Commit 9dc03ef
Changed files (2)
home
linux
gui
modules
nixos
desktop
home/linux/gui/misc.nix
@@ -40,6 +40,10 @@ in {
];
};
+ # Fix pcsc conflict
+ # https://github.com/LudovicRousseau/PCSC/issues/65
+ programs.gpg.scdaemonSettings.disable-ccid = true;
+
# allow fontconfig to discover fonts and configurations installed through home.packages
# Install fonts at system-level, not user-level
fonts.fontconfig.enable = false;
modules/nixos/desktop/security.nix
@@ -6,4 +6,23 @@
enableSSHSupport = false;
settings.default-cache-ttl = 4 * 60 * 60; # 4 hours
};
+
+ services.udev.packages = [pkgs.yubikey-personalization];
+ # Locking the screen when a Yubikey is unplugged
+ # https://nixos.wiki/wiki/Yubikey#Locking_the_screen_when_a_Yubikey_is_unplugged
+ services.udev.extraRules = ''
+ ACTION=="remove",\
+ ENV{ID_BUS}=="usb",\
+ ENV{ID_MODEL_ID}=="0407",\
+ ENV{ID_VENDOR_ID}=="1050",\
+ ENV{ID_VENDOR}=="Yubico",\
+ RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
+ '';
+ hardware.gpgSmartcards.enable = true;
+ services.pcscd.enable = true;
+
+ security.pam.services = {
+ login.u2fAuth = true;
+ sudo.u2fAuth = true;
+ };
}