{ lib, config, pkgs, ... }: with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.crypto; in { options.pub-solar.crypto = { enable = mkEnableOption "Life in private"; }; config = mkIf cfg.enable { services.udev.packages = [ pkgs.yubikey-personalization ]; services.dbus.packages = [ pkgs.gcr ]; services.pcscd.enable = true; services.gnome.gnome-keyring.enable = true; environment.shellInit = '' gpg-connect-agent /bye export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) ''; home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] { systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs; services.gpg-agent = { enable = true; defaultCacheTtl = 300; enableSshSupport = true; pinentryFlavor = "gnome3"; verbose = true; }; programs.gpg = { enable = true; }; home.packages = [ gnome.seahorse keepassxc ]; }; }; }