Versionning configuration Nixos


#1

Hi everyone !
I try to versioned my Nixos configuration but when I want do sign my commit with a sudo git command, I’ve this error :

error: gpg could not sign the data
fatal: failure to write the commit object

I added gitconfig in /etc/gitconfig with my key for sign, and my public and private key is in admin and my gpg keyring.

What did I forgot ?

Regards


#2

Hi!

According to https://stackoverflow.com/questions/39494631/gpg-failed-to-sign-the-data-fatal-failed-to-write-commit-object-git-2-10-0#40066889 this error happens when the gpg executable is not found.

Is it possible that gpg was installed in your user’s profile? In that case it wouldn’t appear in the root user’s path.


#3

Hi :slight_smile:
It’s not the gpg program problem. I found also this thread. Here is my /etc/gitconfig/ :

user.email=mail@sene.ovh
user.name=Victor
user.signingkey=3ADFB1572B2E34D7
commit.gpgsign=true
pull.rebase=preserve
gpg.program=gpg2
core.repositoryformatversion=0
core.filemode=true
core.bare=false
core.logallrefupdates=true
remote.origin.url=gitea@git.sene.ovh:victor/nixos-config.git
remote.origin.fetch=+refs/heads/*:refs/remotes/origin/*
branch.master.remote=origin
branch.master.merge=refs/heads/master

#4

Does sudo gpg --list-keys work?

Alternatively you could manage the repository as a user and then use NIXOS_CONFIG=path/to/repo/configuration.nix sudo -E nixos-rebuild switch to apply the changes to the system.


#5

Yes the gpg --list-keys work !

I really don’t understand.


#6

Finally, I use ACL with good rights for my group.

Thanks