move hardware key configs into one file

2024-03-05 13:49:22 +01:00 · 2024-03-05 13:49:22 +01:00 · ede1765ee8
commit ede1765ee8
parent 7829fcd0ce
6 changed files with 24 additions and 98 deletions
--- a/modules/desktop/specific-hardware/default.nix
+++ b/modules/desktop/specific-hardware/default.nix
@ -7,5 +7,6 @@
  imports = [
    ./spacenav.nix
    ./wacom.nix
+    ./hardware_key.nix
  ];
 }
--- a/modules/desktop/specific-hardware/hardware_key.nix
+++ b/modules/desktop/specific-hardware/hardware_key.nix
@ -0,0 +1,20 @@
+{pkgs, ...}: {
+  # nitrokey
+  services.udev.packages = [pkgs.nitrokey-udev-rules];
+
+  # smartcard daemon
+  services.pcscd.enable = true;
+
+  # authenticate using hw key
+  security.pam = {
+    services.jade.u2fAuth = true;
+    u2f = {
+      enable = true;
+      cue = true;
+      control = "sufficient";
+      authFile = "/home/jade/.ssh/u2f_keys";
+    };
+  };
+
+  programs.i3lock.u2fSupport = true;
+}