23 lines
405 B
Nix
23 lines
405 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
flake,
|
|
...
|
|
}: let
|
|
psCfg = config.pub-solar;
|
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
|
in {
|
|
age.secrets.u2f_keys = {
|
|
file = "${flake.self}/secrets/u2f_keys.age";
|
|
mode = "400";
|
|
owner = psCfg.user.name;
|
|
path = "${xdg.configHome}/Yubico/u2f_keys";
|
|
};
|
|
|
|
security.pam.services = {
|
|
login.u2fAuth = true;
|
|
sudo.u2fAuth = true;
|
|
};
|
|
}
|