blob: c508b1ee71173449a95d339f0054aea2db83697c [file] [log] [blame]
{ config, lib, ... }: {
options = {
chimera.yubikey.enable = lib.mkEnableOption "Enable support for YuibKeys";
chimera.yubikey.pam.enable = lib.mkEnableOption "Enable Login and sudo via YubiKey";
};
config = lib.mkIf config.chimera.yubikey.enable {
services.pcscd.enable = true;
security.pam.u2f.settings.cue = true;
security.pam.services = lib.mkIf config.chimera.yubikey.pam.enable {
login.u2fAuth = true;
sudo.u2fAuth = true;
};
};
}