Update gpg-agent ttl since using in pass command

kachick · Oct 3, 2024 · 8f6d3f0 · 8f6d3f0
1 parent bd358b5
commit 8f6d3f0
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 6 deletions.
diff --git a/home-manager/darwin.nix b/home-manager/darwin.nix
@@ -16,8 +16,8 @@ lib.mkMerge [
     # https://github.com/midchildan/dotfiles/blob/fae87a3ef327c23031d8081333678f9472e4c0ed/nix/home/modules/gnupg/default.nix#L38
     xdg.dataFile."gnupg/gpg-agent.conf".text = ''
       grab
-      default-cache-ttl 60480000
-      max-cache-ttl 60480000
+      default-cache-ttl 604800
+      max-cache-ttl 604800
       pinentry-program ${pkgs.pinentry_mac}/Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac
     '';
   })

diff --git a/home-manager/gpg.nix b/home-manager/gpg.nix
@@ -29,14 +29,12 @@ in
 
     # Update [darwin.nix](darwin.nix) if changed this section
     #
-    # TODO: Reconsider the ttls with recent use
-    #
     # https://superuser.com/questions/624343/keep-gnupg-credentials-cached-for-entire-user-session
-    defaultCacheTtl = day * 700;
+    defaultCacheTtl = day * 7;
     # https://github.com/openbsd/src/blob/862f3f2587ccb85ac6d8602dd1601a861ae5a3e8/usr.bin/ssh/ssh-agent.1#L167-L173
     # ssh-agent sets it as infinite by default. So I can relax here (maybe)
     defaultCacheTtlSsh = day * 30;
-    maxCacheTtl = day * 700;
+    maxCacheTtl = day * 7;
 
     pinentryPackage = pkgs.pinentry-tty;