DEV Community

Edmund Miller
Edmund Miller

Posted on • Originally published at edmundmiller.dev

Using age with org-journal

The problem

Because gpg 2.4.1 borked Emacs's EasyPG. It just hangs on saving.

Why not just use gpg?

There are some ways around it, and I was using the fset hack until I read this post about the person who corrupted their encrypted files. I also had to run the elisp on every new Emacs instance.

And then lib-gcrypt is marked as broken in NixOS if you use the gnupg22 package(Version: 2.2.41), and a blowing past that stop sign sounded like a bad idea.

So I started thinking outside the box.

Why age?

I started using it with agenix, just because Henrik started using it in his dotfiles. The k8s@home template also eventually switched from gpg to age so I was already pretty comfortable with using age.

TL;DR Age: the modern alternative to GPG — nixFAQ:

  • Age is presented as a modern alternative to GPG that solves many of its limitations while maintaining security.
  • Age stands for "Actually Good Encryption" and has implementations in Go and Rust for improved security compared to GPG's C implementation.
  • Age uses smaller keys that are easier to store physically and has a simpler interface with no configuration options.
  • Files can be encrypted for multiple recipients simultaneously using Age.
  • Age supports encrypting for SSH public keys in addition to its own keys.
  • Age allows encrypting files for GitHub users by using their SSH keys from their profile.
  • Age offers a better user experience than GPG while maintaining an equally high level of security.

Why still org-journal?

I've considered using org-roam-dailies instead of org-journal. However, after some reflection, I'm not entirely sure why. Org Roam supports Age encryption, and org-journal has several PR fixes for various issues that have been neglected (this is not a judgment of the maintainer, but problems like journal files being decrypted whenever the calendar is invoked are troublesome). I think I was just seeking a quick solution to resume journaling.

Setup

Now that you've listened to me ramble on for a bit, here's the actual setup. This is using Doom Emacs.

packages.el

(package! age)
Enter fullscreen mode Exit fullscreen mode

config.el

(use-package! age
  :init
  (setq! age-program "rage")
  :config
  (setq! age-default-identity "~/.ssh/id_ed25519"
         age-default-recipient "~/.ssh/id_ed25519.pub")
  (age-file-enable))
Enter fullscreen mode Exit fullscreen mode

Went with rage, because Rust. Also there's pinentry support through rage.

config.el

(after! org
  (setq org-journal-encrypt-journal nil
        org-journal-file-format "%Y%m%d.org.age")
Enter fullscreen mode Exit fullscreen mode

Only thing I had to do then was turn off the built-in gpg support on
org-journal, and update the naming scheme to have age as the suffix and it just
worked.™

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read full post →

Top comments (0)

Postmark Image

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up