diff --git a/homes/x86_64-linux/marley@nyx/default.nix b/homes/x86_64-linux/marley@nyx/default.nix
index 55502ff..8463115 100644
--- a/homes/x86_64-linux/marley@nyx/default.nix
+++ b/homes/x86_64-linux/marley@nyx/default.nix
@@ -27,6 +27,7 @@ in
       gh = enabled;
       git = enabled;
       glow = enabled;
+      gpg = enabled;
       journalctl = enabled;
       neo = enabled;
       systemctl = enabled;
diff --git a/modules/home/programs/gpg/default.nix b/modules/home/programs/gpg/default.nix
new file mode 100644
index 0000000..4295d26
--- /dev/null
+++ b/modules/home/programs/gpg/default.nix
@@ -0,0 +1,38 @@
+{
+  lib,
+  config,
+  namespace,
+  pkgs,
+  ...
+}:
+let
+  inherit (lib) mkIf;
+  inherit (lib.${namespace}) mkEnableModule isDesktop;
+
+  cfg = config.${namespace}.programs.gpg;
+in
+{
+  options = mkEnableModule "programs.gpg";
+
+  config = mkIf cfg.enable {
+    # home-manager gpg-agent module doesn't seem to actually install the desired
+    # pinentry program, so we install it here.
+    home.packages = [
+      config.services.gpg-agent.pinentryPackage
+    ];
+
+    programs.gpg = {
+      enable = true;
+    };
+
+    services.gpg-agent = rec {
+      enable = true;
+
+      pinentryPackage = if isDesktop then pkgs.pinentry-gtk2 else pkgs.pinentry-curses;
+
+      # Don't ask for the password very often.
+      defaultCacheTtl = 60480000;
+      maxCacheTtl = defaultCacheTtl;
+    };
+  };
+}
diff --git a/old/home/programs/gpg.nix b/old/home/programs/gpg.nix
deleted file mode 100644
index 242863b..0000000
--- a/old/home/programs/gpg.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ pkgs, ... }:
-{
-  programs.gpg = {
-    enable = true;
-  };
-
-  services.gpg-agent = rec {
-    enable = true;
-
-    # TODO: Set this to pinentry-curses on non-GUI systems.
-    pinentryPackage = pkgs.pinentry-gtk2;
-
-    # Don't ask for the password very often.
-    defaultCacheTtl = 60480000;
-    maxCacheTtl = defaultCacheTtl;
-  };
-}