{ pkgs, ... }:

{
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
    pinentryPackage = pkgs.pinentry-gtk2;
  };

  # Add wrapper around ssh that takes the gnupg ssh-agent
  # instead of gnome-keyring
  environment.systemPackages = with pkgs; [
    ssh-gpg
  ];


  # Do not disable ssh-agent of gnome-keyring, because
  # gnupg ssh-agent can't handle normal SSH keys properly
  /*
  # Disable ssh-agent of gnome-keyring
  nixpkgs.overlays = [
    (final: prev: {
      gnome = prev.gnome // {
        gnome-keyring = prev.runCommand "gnome-keyring-ssh-disabled-autostart" {} ''
          mkdir -p $out

          # Symlink all gnome-keyring binaries
          ${final.xorg.lndir}/bin/lndir -silent ${prev.gnome.gnome-keyring} $out

          # Disable autostart for ssh
          rm $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
          cat ${prev.gnome.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop > $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
          echo "Hidden=true" >> $out/etc/xdg/autostart/gnome-keyring-ssh.desktop
        '';
      };
    })
  ];
  */
}