home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit d299d36626f8a431fb0da41092b7e7a2895332c2
parent 14c501feb8eb9ee04ead384aa8424b333d27ecab
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Sun,  3 Jan 2021 08:31:12 +0100

systems: temporary re-add some profiles…

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Asystems/modules/profiles/i3.nix | 36++++++++++++++++++++++++++++++++++++
Asystems/modules/profiles/yubikey.nix | 46++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 82 insertions(+), 0 deletions(-)

diff --git a/systems/modules/profiles/i3.nix b/systems/modules/profiles/i3.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.profiles.desktop.i3; +in +{ + options = { + profiles.desktop.i3 = { + enable = mkEnableOption "Enable i3 desktop profile"; + }; + }; + + config = mkIf cfg.enable { + profiles = { + desktop.enable = true; + }; + services = { + blueman.enable = true; + autorandr.enable = true; + xserver = { + displayManager = { + defaultSession = "none+i3"; + lightdm.enable = true; + lightdm.greeters.pantheon.enable = true; + }; + windowManager.i3.enable = true; + }; + dbus = { + enable = true; + # socketActivated = true; + packages = [ pkgs.gnome3.dconf ]; + }; + }; + }; +} diff --git a/systems/modules/profiles/yubikey.nix b/systems/modules/profiles/yubikey.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.profiles.yubikey; +in +{ + options = { + profiles.yubikey = { + enable = mkEnableOption "Enable yubikey profile"; + u2f = mkOption { + default = true; + description = "wether to enable auth with yubkeys throguh pam using u2f"; + type = types.bool; + }; + }; + }; + config = mkIf cfg.enable (mkMerge [ + { + environment = { + systemPackages = with pkgs; [ + yubico-piv-tool + yubikey-personalization + yubioath-desktop + yubikey-manager + ]; + }; + services = { + pcscd.enable = true; + udev = { + packages = with pkgs; [ yubikey-personalization ]; + extraRules = '' + # Yubico YubiKey + KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", TAG+="uaccess", MODE="0660", GROUP="wheel" + # ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0113|0114|0115|0116|0120|0402|0403|0406|0407|0410", RUN+="${pkgs.systemd}/bin/loginctl lock-sessions" + ''; + }; + }; + } + (mkIf cfg.u2f { + security.pam.u2f = { + enable = true; + }; + }) + ]); +}