blob: eb3cf06b4270ff60ab520afc09d4c5ec84bd9d5c [file] [log] [blame]
Skyler Grey63904432024-02-20 23:25:45 +00001{ config, lib, ... }: {
2 options = {
3 chimera.yubikey.enable = lib.mkEnableOption "Enable support for YuibKeys";
PineaFan8af65a72024-04-20 21:00:21 +01004 chimera.yubikey.pam.enable = lib.mkEnableOption "Enable Login and sudo via YubiKey";
Skyler Grey63904432024-02-20 23:25:45 +00005 };
6
7 config = lib.mkIf config.chimera.yubikey.enable {
8 services.pcscd.enable = true;
PineaFan8af65a72024-04-20 21:00:21 +01009 security.pam.u2f.cue = true;
10 security.pam.services = lib.mkIf config.chimera.yubikey.pam.enable {
11 login.u2fAuth = true;
12 sudo.u2fAuth = true;
13 };
Skyler Grey63904432024-02-20 23:25:45 +000014 };
15}