Use GPG agent for SSH also

_machines/notebook01.yml

@@ -3,7 +3,6 @@ letter_space: 0
 mail: hannes.koerber@haktec.de
 git_gpg_sign: true
 gpg_agent: true
-ssh_agent: true
 terminal_binary: urxvt256c
 
 screen:

_machines/tb-hak.yml

@@ -3,7 +3,6 @@ letter_space: 0
 mail: hannes.koerber@tradebyte.com
 git_gpg_sign: false
 gpg_agent: false
-ssh_agent: false
 terminal_binary: urxvt
 
 screen:

autostart.sh

@@ -92,6 +92,8 @@ run_oneshot_multiple touchpad \
 
 run_oneshot pulseaudio start-pulseaudio-x11 --start --daemonize=false --fail=true --log-target=stderr
 
+run gpg-agent gpg-agent --homedir "$HOME/.gnupg" --no-detach --daemon
+
 # a service called dunst already exists and conflicts
 run dunst_user dunst -config ~/.config/dunstrc
 

autostart/20_gpg_agent.sh

@@ -1,4 +1,3 @@
 #!/usr/bin/env bash
 
 printf '%s' "starting gpg-agent"
-systemd-run -r --user --setenv=DISPLAY=${DISPLAY} gpg-agent --homedir "$HOME/.gnupg" --no-detach --daemon

zsh/zprofile.j2

@@ -45,14 +45,6 @@ export ACPI_LID_NAME=LID
 
 umask 0022
 
-# Start the gpg-agent if not already running
-if ! pgrep -x --uid "${USER}" gpg-agent >/dev/null 2>&1; then
-    eval $(gpg-agent --daemon --sh)
-fi
-
-# because gpg-agent is somehow broken for ssh, use the usual ssh-agent
-eval $(ssh-agent -s)
-
 # exec startx breaks some logind fuckery, without exec it works
 if [[ -z $DISPLAY ]] ; then
     if (( $XDG_VTNR == 1 )) ; then

zsh/zshrc.j2

@@ -4,13 +4,7 @@ _zshdir="$HOME/.zshrc.d"
 
 {% if machine.gpg_agent %}
 export GPG_TTY=$(tty)
-gpg-connect-agent updatestartuptty /bye >/dev/null
-{% endif %}
-
-{% if machine.ssh_agent %}
-if $(ssh-add -l 2>/dev/null | grep -q "no identities") ; then
-    ssh-add
-fi
+export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
 {% endif %}
 
 for file in "${_zshdir}"/* ; do