Merge pull request #240708 from corngood/gpg-pinentry-fix

- `services.prometheus.exporters` has a new [exporter](https://github.com/hipages/php-fpm_exporter) to monitor PHP-FPM processes, see [#240394](https://github.com/NixOS/nixpkgs/pull/240394) for more details.

- `programs.gnupg.agent.pinentryFlavor` is now set in `/etc/gnupg/gpg-agent.conf`, and will no longer take precedence over a `pinentry-program` set in `~/.gnupg/gpg-agent.conf`.

## Nixpkgs internals {#sec-release-23.11-nixpkgs-internals}

- The `qemu-vm.nix` module by default now identifies block devices via

      defaultText = literalMD ''matching the configured desktop environment'';

      description = lib.mdDoc ''

        Which pinentry interface to use. If not null, the path to the

        pinentry binary will be passed to gpg-agent via commandline and

        thus overrides the pinentry option in gpg-agent.conf in the user's

        home directory.

        pinentry binary will be set in /etc/gnupg/gpg-agent.conf.

        If not set at all, it'll pick an appropriate flavor depending on the

        system configuration (qt flavor for lxqt and plasma5, gtk2 for xfce

        4.12, gnome3 on all other systems with X enabled, ncurses otherwise).

  };

  config = mkIf cfg.agent.enable {

    environment.etc."gnupg/gpg-agent.conf".text = ''

    environment.etc."gnupg/gpg-agent.conf".text =

      lib.optionalString (cfg.agent.pinentryFlavor != null) ''

      pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry

    '';

    # This overrides the systemd user unit shipped with the gnupg package

    systemd.user.services.gpg-agent = mkIf (cfg.agent.pinentryFlavor != null) {

    systemd.user.services.gpg-agent = {

      unitConfig = {

        Description = "GnuPG cryptographic agent and passphrase cache";

        Documentation = "man:gpg-agent(1)";