make gnupg a dependency of sops

if anything uses a gnupg key, we need the gnupg binary.
Sucks a bit, but at least it makes it work everywhere.

pkgs/clan-cli/clan_cli/secrets/import_sops.py

@@ -30,7 +30,7 @@ def import_sops(args: argparse.Namespace) -> None:
         if args.input_type:
             cmd += ["--input-type", args.input_type]
         cmd += ["--output-type", "json", "--decrypt", args.sops_file]
-        cmd = nix_shell(["nixpkgs#sops"], cmd)
+        cmd = nix_shell(["nixpkgs#sops", "nixpkgs#gnupg"], cmd)
 
         res = run(cmd, RunOpts(error_msg=f"Could not import sops file {file}"))
         secrets = json.loads(res.stdout)

pkgs/clan-cli/clan_cli/secrets/sops.py

@@ -233,7 +233,7 @@ def sops_run(
                 raise ClanError(msg)
         sops_cmd.append(str(secret_path))
 
-        cmd = nix_shell(["nixpkgs#sops"], sops_cmd)
+        cmd = nix_shell(["nixpkgs#sops", "nixpkgs#gnupg"], sops_cmd)
         opts = (
             dataclasses.replace(run_opts, env=environ)
             if run_opts