swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
.dotfiles/modules/nixos/client/polkit.nix
Leon Schwarzäugl 0cb34c98cb
feat: switch proxt host
2025-12-05 02:25:45 +01:00

29 lines
782 B
Nix
Raw Permalink Blame History

{ lib, config, minimal, ... }:
{
options.swarselmodules.security = lib.mkEnableOption "security config";
config = lib.mkIf config.swarselmodules.security {
security = {
# pki.certificateFiles = [
# config.sops.secrets.harica-root-ca.path
# ];
pam.services = lib.mkIf (!minimal) {
login.u2fAuth = true;
sudo.u2fAuth = true;
sshd.u2fAuth = false;
swaylock = {
u2fAuth = true;
fprintAuth = false;
};
};
polkit.enable = lib.mkIf (!minimal) true;
sudo.extraConfig = ''
Defaults env_keep+=SSH_AUTH_SOCK
'' + lib.optionalString (!minimal) ''
Defaults env_keep+=XDG_RUNTIME_DIR
Defaults env_keep+=WAYLAND_DISPLAY
'';
};
};
}
Reference in a new issue View git blame Copy permalink