gpg: update key hash in test

Fixes #8478

modules/programs/anki/helper.nix

@@ -112,7 +112,7 @@ let
 
     answer_keys: tuple[tuple[int, str], ...] = (${
       lib.strings.concatMapStringsSep ", " (val: "(${toString val.ease}, '${val.key}')") cfg.answerKeys
-    })
+    }${if cfg.answerKeys != [ ] then "," else ""})
     for ease, key in answer_keys:
       profile_manager.set_answer_key(ease, key)
 

modules/programs/gpg.nix

@@ -16,18 +16,13 @@ let
 
   cfg = config.programs.gpg;
 
-  mkKeyValue =
+  toKeyValue =
-    key: value: if lib.isString value then "${key} ${value}" else lib.optionalString value key;
+    settings:
-
+    lib.generators.toKeyValue {
-  cfgText = lib.generators.toKeyValue {
+      mkKeyValue =
-    inherit mkKeyValue;
+        key: value: if lib.isString value then "${key} ${value}" else lib.optionalString value key;
-    listsAsDuplicateKeys = true;
+      listsAsDuplicateKeys = true;
-  } cfg.settings;
+    } settings;
-
-  scdaemonCfgText = lib.generators.toKeyValue {
-    inherit mkKeyValue;
-    listsAsDuplicateKeys = true;
-  } cfg.scdaemonSettings;
 
   primitiveType = types.oneOf [
     types.str
@@ -193,6 +188,7 @@ in
 
     scdaemonSettings = mkOption {
       type = types.attrsOf (types.either primitiveType (types.listOf types.str));
+      default = { };
       example = literalExpression ''
         {
           disable-ccid = true;
@@ -207,6 +203,41 @@ in
       '';
     };
 
+    dirmngrSettings = mkOption {
+      type = types.attrsOf (types.either primitiveType (types.listOf types.str));
+      default = { };
+      example = literalExpression ''
+        {
+          allow-version-check = true;
+          keyserver = "ldaps://ldap.example.com";
+        }
+      '';
+      description = ''
+        Dirmngr configuration options. Available options are described
+        in
+        [
+          {manpage}`dirmngr(1)`
+        ](https://www.gnupg.org/documentation/manuals/gnupg/Dirmngr-Options.html)
+      '';
+    };
+
+    gpgsmSettings = mkOption {
+      type = types.attrsOf (types.either primitiveType (types.listOf types.str));
+      default = { };
+      example = literalExpression ''
+        {
+          with-key-data = true;
+        }
+      '';
+      description = ''
+        GPGSM configuration options. Available options are described
+        in
+        [
+          {manpage}`gpgsm(1)`
+        ](https://www.gnupg.org/documentation/manuals/gnupg/GPGSM-Options.html)
+      '';
+    };
+
     homedir = mkOption {
       type = types.path;
       example = literalExpression ''"''${config.xdg.dataHome}/gnupg"'';
@@ -267,8 +298,7 @@ in
       cert-digest-algo = mkDefault "SHA512";
       s2k-digest-algo = mkDefault "SHA512";
       s2k-cipher-algo = mkDefault "AES256";
-      charset = mkDefault "utf-8";
+      display-charset = mkDefault "utf-8";
-      fixed-list-mode = mkDefault true;
       no-comments = mkDefault true;
       no-emit-version = mkDefault true;
       keyid-format = mkDefault "0xlong";
@@ -277,11 +307,6 @@ in
       with-fingerprint = mkDefault true;
       require-cross-certification = mkDefault true;
       no-symkey-cache = mkDefault true;
-      use-agent = mkDefault true;
-    };
-
-    programs.gpg.scdaemonSettings = {
-      # no defaults for scdaemon
     };
 
     home.packages = [ cfg.package ];
@@ -289,9 +314,21 @@ in
       GNUPGHOME = cfg.homedir;
     };
 
-    home.file."${cfg.homedir}/gpg.conf".text = cfgText;
+    home.file."${cfg.homedir}/gpg.conf" = mkIf (cfg.settings != { }) {
+      text = toKeyValue cfg.settings;
+    };
 
-    home.file."${cfg.homedir}/scdaemon.conf".text = scdaemonCfgText;
+    home.file."${cfg.homedir}/scdaemon.conf" = mkIf (cfg.scdaemonSettings != { }) {
+      text = toKeyValue cfg.scdaemonSettings;
+    };
+
+    home.file."${cfg.homedir}/dirmngr.conf" = mkIf (cfg.dirmngrSettings != { }) {
+      text = toKeyValue cfg.dirmngrSettings;
+    };
+
+    home.file."${cfg.homedir}/gpgsm.conf" = mkIf (cfg.gpgsmSettings != { }) {
+      text = toKeyValue cfg.gpgsmSettings;
+    };
 
     # Link keyring if keys are not mutable
     home.file."${cfg.homedir}/pubring.kbx" = mkIf (!cfg.mutableKeys && cfg.publicKeys != [ ]) {

modules/services/hyprpaper.nix

@@ -45,16 +45,18 @@ in
       '';
       example = lib.literalExpression ''
         {
-          ipc = "on";
           splash = false;
-          splash_offset = 2.0;
-
-          preload =
-            [ "/share/wallpapers/buttons.png" "/share/wallpapers/cat_pacman.png" ];
 
           wallpaper = [
-            "DP-3,/share/wallpapers/buttons.png"
+            {
-            "DP-1,/share/wallpapers/cat_pacman.png"
+              monitor = "DP-3";
+              path = "/share/wallpapers/buttons.png";
+              fit_mode = "tile";
+            }
+            {
+              monitor = "DP-1";
+              path = "/share/wallpapers/cat_pacman.png";
+            }
           ];
         }
       '';

tests/modules/programs/gpg/default.nix

@@ -3,4 +3,5 @@
   gpg-mutable-keyfiles = ./mutable-keyfiles.nix;
   gpg-multiple-keys-trust = ./multiple-keys-trust.nix;
   gpg-override-defaults = ./override-defaults.nix;
+  gpg-other-settings = ./other-settings.nix;
 }

tests/modules/programs/gpg/immutable-keyfiles.nix

@@ -12,7 +12,7 @@
       {
         source = realPkgs.fetchurl {
           url = "https://keys.openpgp.org/pks/lookup?op=get&options=mr&search=0x44CF42371ADF842E12F116EAA9D3F98FCCF5460B";
-          hash = "sha256-bSluCZh6ijwppigk8iF2BwWKZgq1WDbIjyYQRK772dM=";
+          hash = "sha256-csrFDI6QSPfNN+adOPEAupAtspYNBCybFZExvVS+vRY=";
         };
         trust = 1; # "unknown"
       }

tests/modules/programs/gpg/other-dirmngr.conf

@@ -0,0 +1,2 @@
+keyserver ldaps://ldap.example.com
+use-tor

tests/modules/programs/gpg/other-gpgsm.conf

@@ -0,0 +1,3 @@
+cipher-algo AES256
+validation-model steed
+with-md5-fingerprint

tests/modules/programs/gpg/other-scdaemon.conf

@@ -0,0 +1,3 @@
+application-priority openpgp p15 sc-hsm nks geldkarte dinsig
+disable-ccid
+reader-port 32769

tests/modules/programs/gpg/other-settings.nix

@@ -0,0 +1,32 @@
+{
+  programs.gpg = {
+    enable = true;
+
+    scdaemonSettings = {
+      disable-ccid = true;
+      reader-port = "32769";
+      application-priority = "openpgp p15 sc-hsm nks geldkarte dinsig";
+    };
+
+    dirmngrSettings = {
+      use-tor = true;
+      keyserver = "ldaps://ldap.example.com";
+    };
+
+    gpgsmSettings = {
+      cipher-algo = "AES256";
+      with-md5-fingerprint = true;
+      validation-model = "steed";
+    };
+  };
+
+  nmt.script = ''
+    assertFileExists home-files/.gnupg/scdaemon.conf
+    assertFileExists home-files/.gnupg/dirmngr.conf
+    assertFileExists home-files/.gnupg/gpgsm.conf
+
+    assertFileContent home-files/.gnupg/scdaemon.conf ${./other-scdaemon.conf}
+    assertFileContent home-files/.gnupg/dirmngr.conf ${./other-dirmngr.conf}
+    assertFileContent home-files/.gnupg/gpgsm.conf ${./other-gpgsm.conf}
+  '';
+}

tests/modules/programs/gpg/override-defaults-expected.conf

@@ -1,7 +1,6 @@
 cert-digest-algo SHA512
-charset utf-8
 default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
-fixed-list-mode
+display-charset utf-8
 keyid-format 0xlong
 list-options show-uid-validity
 
@@ -16,6 +15,5 @@ s2k-digest-algo SHA512
 throw-keyids
 trusted-key 0xXXXXXXXXXXXXX
 trusted-key 0xYYYYYYYYYYYYY
-use-agent
 verify-options show-uid-validity
 with-fingerprint