{ pkgs, ... }@all: with all;
{
  home = {
    packages = with pkgs; [ sshfs ];
    file."vault/ssh/config".text = /* ssh */ ''
      HOST nxace
          HostName ssh.${hyper.domain}
          User ${hyper.user}
          Port 50022
          IdentityFile ~/vault/ssh/nxace-nx2-${hyper.host}

      HOST nxacel
          HostName 10.0.1.1
          User ${hyper.user}
          Port 50022
          IdentityFile ~/vault/ssh/nxace-nx2-${hyper.host}

      HOST nxrpil
          HostName 10.0.1.31
          User ${hyper.user}
          Port 22
      
      HOST nxgit
          HostName ssh.${hyper.domain}
          User git
          Port 50022
          IdentityFile ~/vault/ssh/nxgit-nx2-${hyper.host}
    '';
  };
  # services.gpg-agent = let 
  #   min2sec = min: (min * 60); 
  # in {
  #   enable = true;
  #   verbose = true;
  #   sshKeys = [
  #     "97081264F7FD72D890D496E839AA9A4C7892A7D8" # Keygrip (not Fingerprint!) of [A] Subkey
  #   ];
  #   enableSshSupport = true;
  #   enableFishIntegration = true;
  #   defaultCacheTtlSsh = min2sec 60;
  #   defaultCacheTtl = min2sec 30;
  #   pinentry = {
  #     package = pkgs.pinentry;
  #     program = "pinentry";
  #   };
  #   extraConfig = ''
  #     allow-loopback-pinentry
  #   '';
  # };
}