sys/hardware/yubico.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.local.hardware.yubico;
in {
  options.local.hardware.yubico = {
    enable = mkEnableOption "Yubico hardware support";
  };

  config = mkIf cfg.enable {
    environment.etc."pkcs11/modules/ykcs11".text = ''
      module: ${pkgs.yubico-piv-tool}/lib/libykcs11.so
    '';

    services = {
      pcscd.enable = true;
      udev.packages = [pkgs.yubikey-personalization];
    };
  };
}