gpg revamp

1 files changed, 24 insertions, 20 deletions

diff --git a/config/yubikey.nix b/config/yubikey.nix
index be63d1f..b7afd66 100644
--- a/config/yubikey.nix
+++ b/config/yubikey.nix
@@ -15,24 +15,28 @@ in
   services.pcscd.enable = true;
   services.udev.packages = yubikey-pkgs;
 
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
   # Use GPG agent instead.
-  programs.ssh.startAgent = false;
+  # programs.ssh.startAgent = false;
 
-  systemd.user.services.gpg-agent = {
-    path = [ pkgs.gnupg ];
-    description = "SSH Agent";
-    wantedBy = [ "default.target" ];
-    serviceConfig = {
-      ExecStartPre = ''
-        ${pkgs.gnupg}/bin/gpgconf --create-socketdir
-        ${pkgs.coreutils}/bin/rm -f %t/gnupg/S.gpg-agent.ssh
-      '';
-      ExecStart =
-          "${pkgs.gnupg}/bin/gpg-agent --enable-ssh-support --daemon";
-      Type = "forking";
-      Restart = "on-failure";
-    };
-  };
+  # systemd.user.services.gpg-agent = {
+  #   path = [ pkgs.gnupg ];
+  #   description = "SSH Agent";
+  #   wantedBy = [ "default.target" ];
+  #   serviceConfig = {
+  #     ExecStartPre = ''
+  #       ${pkgs.gnupg}/bin/gpgconf --create-socketdir
+  #       ${pkgs.coreutils}/bin/rm -f %t/gnupg/S.gpg-agent.ssh
+  #     '';
+  #     ExecStart =
+  #         "${pkgs.gnupg}/bin/gpg-agent --enable-ssh-support --daemon";
+  #     Type = "forking";
+  #     Restart = "on-failure";
+  #   };
+  # };
 
   environment = {
     systemPackages = yubikey-pkgs;
@@ -44,9 +48,9 @@ in
       gpg-connect-agent updatestartuptty /bye
     '';
 
-    variables = {
-      SSH_AUTH_SOCK =
-          ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}/gnupg/S.gpg-agent.ssh'';
-    };
+    # variables = {
+    #   SSH_AUTH_SOCK =
+    #       ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}/gnupg/S.gpg-agent.ssh'';
+    # };
   };
 }