From e196ce35727cb2d8ab777f2513313e8f2ce7d269 Mon Sep 17 00:00:00 2001
From: Alexander Heldt <me@alexanderheldt.se>
Date: Thu, 19 Mar 2026 10:55:17 +0100
Subject: [PATCH] pinwheel: Use GUI key manager for `ssh`

---
 hosts/pinwheel/modules/ssh/default.nix | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/hosts/pinwheel/modules/ssh/default.nix b/hosts/pinwheel/modules/ssh/default.nix
index b0c84fd..3210794 100644
--- a/hosts/pinwheel/modules/ssh/default.nix
+++ b/hosts/pinwheel/modules/ssh/default.nix
@@ -1,6 +1,14 @@
 { pkgs, ... }:
 {
+  # Enable gnome-keyring at system level for PAM integration
+  services.gnome.gnome-keyring.enable = true;
+
   home-manager.users.alex = {
+    services.gnome-keyring = {
+      enable = true;
+      components = [ "secrets" "ssh" ];
+    };
+
     programs.ssh = {
       enable = true;
       enableDefaultConfig = false;
@@ -39,7 +47,7 @@
 
         "*" = {
           forwardAgent = false;
-          addKeysToAgent = "no";
+          addKeysToAgent = "yes";
           compression = false;
           serverAliveInterval = 0;
           serverAliveCountMax = 3;
@@ -52,7 +60,10 @@
       };
     };
 
-    home.packages = [ pkgs.sshfs ];
+    home.packages = [
+      pkgs.sshfs
+      pkgs.seahorse # GUI for managing gnome-keyring
+    ];
   };
 
   age.secrets = {