feat: adds yubikey stuff

modules/core/default.nix

@@ -1,17 +1,18 @@
 { ... }:
 {
   imports =
-       [ (import ./bootloader.nix) ]
-    ++ [ (import ./hardware.nix) ]
-    ++ [ (import ./xserver.nix) ]
-    ++ [ (import ./network.nix) ]
-    ++ [ (import ./pipewire.nix) ]
-    ++ [ (import ./program.nix) ]
-    ++ [ (import ./security.nix) ]
-    ++ [ (import ./services.nix) ]
-    ++ [ (import ./system.nix) ]
-    ++ [ (import ./user.nix) ]
-    ++ [ (import ./bluetooth.nix) ]
-    ++ [ (import ./wayland.nix) ];
+       [(import ./bootloader.nix)]
+    ++ [(import ./hardware.nix)]
+    ++ [(import ./xserver.nix)]
+    ++ [(import ./network.nix)]
+    ++ [(import ./pipewire.nix)]
+    ++ [(import ./program.nix)]
+    ++ [(import ./security.nix)]
+    ++ [(import ./services.nix)]
+    ++ [(import ./system.nix)]
+    ++ [(import ./user.nix)]
+    ++ [(import ./bluetooth.nix)]
+    ++ [(import ./yubikey.nix)]
+    ++ [(import ./wayland.nix)];
     # ++ [ (import ./virtualization.nix) ];
 }

modules/core/yubikey.nix

@@ -0,0 +1,25 @@
+{ pkgs, ...}:
+
+{
+  services.udev.packages = [ pkgs.yubikey-personalization ];
+
+  # FIXME Don't forget to create an authorization mapping file for your user (https://nixos.wiki/wiki/Yubikey#pam_u2f)
+  security.pam = {
+    u2f = {
+      enable = true;
+      cue = true;
+      control = "sufficient";
+    };
+
+    services = {
+      login.u2fAuth = true;
+      greetd.u2fAuth = true;
+      sudo.u2fAuth = true;
+      hyprlock.u2fAuth = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    yubikey-manager
+  ];
+}