fix[client,work]: fix yubikey scdaemon/pcscd issue

SwarselSystems.org

@@ -10738,7 +10738,7 @@ Also, since I use a GPG key in sops, it seems that scdaemon creates an instance
     config = lib.mkIf config.swarselmodules.yubikey {
       programs.ssh.startAgent = false;
 
-      services.pcscd.enable = false;
+      services.pcscd.enable = true;
 
       hardware.gpgSmartcards.enable = true;
 
@@ -25620,61 +25620,64 @@ When setting up a new machine:
 #+end_src
 
 #+begin_src nix-ts :tangle modules/home/common/gpg-agent.nix
-      { self, lib, config, pkgs, ... }:
-      let
-        inherit (config.swarselsystems) mainUser homeDir;
-      in
-      {
-        options.swarselmodules.gpgagent = lib.mkEnableOption "gpg agent settings";
-        config = lib.mkIf config.swarselmodules.gpgagent {
-          services.gpg-agent = {
-            enable = true;
-            verbose = true;
-            enableZshIntegration = true;
-            enableScDaemon = true;
-            enableSshSupport = true;
-            enableExtraSocket = true;
-            pinentry.package = pkgs.wayprompt;
-            pinentry.program = "pinentry-wayprompt";
-            # pinentry.package = pkgs.pinentry.gtk2;
-            defaultCacheTtl = 600;
-            maxCacheTtl = 7200;
-            extraConfig = ''
-              allow-loopback-pinentry
-              allow-emacs-pinentry
-            '';
-            sshKeys = [
-              "4BE7925262289B476DBBC17B76FD3810215AE097"
-            ];
-          };
+  { self, lib, config, pkgs, ... }:
+  let
+    inherit (config.swarselsystems) mainUser homeDir;
+  in
+  {
+    options.swarselmodules.gpgagent = lib.mkEnableOption "gpg agent settings";
+    config = lib.mkIf config.swarselmodules.gpgagent {
+      services.gpg-agent = {
+        enable = true;
+        verbose = true;
+        enableZshIntegration = true;
+        enableScDaemon = true;
+        enableSshSupport = true;
+        enableExtraSocket = true;
+        pinentry.package = pkgs.wayprompt;
+        pinentry.program = "pinentry-wayprompt";
+        # pinentry.package = pkgs.pinentry.gtk2;
+        defaultCacheTtl = 600;
+        maxCacheTtl = 7200;
+        extraConfig = ''
+          allow-loopback-pinentry
+          allow-emacs-pinentry
+        '';
+        sshKeys = [
+          "4BE7925262289B476DBBC17B76FD3810215AE097"
+        ];
+      };
 
-          programs.gpg = {
-            enable = true;
-            publicKeys = [
-              {
-                source = "${self}/secrets/public/gpg/gpg-public-key-0x76FD3810215AE097.asc";
-                trust = 5;
-              }
-            ];
-          };
-
-          systemd.user.tmpfiles.rules = [
-            "d ${homeDir}/.gnupg 0700 ${mainUser} users - -"
-          ];
-
-          # assure correct permissions
-          # systemd.user.tmpfiles.settings."30-gpgagent".rules = {
-          #   "${homeDir}/.gnupg" = {
-          #     d = {
-          #       group = "users";
-          #       user = mainUser;
-          #       mode = "0700";
-          #     };
-          #   };
-          # };
+      programs.gpg = {
+        enable = true;
+        scdaemonSettings = {
+          disable-ccid = true; # prevent conflicts between pcscd and scdameon
         };
+        publicKeys = [
+          {
+            source = "${self}/secrets/public/gpg/gpg-public-key-0x76FD3810215AE097.asc";
+            trust = 5;
+          }
+        ];
+      };
 
-      }
+      systemd.user.tmpfiles.rules = [
+        "d ${homeDir}/.gnupg 0700 ${mainUser} users - -"
+      ];
+
+      # assure correct permissions
+      # systemd.user.tmpfiles.settings."30-gpgagent".rules = {
+      #   "${homeDir}/.gnupg" = {
+      #     d = {
+      #       group = "users";
+      #       user = mainUser;
+      #       mode = "0700";
+      #     };
+      #   };
+      # };
+    };
+
+  }
 #+end_src
 
 **** gammastep