From 77891a686cd5eea7ae6031bc2f4ffa756495cce9 Mon Sep 17 00:00:00 2001
From: Anton Livaja <anton@livaja.me>
Date: Wed, 12 Feb 2025 04:14:44 -0500
Subject: [PATCH] add keyfork env var for pgp key expiry

---
 .../src/component-documents/openpgp-setup.md           | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/quorum-vault-system/src/component-documents/openpgp-setup.md b/quorum-vault-system/src/component-documents/openpgp-setup.md
index f9c9aa7..5ad24a9 100644
--- a/quorum-vault-system/src/component-documents/openpgp-setup.md
+++ b/quorum-vault-system/src/component-documents/openpgp-setup.md
@@ -36,13 +36,19 @@ as such need to be set up in a manner that minimizes exposure risks.
     ```
     Note: default admin PIN is 12345678
 
+1. Set expiry time via environment variable - you can update 2y to desired value:
+
+    ```
+    $ export KEYFORK_OPENPGP_EXPIRE=2y
+    ```
+
 1. Generate a mnemonic, encrypting to a newly-generated key:
         
-	  ```
+	```
     $ keyfork mnemonic generate --encrypt-to-self public.asc,output=private.asc --provision openpgp-card,identifier="$card_id"
     ```
 
-	  Note: The PIN can't use sequential numbers, characters or repeated patterns.
+	Note: The PIN can't use sequential numbers, characters or repeated patterns.
 
 1. Rename output to use key fingerprint: