuration file 
-
-#+begin_src emacs-lisp
-(dotfiles/symlink "~/.emacs.d/config/gpg-agent.conf"
-                  "~/.gnupg/gpg-agent.conf")
-#+end_src
-
-* Setting up pinentry in Emacs
-
-With the *Pinentry*[fn:2] package for Emacs prompts will now appear in the minibuffer. Increase the minimum prime bit size to increase performance during symmetric encryption.
-
-#+begin_src emacs-lisp
-(use-package pinentry
-  :custom (epa-file-select-keys 2)
-          (gnutls-min-prime-bits 4096)
-          (epa-pinentry-mode 'loopback)
-          (epa-file-encrypt-to dotfiles/public-key)
-          (epa-file-cache-passphrase-for-symmetric-encryption t)
-  :config (pinentry-start))
-#+end_src
-
-** Including *.gpg files
-
-Override ~org-agenda-file-regexp~ to include =.org.gpg= files.
-
-#+begin_src emacs-lisp
-(unless (string-match-p "\\.gpg" org-agenda-file-regexp)
-  (setq org-agenda-file-regexp
-    (replace-regexp-in-string "\\\\\\.org" "\\\\.org\\\\(\\\\.gpg\\\\)?"
-      org-agenda-file-regexp)))
-#+end_src
-
-** Encrypting roam files
-
-Irrelevant without the [[file:writing.org][Writing]] module, encrypt new files from capture templates.
-
-#+begin_src emacs-lisp
-(with-eval-after-load 'org-roam
-  (setq org-roam-encrypt-files t))
-#+end_src
-
-* Managing passwords
-
-*Pass*[fn:3] makes managing passwords easy, encrypring them in a file structure and providing easy commands for generating, modify, and copying passwords. *Password-store.el*[fn:4] provides a wrapper for the functionality within Emacs.
-
-#+begin_src emacs-lisp
-(use-package password-store
-  :custom (password-store-dir dotfiles/passwords))
-#+end_src
-
-Configure keybindings behind =SPC p=.
-
-+ Copy with =p=
-+ Rename with =r=
-+ Generate with =g=
-
-#+begin_src emacs-lisp
-(dotfiles/leader
-  "p" '(:ignore t :which-key "Passwords")
-  "pp" '(password-store-copy :which-key "Copy")
-  "pr" '(password-store-rename :which-key "Rename")
-  "pg" '(password-store-generate :which-key "Generate"))
-#+end_src
-
-* Footnotes
-
-[fn:1] https://gnupg.org
-
-[fn:2] https://elpa.gnu.org/packages/pinentry.html
-
-[fn:3] https://passwordstore.org
-
-[fn:4] https://git.zx2c4.com/password-store/tree/contrib/emacs
--- a/modules/passwords.org
+++ b/modules/passwords.org
@ -0,0 +1,47 @@
+#+TITLE: Passwords
+#+AUTHOR: Christopher James Hayward
+#+EMAIL: chris@chrishayward.xyz
+
+#+PROPERTY: header-args:emacs-lisp :tangle passwords.el :comments org
+#+PROPERTY: header-args:shell      :tangle no
+#+PROPERTY: header-args            :results silent :eval no-export :comments org
+
+#+OPTIONS: num:nil toc:nil todo:nil tasks:nil tags:nil
+#+OPTIONS: skip:nil author:nil email:nil creator:nil timestamp:nil
+
+Password management inside of Emacs.
+
+* Setup
+
+Install ~pass~ on the system.
+
+#+begin_src shell
+RUN apt install pass
+#+end_src
+
+* Config
+
+Encrypted passwords are stored inside files, in a file structure providing easy commands for generating, modifying, and copying passwords. ~password-store.el~ provides a wrapper for the functionality within Emacs.
+
+#+begin_src emacs-lisp
+(use-package password-store
+  :custom (password-store-dir dotfiles/passwords))
+#+end_src
+
+* Shortcuts
+
+Configure keybindings behind =SPC p=:
+
+ Copy with =p=
+ Rename with =r=
+ Generate with =g=
+
+#+begin_src emacs-lisp
+(dotfiles/leader
+  "p" '(:ignore t :which-key "Passwords")
+  "pp" '(password-store-copy :which-key "Copy")
+  "pr" '(password-store-rename :which-key "Rename")
+  "pg" '(password-store-generate :which-key "Generate"))
+#+end_src
+
+* Footnotes
--- a/modules/pinentry.org
+++ b/modules/pinentry.org
@ -0,0 +1,69 @@
+#+TITLE: Pinentry
+#+AUTHOR: Christopher James Hayward
+#+EMAIL: chris@chrishayward.xyz
+
+#+PROPERTY: header-args:emacs-lisp :tangle pinentry.el :comments org
+#+PROPERTY: header-args:shell      :tangle no
+#+PROPERTY: header-args            :results silent :eval no-export :comments org
+
+#+OPTIONS: num:nil toc:nil todo:nil tasks:nil tags:nil
+#+OPTIONS: skip:nil author:nil email:nil creator:nil timestamp:nil
+
+Handle GPG pinentry within Emacs.
+
+* Setup
+:PROPERTIES:
+:header-args: :tangle ../config/gpg-agent.conf
+:END:
+
+When the ~gpg-agent~ loads it will read the configuration at =~/.gnupg/gpg-agent.conf=. Override the default settings to allow Emacs to function as the Pinentry application.
+
+#+begin_src conf
+allow-emacs-pinentry
+allow-loopback-pinentry
+#+end_src
+
+You may need to restart the ~gpg-agent~ to load the configuration without rebooting.
+
+#+begin_src shell :tangle nil
+gpgconf --reload gpg-agent
+#+end_src
+
+* Config
+
+Create the symbolic link to the configuration file.
+
+#+begin_src emacs-lisp
+(dotfiles/symlink "~/.emacs.d/config/gpg-agent.conf"
+                  "~/.gnupg/gpg-agent.conf")
+#+end_src
+
+With the ~pinentry~ package for Emacs prompts will now appear in the minibuffer. Increase the minimum prime bit size to increase performance during symmetric encryption.
+
+#+begin_src emacs-lisp
+(use-package pinentry
+  :custom (epa-file-select-keys 2)
+          (gnutls-min-prime-bits 4096)
+          (epa-pinentry-mode 'loopback)
+          (epa-file-encrypt-to dotfiles/public-key)
+          (epa-file-cache-passphrase-for-symmetric-encryption t)
+  :config (pinentry-start))
+#+end_src
+
+Override ~org-agenda-file-regexp~ to include =.org.gpg= files.
+
+#+begin_src emacs-lisp
+(unless (string-match-p "\\.gpg" org-agenda-file-regexp)
+  (setq org-agenda-file-regexp
+    (replace-regexp-in-string "\\\\\\.org" "\\\\.org\\\\(\\\\.gpg\\\\)?"
+      org-agenda-file-regexp)))
+#+end_src
+
+Encrypt new files from capture templates.
+
+#+begin_src emacs-lisp
+(with-eval-after-load 'org-roam
+  (setq org-roam-encrypt-files t))
+#+end_src
+
+* Footnotes