2024-03-22 21:16:12 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
let
|
|
|
|
|
cfg = config.sisyphus.hardware.yubikey;
|
|
|
|
|
in {
|
|
|
|
|
options.sisyphus.hardware.yubikey.enable = lib.mkEnableOption "YubiKey support";
|
|
|
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
2024-04-06 23:00:17 +02:00
|
|
|
programs = {
|
|
|
|
|
gnupg.agent = {
|
|
|
|
|
enable = true;
|
|
|
|
|
# TODO Necessary?
|
|
|
|
|
# enableSSHSupport = true;
|
|
|
|
|
# pinentryFlavor = "curses";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# yubikey-touch-detector.enable = true;
|
2024-03-22 21:16:12 +01:00
|
|
|
};
|
2024-03-30 23:05:05 +01:00
|
|
|
|
|
|
|
|
# Enable smart card reading
|
|
|
|
|
services.pcscd.enable = true;
|
2024-04-06 23:00:17 +02:00
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
yubikey-touch-detector
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
# Send a notification if the YubiKey is waiting for touch.
|
|
|
|
|
systemd.user.services.yubikey-touch-detector = {
|
|
|
|
|
enable = true;
|
|
|
|
|
description = "Detects when your YubiKey is waiting for a touch";
|
|
|
|
|
path = with pkgs; [ yubikey-touch-detector ];
|
|
|
|
|
script = ''exec yubikey-touch-detector --notify'';
|
|
|
|
|
environment.YUBIKEY_TOUCH_DETECTOR_LIBNOTIFY = "true";
|
|
|
|
|
};
|
2024-03-22 21:16:12 +01:00
|
|
|
};
|
|
|
|
|
}
|
