mirror of
https://github.com/Swarsel/.dotfiles.git
synced 2025-12-06 09:07:21 +01:00
21 lines
629 B
Nix
21 lines
629 B
Nix
{ lib, config, nixosConfig, ... }:
|
|
let
|
|
inherit (config.swarselsystems) homeDir;
|
|
in
|
|
{
|
|
options.swarselsystems.modules.yubikey = lib.mkEnableOption "yubikey settings";
|
|
|
|
config = lib.mkIf config.swarselsystems.modules.yubikey {
|
|
|
|
sops.secrets = lib.mkIf (!config.swarselsystems.isPublic) {
|
|
u2f_keys = { path = "${homeDir}/.config/Yubico/u2f_keys"; };
|
|
};
|
|
|
|
pam.yubico.authorizedYubiKeys = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
|
|
ids = [
|
|
nixosConfig.repo.secrets.common.yubikeys.dev1
|
|
nixosConfig.repo.secrets.common.yubikeys.dev2
|
|
];
|
|
};
|
|
};
|
|
}
|