{ pkgs, ... }:
{
  services.udev.packages = [ pkgs.yubikey-personalization ];

  # Depending on the details of your configuration, this section might be necessary or not;
  # feel free to experiment
#  environment.shellInit = ''
#    export GPG_TTY="$(tty)"
#    gpg-connect-agent /bye
#    export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh"
#  '';

  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };
}