Home-manager import public key from keyserver


Does anyone have any advice on using home-manger to automatically pull gpg public keys from a key-server and set ultimate trust?

I’ve tried:

gpgKey = pkgs.fetchurl {
  url = "https://xyz.....";
  sha256 = "xx";

Later followed by:

programs.gpg = {
  enable = true;
  publicKeys = [
    {source = ${gpgKey}; trust = 5;}

I receive the error “syntax error, unexpected DOLLAR_CURLY”

Tried several variation without luck. Any examples or suggestions? Thanks

fetchUrl returns a derivation and programs.gpg.publicKeys.*.source expects a path, so you can either use gpgKey.outPath or - most common- put the derivation in a string interpolation, so "${gpgKey}".

tldr: try putting double quotes around ${gpgKey}

Thank you @zarel. Simple yet perfect :slight_smile: