Original article: https://aaronparecki.com/2016/07/29/10/git-tower and https://github.com/pstadler/keybase-gpg-github
Install https://gpgtools.org/
Install https://keybase.io/
Create a new GPG key on keybase.io ore transfer your old one
Set up Git to sign all commits
$ gpg --list-secret-keys --keyid-format LONG
/Users/dominik/.gnupg/pubring.kbx
---------------------------------
sec rsa4096/E5W5QU4O429GHPWZ 2016-04-06 [expires: 2032-04-02]
FS528305R6Y9FWS7FDRKUYTRCHWF4KLO1Y12F2C3
uid [ultimate] Dominik Wilkowski (dominikwilkowski) <hi@dominik-wilkowski.com>
ssb rsa4096/JHAS653JHASD76T3 2016-04-06 [E]
$ git config --global user.signingkey E5W5QU4O429GHPWZ
$ git config --global commit.gpgsign true
Test that comminting from cli works
$ git commit -S -m "testing signed commits"
Add no-tty to your GPG configuration, to allow Tower to use it
echo no-tty >> ~/.gnupg/gpg.conf
You'll need to specify the absolute path to the gpg program in order for Tower to be able to find it
git config --global gpg.program /usr/local/bin/gpg