more progress

modules/home/shell/toolset/gnugpg/default.nix

@@ -0,0 +1,36 @@
+{ config, lib, pkgs, user, ... }:
+let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.${namespace}.shell.toolset.gnupg;
+in
+{
+  options.${namespace}.shell.toolset.gnupg = {
+    enable = mkEnableOption "cryptographic suite";
+  };
+
+  config = mkIf cfg.enable {
+    user.package = with pkgs; [ gnupg ];
+
+    environment.variables.GNUPGHOME = "$XDG_CONFIG_HOME/gnupg";
+
+    programs.gnupg = {
+      enable = true;
+
+      agent = {
+        enable = true;
+        enableSSHSupport = true;
+        pinentryPackage = pkgs.pinentry-gnome3;
+
+        settings = let
+          cacheTTL = 86400;
+        in {
+          default-cache-ttl = cacheTTL;
+          default-cache-ttl-ssh = cacheTTL;
+          max-cache-ttl = cacheTTL;
+          max-cache-ttl-ssh = cacheTTL;
+        };
+      };
+    };
+  };
+}