From abb71163ec06612261af4470d878bd80538eaf53 Mon Sep 17 00:00:00 2001
From: Fabio Scotto di Santolo <fscottodev@pm.me>
Date: Wed, 13 May 2026 10:35:06 +0200
Subject: [PATCH] Use pinentry-gnome3 for gpg-agent on Arch

Add gpg-agent.arch.conf with pinentry-gnome3 and without enable-ssh-support
(SSH is handled by gnome-keyring on GNOME). Deploy it from profile_desktop_gnome,
overriding the common conf that uses pinentry-gtk-2 for Void.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 ansible/roles/profile_desktop_gnome/tasks/main.yml | 9 +++++++++
 dotfiles/desktop/.gnupg/gpg-agent.arch.conf        | 3 +++
 2 files changed, 12 insertions(+)
 create mode 100644 dotfiles/desktop/.gnupg/gpg-agent.arch.conf

diff --git a/ansible/roles/profile_desktop_gnome/tasks/main.yml b/ansible/roles/profile_desktop_gnome/tasks/main.yml
index 1460f86..2475673 100644
--- a/ansible/roles/profile_desktop_gnome/tasks/main.yml
+++ b/ansible/roles/profile_desktop_gnome/tasks/main.yml
@@ -17,6 +17,15 @@
     owner: root
     group: root
 
+- name: Deploy gpg-agent.conf for GNOME (pinentry-gnome3, no ssh-support)
+  tags: [dotfiles, dotfiles:desktop, gnome]
+  ansible.builtin.copy:
+    src: "{{ playbook_dir }}/../dotfiles/desktop/.gnupg/gpg-agent.arch.conf"
+    dest: "{{ user_home }}/.gnupg/gpg-agent.conf"
+    owner: "{{ username }}"
+    group: "{{ user_group }}"
+    mode: "0600"
+
 - name: Enable gnome-keyring PAM auth hook for GDM
   tags: [gnome]
   ansible.builtin.lineinfile:
diff --git a/dotfiles/desktop/.gnupg/gpg-agent.arch.conf b/dotfiles/desktop/.gnupg/gpg-agent.arch.conf
new file mode 100644
index 0000000..15ab186
--- /dev/null
+++ b/dotfiles/desktop/.gnupg/gpg-agent.arch.conf
@@ -0,0 +1,3 @@
+pinentry-program /usr/bin/pinentry-gnome3
+default-cache-ttl 600
+max-cache-ttl 7200