diff --git a/nix/overlays/gpg-key/default.nix b/nix/overlays/gpg-key/default.nix
index 3d8c67d..56a794b 100644
--- a/nix/overlays/gpg-key/default.nix
+++ b/nix/overlays/gpg-key/default.nix
@@ -5,7 +5,7 @@ final: prev:
       name = "gpg-key";
       file = ./gpg-key;
       substitutes = with prev; {
-        inherit cryptsetup busybox findutils;
+        inherit cryptsetup busybox findutils gnupg sudo;
       };
     };
 
diff --git a/nix/overlays/gpg-key/gpg-key b/nix/overlays/gpg-key/gpg-key
index 518f490..ef3654d 100644
--- a/nix/overlays/gpg-key/gpg-key
+++ b/nix/overlays/gpg-key/gpg-key
@@ -1,6 +1,6 @@
  # -*- mode: shell-script; -*- 
 
-export PATH=@findutils@/bin:@busybox@/bin:@cryptsetup@/bin
+export PATH=@findutils@/bin:@busybox@/bin:@cryptsetup@/bin:@gnupg@/bin:@sudo@/bin
 
 command="$1"
 
@@ -13,14 +13,17 @@ fi
 set -e
 case "$command" in
      "open")
-	 cryptsetup open /dev/disk/by-label/secret secret
+	 cryptsetup open /dev/disk/by-label/addhe addhe
 	 mkdir -p /mnt/key
 
-	 mount /dev/mapper/secret /mnt/key
+	 mount /dev/mapper/addhe /mnt/key
+	 sudo -u $SUDO_USER gpg-agent --daemon
      ;;
      "close")
+	 sudo -u $SUDO_USER pkill gpg-agent
+
 	 umount /mnt/key
-	 cryptsetup close secret
+	 cryptsetup close addhe
 
 	 rm -r /mnt/key
 	 if [ -n "$(find /mnt -maxdepth 0 -empty)" ]