From 64891e10cbee6c4a1d322d99119186f22cb26f72 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20B=C3=B6hme?= <mail@moritzboeh.me>
Date: Wed, 20 Apr 2022 17:38:49 +0200
Subject: [PATCH] :rocket: enable ssh support for yubikey

---
 modules/cli/yubikey.nix  | 5 +++++
 modules/services/gpg.nix | 7 ++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/modules/cli/yubikey.nix b/modules/cli/yubikey.nix
index ae36b21..98f2080 100644
--- a/modules/cli/yubikey.nix
+++ b/modules/cli/yubikey.nix
@@ -2,6 +2,11 @@
 
 {
   services.udev.packages = [ pkgs.yubikey-personalization ];
+  environment.shellInit = ''
+    export GPG_TTY="$(tty)"
+    gpg-connect-agent /bye
+    export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
+  '';
   home-manager.users.moritz.home.packages = with pkgs; [
     # cli
     yubikey-manager
diff --git a/modules/services/gpg.nix b/modules/services/gpg.nix
index 0081f6a..2853979 100644
--- a/modules/services/gpg.nix
+++ b/modules/services/gpg.nix
@@ -1,10 +1,11 @@
 { config, lib, pkgs, ... }:
 
 {
-  home-manager.users.moritz = {
-    services.gpg-agent = {
+  programs = {
+    ssh.startAgent = false;
+    gnupg.agent = {
       enable = true;
-      defaultCacheTtl = 3600;
+      enableSSHSupport = true;
     };
   };
   services.pcscd.enable = true;