From 1938a0d25355bef85151337f85b0f6c65262dda6 Mon Sep 17 00:00:00 2001
From: Henrik Lissner <henrik@lissner.net>
Date: Fri, 1 Jun 2018 17:10:30 +0200
Subject: [PATCH] Enforce encrypted authinfo & store in doom-etc-dir

Plaintext authinfo should not be the default.
---
 modules/config/default/config.el | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/config/default/config.el b/modules/config/default/config.el
index 2dacb9b11..c4cdfd157 100644
--- a/modules/config/default/config.el
+++ b/modules/config/default/config.el
@@ -16,6 +16,11 @@
 ;; Config
 ;;
 
+;; Don't store authinfo in non-encrypted files!
+(defvar auth-sources
+  (list (expand-file-name "authinfo.gpg" doom-etc-dir)
+        "~/.authinfo.gpg"))
+
 (after! epa
   (setq epa-file-encrypt-to (or epa-file-encrypt-to user-mail-address)
         ;; With GPG 2.1, this forces gpg-agent to use the Emacs minibuffer to