{ lib, config, pkgs, ... }: with lib; let psCfg = config.pub-solar; cfg = config.pub-solar.crypto; in { options.pub-solar.crypto = { enable = mkEnableOption "Life in private"; }; config = mkIf cfg.enable { services.udev.packages = [pkgs.yubikey-personalization]; services.dbus.packages = [pkgs.gcr]; services.pcscd.enable = true; services.gnome.gnome-keyring.enable = true; environment.shellInit = '' gpg-connect-agent /bye export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) ''; home-manager = with pkgs; pkgs.lib.setAttrByPath ["users" psCfg.user.name] { systemd.user.services.polkit-gnome-authentication-agent = import ./polkit-gnome-authentication-agent.service.nix pkgs; services.gpg-agent = { enable = true; enableSshSupport = true; pinentryFlavor = "gnome3"; verbose = true; }; programs.gpg = { enable = true; }; home.packages = [ gnome.seahorse keepassxc ]; }; }; }