{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.nixfiles.modules.gnupg;
in {
  options.nixfiles.modules.gnupg.pinentry = mkOption {
    description = "Name of a pinentry implementation.";
    type = types.package;
    default = pkgs.pinentry-curses;
  };

  config = mkIf cfg.enable {
    hm = {
      programs.gpg.homedir = "${config.dirs.data}/gnupg";

      services.gpg-agent = {
        enable = true;

        enableSshSupport = true;
        enableScDaemon = false;

        defaultCacheTtl = 999999;
        defaultCacheTtlSsh = 999999;
        maxCacheTtl = 999999;
        maxCacheTtlSsh = 999999;

        grabKeyboardAndMouse = true;

        sshKeys = [my.pgp.grip];

        pinentryPackage = cfg.pinentry;
      };
    };
  };
}