DEV Community

Edmund Miller
Edmund Miller

Posted on • Originally published at edmundmiller.dev

Using age with org-journal

#emacs #age #writing

The problem

Because gpg 2.4.1 borked Emacs's EasyPG. It just hangs on saving.

Why not just use gpg?

There are some ways around it, and I was using the fset hack until I read this post about the person who corrupted their encrypted files. I also had to run the elisp on every new Emacs instance.

And then lib-gcrypt is marked as broken in NixOS if you use the gnupg22 package(Version: 2.2.41), and a blowing past that stop sign sounded like a bad idea.

So I started thinking outside the box.

Why age?

I started using it with agenix, just because Henrik started using it in his dotfiles. The k8s@home template also eventually switched from gpg to age so I was already pretty comfortable with using age.

TL;DR Age: the modern alternative to GPG — nixFAQ:

  • Age is presented as a modern alternative to GPG that solves many of its limitations while maintaining security.
  • Age stands for "Actually Good Encryption" and has implementations in Go and Rust for improved security compared to GPG's C implementation.
  • Age uses smaller keys that are easier to store physically and has a simpler interface with no configuration options.
  • Files can be encrypted for multiple recipients simultaneously using Age.
  • Age supports encrypting for SSH public keys in addition to its own keys.
  • Age allows encrypting files for GitHub users by using their SSH keys from their profile.
  • Age offers a better user experience than GPG while maintaining an equally high level of security.

Why still org-journal?

I've considered using org-roam-dailies instead of org-journal. However, after some reflection, I'm not entirely sure why. Org Roam supports Age encryption, and org-journal has several PR fixes for various issues that have been neglected (this is not a judgment of the maintainer, but problems like journal files being decrypted whenever the calendar is invoked are troublesome). I think I was just seeking a quick solution to resume journaling.

Setup

Now that you've listened to me ramble on for a bit, here's the actual setup. This is using Doom Emacs.

packages.el

(package! age)
Enter fullscreen mode Exit fullscreen mode

config.el

(use-package! age
  :init
  (setq! age-program "rage")
  :config
  (setq! age-default-identity "~/.ssh/id_ed25519"
         age-default-recipient "~/.ssh/id_ed25519.pub")
  (age-file-enable))
Enter fullscreen mode Exit fullscreen mode

Went with rage, because Rust. Also there's pinentry support through rage.

config.el

(after! org
  (setq org-journal-encrypt-journal nil
        org-journal-file-format "%Y%m%d.org.age")
Enter fullscreen mode Exit fullscreen mode

Only thing I had to do then was turn off the built-in gpg support on
org-journal, and update the naming scheme to have age as the suffix and it just
worked.™

Top comments (0)