winston/dotfiles
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

feat: enable YubiKey U2F

Browse source
This commit is contained in:
winston 2023-05-19 04:07:58 +02:00
parent 02aee26592
commit 2513c93d26
Signed by: winston
GPG key ID: 3786770EDBC2B481
3 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
home/default.nix
View file

@ -63,4 +63,7 @@ in {
};
xdg.configFile."ideavim/ideavimrc".source = config.lib.file.mkOutOfStoreSymlink "${flakePath}/home/apps/ideavim/ideavimrc";
xdg.configFile."Yubico/u2f_keys".text = ''
winston:+SzANNyl5RpjNZFCthItSi7rQgiNqKNQztm2omNDnMOMNYXbnpoxMY/tqNCqoUtcAnkSmfC1/2E3WMZZ+IupFw==,gw1FnUrGJ2/vsxrcyOP17603yWSSk2OaatqvqkzhiEmRd/FAzWuXYE2YA16SBB9n+f6IypjerPgwY06zOw3DOA==,es256,+presence%
'';
}

4
home/secrets/main.yaml
View file

@ -10,8 +10,8 @@ sops:
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-05-18T13:05:14Z"
mac: ENC[AES256_GCM,data:xhO/z1+FlFJ4L6kJuHWnJIio2LZbUjPSwu4NLtL+oYlhQXLUPBHDdNo3b4tbINuTZYyZsUiTuqJPLbwGg9V92udaYVVhzBHypQulgrfR69zIDkGYx/ZvCMsVVLGWnhvzMDOgfJxkEsU9nXyJinKaalKu7acFB8Tubry4jt0Kkls=,iv:yCmc8IldoU9fiWjqTcRPVD1I1VhWV4TD/QpU12RtUBg=,tag:bsmui6kK66HAi4XvIZO/Lg==,type:str]
lastmodified: "2023-05-19T02:13:25Z"
mac: ENC[AES256_GCM,data:0+s6D0QI8lr6U76UbQw77oqpSjS88Cc+/UC8HtKh363uqBjsaM8aUDoVSlWSHtqZBAHtc1h/BZT6CrS59j16aX8zo5+ciFKjlciRYR2v4fxXPPNMOhYFaas+IhVO3lmg6QlHHQwwW7Xy4knn2yu8iFg4FTGfXssKCLfokB3jiRQ=,iv:GnDpWg0omq2v8IJwDAZ8ZpgVLLVW3KvB6dtd+YJ9kec=,tag:hfPeQSwH8M8RhSkvG+2b0w==,type:str]
pgp:
- created_at: "2023-01-31T05:46:40Z"
enc: |

12
machines/common/linux/greeter.nix
View file

@ -29,8 +29,18 @@ in {
services.greetd.settings.default_session.command = "${lib.getExe config.programs.sway.package} --config ${greetdConfig}";
services.gnome.gnome-keyring.enable = true;
security.pam.services.greetd.gnupg.enable = true;
security.pam = {
u2f = {
enable = true;
cue = true;
};
services.greetd = {
enableGnomeKeyring = true;
u2fAuth = true;
};
};
security.polkit.enable = true;
systemd = {
packages = [pkgs.polkit_gnome];
user.services.polkit-gnome-authentication-agent-1 = {