modules/common/security.nix - Coded/nixConfig - Gitiles

 { flakeRoot, ... }: {
   security.pam.services = {
     login.u2fAuth = true;
     sudo.u2fAuth = true;
   };

   security.pam.u2f.authFile = "${flakeRoot}/keys/u2f_mappings";

   security.sudo.extraRules = [
     {
       users = [ "minion" ];
       commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
     }
   ];
 }
	{ flakeRoot, ... }: {
	security.pam.services = {
	login.u2fAuth = true;
	sudo.u2fAuth = true;
	};

	security.pam.u2f.authFile = "${flakeRoot}/keys/u2f_mappings";

	security.sudo.extraRules = [
	{
	users = [ "minion" ];
	commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
	}
	];
	}