From 6b31c22be791b798952ec1a81457581d4298c4fa Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Fri, 26 Apr 2024 11:41:42 +0200
Subject: [PATCH] Do not use gpg-agent for ssh on headless systems

---
 modules/default.nix         | 2 ++
 users/simon/modules/gpg.nix | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/modules/default.nix b/modules/default.nix
index 9a4cbb6..3ffe4bf 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -110,6 +110,8 @@
       # Support for exotic file systems
       boot.supportedFilesystems = lib.optional config.sbruder.full "ntfs";
 
+      programs.ssh.startAgent = lib.mkDefault (!config.sbruder.gui.enable);
+
       # When this is set to true (default), routing everything through a
       # wireguard tunnel does not work.
       networking.firewall.checkReversePath = false;
diff --git a/users/simon/modules/gpg.nix b/users/simon/modules/gpg.nix
index e4bdd24..b440afb 100644
--- a/users/simon/modules/gpg.nix
+++ b/users/simon/modules/gpg.nix
@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 
-{ nixosConfig, pkgs, ... }:
+{ lib, nixosConfig, pkgs, ... }:
 
 {
   programs.gpg = {
@@ -18,7 +18,7 @@
   services.gpg-agent = rec {
     enable = true;
     enableZshIntegration = true;
-    enableSshSupport = true;
+    enableSshSupport = lib.mkDefault nixosConfig.sbruder.gui.enable;
 
     pinentryFlavor = if nixosConfig.sbruder.gui.enable then "gnome3" else "curses";