diff --git a/CLAUDE.md b/CLAUDE.md index 987a054..35d9a69 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -33,6 +33,12 @@ This is a **chezmoi source directory** for managing dotfiles across multiple mac - Bootstrap encryption key from Doppler before apply - Handle `chezmoi init` and `chezmoi update --init` +**GPG Configuration (WSL-only):** +- `~/.gnupg` → Symlink to Windows GPG directory (`C:\Users\Xevion\AppData\Roaming\gnupg`) +- `/usr/local/bin/gpg` → Symlink to Windows `gpg.exe` (via `run_onchange_before_setup-wsl-gpg.sh.tmpl`) +- Enables native Windows Qt5 pinentry GUI for passphrase prompts +- Automatic setup on WSL; ignored on regular Linux + ## Critical Restrictions ### NEVER Do These Actions diff --git a/ONBOARDING.md b/ONBOARDING.md index af90088..e54a305 100644 --- a/ONBOARDING.md +++ b/ONBOARDING.md @@ -13,3 +13,7 @@ When **bolded**, this application won't be installed automatically. It implies t - Preferred applications - [ ] kitty - [ ] micro +- WSL-specific requirements + - [ ] **GPG4win** (Windows) - Required for Git commit signing with GUI pinentry + - Install via: `scoop install gpg4win` + - WSL will automatically link to Windows GPG for native passphrase dialogs diff --git a/home/.chezmoiignore b/home/.chezmoiignore index 6776b79..6b9091a 100644 --- a/home/.chezmoiignore +++ b/home/.chezmoiignore @@ -22,5 +22,12 @@ key.txt # Windows-only Documents/PowerShell +AppData/ + +{{/* WSL-specific: .gnupg is symlinked to Windows GPG directory */}} +{{ if not .wsl }} +# On non-WSL Linux, .gnupg is managed separately (not via chezmoi) +.gnupg +{{ end }} {{ end }} diff --git a/home/run_onchange_before_setup-wsl-gpg.sh.tmpl b/home/run_onchange_before_setup-wsl-gpg.sh.tmpl new file mode 100644 index 0000000..573fb83 --- /dev/null +++ b/home/run_onchange_before_setup-wsl-gpg.sh.tmpl @@ -0,0 +1,38 @@ +{{- if .wsl -}} +#!/bin/bash +set -eu + +# WSL GPG Setup - Link to Windows GPG for native pinentry support +# This script creates a system-level symlink from /usr/local/bin/gpg to Windows gpg.exe +# This allows WSL to use Windows' native Qt5 pinentry GUI for passphrase prompts + +GPG_WINDOWS="/mnt/c/Users/{{ .chezmoi.username }}/scoop/apps/gpg4win/current/GnuPG/bin/gpg.exe" +GPG_LINK="/usr/local/bin/gpg" + +# Check if Windows GPG exists +if [ ! -f "$GPG_WINDOWS" ]; then + echo "WARNING: Windows GPG not found at $GPG_WINDOWS" + echo " Skipping GPG symlink setup" + exit 0 +fi + +# Check if symlink already exists and is correct +if [ -L "$GPG_LINK" ]; then + CURRENT_TARGET=$(readlink "$GPG_LINK") + if [ "$CURRENT_TARGET" = "$GPG_WINDOWS" ]; then + echo "GPG symlink already configured correctly" + exit 0 + else + echo "Updating GPG symlink (was pointing to: $CURRENT_TARGET)" + fi +else + echo "Creating GPG symlink to Windows GPG" +fi + +# Create/update the symlink (requires sudo) +echo "Note: This requires sudo to create a symlink in /usr/local/bin" +sudo ln -sf "$GPG_WINDOWS" "$GPG_LINK" + +echo "✓ GPG symlink configured: $GPG_LINK -> $GPG_WINDOWS" +echo " WSL will now use Windows GPG with native GUI pinentry" +{{- end -}} diff --git a/home/symlink_dot_gnupg.tmpl b/home/symlink_dot_gnupg.tmpl new file mode 100644 index 0000000..5e56b61 --- /dev/null +++ b/home/symlink_dot_gnupg.tmpl @@ -0,0 +1,3 @@ +{{- if .wsl -}} +/mnt/c/Users/Xevion/AppData/Roaming/gnupg +{{- end -}}