From 2ffcd13afcf52610c90ce76711bbc41a381bcd6f Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kjetil.orbekk@gmail.com>
Date: Fri, 19 May 2017 09:51:10 -0400
Subject: yubikey: Working U2F config.

---
 config/desktop.nix |  1 -
 config/users.nix   |  3 ++-
 config/yubikey.nix | 14 ++++++++++++++
 3 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 config/yubikey.nix

(limited to 'config')

diff --git a/config/desktop.nix b/config/desktop.nix
index 88251d9..68b994d 100644
--- a/config/desktop.nix
+++ b/config/desktop.nix
@@ -43,7 +43,6 @@
     xscreensaver
     xsel  # used by urxvt clipboard
     xss-lock
-    yubikey-personalization
   ];
 
   services = {
diff --git a/config/users.nix b/config/users.nix
index 78f8473..64ea70b 100644
--- a/config/users.nix
+++ b/config/users.nix
@@ -8,13 +8,14 @@
         home = "/home/orbekk";
         uid = 1000;
         description = "KJ";
-        extraGroups = ["wheel" "networkmanager" "dialout" "uucp" "audio" "input"];
+        extraGroups = ["wheel" "networkmanager" "dialout" "uucp" "audio" "plugdev"];
         openssh.authorizedKeys.keyFiles = [ ../data/pincer_rsa.pub ];
       };
       fcgi = { name = "fcgi"; group = "fcgi"; uid = 500; };
     };
     extraGroups = {
       fcgi = { name = "fcgi"; gid = 500; };
+      plugdev = { name = "plugdev"; gid = 501; };
     };
   };
 }
diff --git a/config/yubikey.nix b/config/yubikey.nix
new file mode 100644
index 0000000..78be8db
--- /dev/null
+++ b/config/yubikey.nix
@@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+let
+  yubikey-pkgs = with pkgs; [
+    libusb
+    libu2f-host
+    yubikey-personalization
+    yubikey-manager
+  ];
+in
+{
+  services.pcscd.enable = true;
+  environment.systemPackages = yubikey-pkgs;
+  services.udev.packages = yubikey-pkgs;
+}
-- 
cgit v1.2.3