an attempt at moving the u2f thing into nix

This commit is contained in:
jacekpoz 2024-06-09 17:28:35 +02:00
parent 02feef64ac
commit 0ed92091fd
Signed by: poz
SSH key fingerprint: SHA256:JyLeVWE4bF3tDnFeUpUaJsPsNlJyBldDGV/dIKSLyN8
3 changed files with 15 additions and 0 deletions

View file

@ -1,3 +1,9 @@
# {
# config,
# ...
# }: let
# # inherit (config.myOptions.other.system) username;
# in {
_: {
security.pam = {
services = {
@ -5,4 +11,12 @@ _: {
sudo.u2fAuth = true;
};
};
# age.secrets.yubikey-u2f-keys.file = ../../secrets/yubikey-u2f-keys.age;
# environment.etc."Yubico/u2f_keys".source = config.age.secrets.yubikey-u2f-keys.path;
# home-manager.users.${username} = {
# xdg.configFile."Yubico/u2f_keys".source = /etc/Yubico/u2f_keys;
# };
}

View file

@ -19,4 +19,5 @@ in {
"forgejo-runner-token.age".publicKeys = niks ++ chmura ++ del;
"plausible-secret-keybase.age".publicKeys = niks ++ chmura ++ del;
"plausible-admin-password.age".publicKeys = niks ++ chmura ++ del;
"yubikey-u2f-keys.age".publicKeys = niks ++ chmura ++ del;
}

Binary file not shown.