mirror of
https://github.com/Ahwxorg/nixos-config.git
synced 2026-03-19 07:40:30 +01:00
66 lines
1.4 KiB
Nix
66 lines
1.4 KiB
Nix
{
|
|
pkgs,
|
|
inputs,
|
|
config,
|
|
username,
|
|
host,
|
|
...
|
|
}:
|
|
{
|
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
|
|
|
# FIXME Don't forget to create an authorization mapping file for your user (https://nixos.wiki/wiki/Yubikey#pam_u2f)
|
|
security.pam = {
|
|
u2f = {
|
|
enable = true;
|
|
settings.cue = true;
|
|
control = "sufficient";
|
|
};
|
|
|
|
services = {
|
|
pcscd.enable = true;
|
|
login.u2fAuth = false;
|
|
greetd.u2fAuth = false;
|
|
sudo.u2fAuth = true;
|
|
swaylock.fprintAuth =
|
|
if (host == "sakura") then
|
|
true
|
|
else if (host == "april") then
|
|
true
|
|
else
|
|
false;
|
|
hyprlock.u2fAuth = false;
|
|
hyprlock.fprintAuth =
|
|
if (host == "sakura") then
|
|
true
|
|
else if (host == "april") then
|
|
true
|
|
else
|
|
false;
|
|
};
|
|
};
|
|
|
|
services.fprintd = {
|
|
enable =
|
|
if (host == "sakura") then
|
|
true
|
|
else if (host == "april") then
|
|
true
|
|
else
|
|
false;
|
|
#tod.enable = if (config.services.fprintd.enable) then true else false;
|
|
#tod.driver =
|
|
# if (host == "sakura") then
|
|
# pkgs.libfprint-2-tod1-goodix
|
|
# else if (host == "april") then
|
|
# pkgs.libfprint-2-tod1-vfs0090
|
|
# else
|
|
# null;
|
|
};
|
|
|
|
nixpkgs.config.allowBroken = true;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
yubikey-manager
|
|
];
|
|
}
|