old
 1{pkgs, ...}: {
 2  # gpg agent with pinentry
 3  programs.gnupg.agent = {
 4    enable = true;
 5    pinentryPackage = pkgs.pinentry-qt;
 6    enableSSHSupport = false;
 7    settings.default-cache-ttl = 4 * 60 * 60; # 4 hours
 8  };
 9
10  services.udev.packages = [pkgs.yubikey-personalization];
11  # Locking the screen when a Yubikey is unplugged
12  # https://nixos.wiki/wiki/Yubikey#Locking_the_screen_when_a_Yubikey_is_unplugged
13  services.udev.extraRules = ''
14    ACTION=="remove",\
15     ENV{ID_BUS}=="usb",\
16     ENV{ID_MODEL_ID}=="0407",\
17     ENV{ID_VENDOR_ID}=="1050",\
18     ENV{ID_VENDOR}=="Yubico",\
19     RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
20  '';
21  hardware.gpgSmartcards.enable = true;
22  services.pcscd.enable = true;
23}