Nixos home-manager - program.git - error: gpg failed to sign the data


I use home-manager on nixos 20.03 and added

programs = {
home-manager = {
enable = true;

git = { 
  enable = true;
  userName  = "TL";
  userEmail = "m@g.e";

services = {
gpg-agent = {
enable = true;
defaultCacheTtl = 1800;
enableSshSupport = true;

when I try to git commit it results in

git commit -S -m "Update .. "
error: gpg failed to sign the data
fatal: failed to write commit object

You probably need to enable some options related to signing in git

which possible “submodules” are there to choose from (and with what intention)?

If the value of an option has type “submodule” that basically means it should be an attribute set that contains other known options. The attributes it expects are described below it in the Home Manager documentation. You likely only have to set programs.git.signing.key to the key that you want to use.

signing.key = “/home/user/.gnupg/pubring.kbx”;

does not work

You’ll want something like

programs.git.signing.key = "0x0123456789ABCDEF";

where the hexadecimal number matches your key in

$ gpg --list-keys m@g.e | grep pub

The Git manual describes the option in more detail.

there are only keys for root:

sudo gpg2 --list-keys 
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created

Should nixos creating a key through the config I made or do I have to do it manually?

You have to create yourself a gpg key pair manually.

Also, I suggest you enable programs.bash because it will setup the shell for you.

to see the sec key, I needed

gpg --list-secret-keys --keyid-format LONG