Commit bb31bf95aac5

Vincent Demeester <vincent@sbr.pm>
2018-04-18 18:37:42
Update yubikey profile and wakasu (related to yubikey)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent ece92d0
Changed files (2)
machine
wakasu.nix
profiles
yubikey.nix
machine/wakasu.nix
@@ -6,7 +6,7 @@
 			../hardware-configuration.nix
 			../profiles/laptop.nix
 			../profiles/ssh.nix
-			# ../profiles/virtualization.nix
+      ../profiles/yubikey.nix
 			../profiles/dockerization.nix
 			../profiles/dev.go.nix
 			../profiles/dev.python.nix
profiles/yubikey.nix
@@ -1,23 +1,15 @@
 { config, pkgs, ... }:
 
 {
-        security = {
-	        pam.enableU2F = true;
-		pam.services.vincent.u2fAuth = true;
-		sudo.enable = true;
-		# sudo.wheelNeedsPassworld = true;
-	};
-
-	services.pcscd.enable = true;
-	
-	#services.udev.extraRules = ''
+  services.udev.extraRules = ''
     # Yubico YubiKey
-    #KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", TAG+="uaccess"
-   #ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", RUN+="/run/current-system/sw/bin/loginctl lock-sessions"
-#'';
-	environment = {
-		systemPackages = with pkgs; [
-				yubico-piv-tool
-		];
-	};
+    KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", TAG+="uaccess", MODE="0660", GROUP="wheel"
+    # ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
+  '';
+
+  environment = {
+    systemPackages = with pkgs; [
+      yubico-piv-tool
+    ];
+  };
 }