@@ -1,40 +1,10 @@
 { config, pkgs, lib, ... }:
 
-{ programs.ssh.startAgent = false;
-
-  programs.gnupg = {
-    agent = {
-      enable = true;
-      enableSSHSupport = true;
-    };
-    dirmngr.enable = true;
-  };
-
-  services.keybase.enable = true;
-  services.kbfs.enable = true;
-  environment.variables.NIX_SKIP_KEYBASE_CHECKS = "1";
-
-  services.tor = {
-    enable = true;
-    client = {
-      enable = true;
-      socksListenAddress = "9050 IPv6Traffic";
-    };
-    torsocks = {
-      enable = true;
-    };
-  };
-  systemd.services.tor.wantedBy = lib.mkForce [];
-  systemd.timers.tor = {
-    description = "Delayed startup of Tor";
-    wantedBy = [ "timers.target" ];
-    timerConfig = {
-      OnActiveSec = "1 min";
-    };
-  };
-
+{
   environment.systemPackages = with pkgs; [
     gnupg
-    keybase-gui
+    pinentry
+    (python3.withPackages(ps: with ps; [ trezor_agent wheel ]))
   ];
+  environment.variables.GNUPGHOME = "$HOME/.gnupg/trezor/";
 }

@@ -0,0 +1,11 @@
+{ config, pkgs, lib, ... }:
+
+{
+  services.keybase.enable = true;
+  services.kbfs.enable = true;
+  environment.variables.NIX_SKIP_KEYBASE_CHECKS = "1";
+
+  environment.systemPackages = with pkgs; [
+    keybase-gui
+  ];
+}

@@ -0,0 +1,22 @@
+{ config, pkgs, lib, ... }:
+
+{
+  services.tor = {
+    enable = true;
+    client = {
+      enable = true;
+      socksListenAddress = "9050 IPv6Traffic";
+    };
+    torsocks = {
+      enable = true;
+    };
+  };
+  systemd.services.tor.wantedBy = lib.mkForce [];
+  systemd.timers.tor = {
+    description = "Delayed startup of Tor";
+    wantedBy = [ "timers.target" ];
+    timerConfig = {
+      OnActiveSec = "1 min";
+    };
+  };
+}

@@ -25,6 +25,8 @@ ./modules/machines/t470s.nix
     ./modules/programs/accounting.nix
     ./modules/programs/dotfiles.nix
     ./modules/programs/gnupg.nix
+    ./modules/programs/keybase.nix
+    ./modules/programs/tor.nix
     ./modules/programs/i3.nix
     ./modules/programs/infrastructure.nix
     ./modules/programs/passwords.nix