diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix
index 39e93669fb49..4ddeb18e8c03 100644
--- a/modules/services/gpg-agent.nix
+++ b/modules/services/gpg-agent.nix
@@ -256,13 +256,25 @@ in {
       '') cfg.sshKeys;
     })
 
+    (mkIf (pkgs.stdenv.isDarwin && cfg.enableSshSupport) {
+      launchd.agents.gpg-agent = {
+        enable = true;
+        config = {
+          ProgramArguments = [ "${gpgPkg}/bin/gpgconf" "--launch" "gpg-agent" ];
+          RunAtLoad = true;
+          KeepAlive.SuccessfulExit = false;
+          EnvironmentVariables.GNUPGHOME = homedir;
+        };
+      };
+    })
+
     # The systemd units below are direct translations of the
     # descriptions in the
     #
     #   ${gpgPkg}/share/doc/gnupg/examples/systemd-user
     #
     # directory.
-    {
+    (mkIf pkgs.stdenv.isLinux {
       assertions = [
         (hm.assertions.assertPlatform "services.gpg-agent" pkgs platforms.linux)
       ];
@@ -300,9 +312,9 @@ in {
 
         Install = { WantedBy = [ "sockets.target" ]; };
       };
-    }
+    })
 
-    (mkIf cfg.enableSshSupport {
+    (mkIf (pkgs.stdenv.isLinux && cfg.enableSshSupport) {
       systemd.user.sockets.gpg-agent-ssh = {
         Unit = {
           Description = "GnuPG cryptographic agent (ssh-agent emulation)";
@@ -322,7 +334,7 @@ in {
       };
     })
 
-    (mkIf cfg.enableExtraSocket {
+    (mkIf (pkgs.stdenv.isLinux && cfg.enableExtraSocket) {
       systemd.user.sockets.gpg-agent-extra = {
         Unit = {
           Description =