diff --git a/flake.nix b/flake.nix
index f21d933..2a772a9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -43,11 +43,17 @@
         # For all architecture variants of Darwin, we don't want only dotfiles.
         aarch64-darwin.homeConfigurations.spot = homeManager {
           system = "aarch64-darwin";
-          specialArgs.desktop = true;
+          specialArgs = {
+            desktop = true;
+            gpg = true;
+          };
         };
         x86_64-darwin.homeConfigurations.spot = homeManager {
           system = "x86_64-darwin";
-          specialArgs.desktop = true;
+          specialArgs = {
+            desktop = true;
+            gpg = true;
+          };
         };
       };
     };
diff --git a/home/desktop.nix b/home/desktop.nix
index 6f004c7..0a46f31 100644
--- a/home/desktop.nix
+++ b/home/desktop.nix
@@ -48,21 +48,4 @@
     yt-dlp
     zola
   ];
-
-  # GPG
-  programs.gpg.enable = true;
-  home.file.".gnupg/gpg-agent.conf" = lib.mkIf pkgs.stdenv.isDarwin {
-    text = ''
-      pinentry-program "${pkgs.pinentry_mac}/Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac"
-    '';
-  };
-
-  # password-store
-  programs.password-store = {
-    enable = true;
-    package = pkgs.pass.withExtensions (exts: [exts.pass-otp]);
-    settings = {
-      PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store";
-    };
-  };
 }
diff --git a/home/gpg.nix b/home/gpg.nix
new file mode 100644
index 0000000..bdd3278
--- /dev/null
+++ b/home/gpg.nix
@@ -0,0 +1,28 @@
+{ config, lib, pkgs, ... }:
+
+{
+  # GPG
+  programs.gpg.enable = true;
+  home.file.".gnupg/gpg-agent.conf" = lib.mkIf pkgs.stdenv.isDarwin {
+    text = ''
+      pinentry-program "${pkgs.pinentry_mac}/Applications/pinentry-mac.app/Contents/MacOS/pinentry-mac"
+    '';
+  };
+
+  # password-store
+  programs.password-store = {
+    enable = true;
+    package = pkgs.pass.withExtensions (exts: [exts.pass-otp]);
+    settings = {
+      PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store";
+    };
+  };
+
+  # Only specify signing if GPG is otherwise being pulled in;
+  # i.e. in a prompt configuration.
+  programs.git.signing = {
+    key = "6EF6CBB6420B81DA3CCACFEA874AA355B3209BDC";
+    signByDefault = true;
+  };
+
+}
diff --git a/home/home.nix b/home/home.nix
index 312d948..b05de70 100644
--- a/home/home.nix
+++ b/home/home.nix
@@ -2,6 +2,7 @@
 
 let
   desktop = specialArgs.desktop or false;
+  gpg = specialArgs.gpg or false;
 in {
   # It's standard convention that Darwin has the username
   # "spot" - "spotlight" was reserved by the system at some point.
@@ -23,12 +24,6 @@ in {
     
     userName = "Spotlight";
     userEmail = "spotlight@joscomputing.space";
-    # Only specify signing if GPG is otherwise being pulled in;
-    # i.e. in a prompt configuration.
-    signing = {
-      key = "6EF6CBB6420B81DA3CCACFEA874AA355B3209BDC";
-      signByDefault = true;
-    };
     extraConfig = {
       color.ui = "auto";
       pull.rebase = true;
@@ -45,7 +40,9 @@ in {
     ./prompt.nix
   ]
   # Primarily GUI applications for desktop usage
-  ++ (lib.optional (desktop) ./desktop.nix);
+  ++ (lib.optional (desktop) ./desktop.nix)
+  # Configuration reliant on GPG keys being available
+  ++ (lib.optional (gpg) ./desktop.nix);
 
   # This value determines the Home Manager release that your
   # configuration is compatible with. This helps avoid breakage