sercanto/mio-ops
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

yubikey: updated image for key rotation

Browse source
This commit is contained in:
Craige McWhirter 2021-01-28 15:37:16 +10:00
parent 95764e6878
commit f3c5f1d377
Signed by: sercanto
GPG key ID: 7DBA9F5689EFB6AA
1 changed files with 6 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
images/usb-yubikey.nix
View file

@ -5,7 +5,8 @@
{ nixpkgs? <nixpkgs>, system ? "x86_64-linux" }: { nixpkgs? <nixpkgs>, system ? "x86_64-linux" }:
let let
config = { pkgs, ... }: { config = { pkgs, ... }:
with pkgs; {
imports = [<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>]; imports = [<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>];
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ];
boot.kernelParams = [ "console=ttyS0,115200n8" ]; boot.kernelParams = [ "console=ttyS0,115200n8" ];
@ -17,16 +18,16 @@ let
}; };
}; };
services.pcscd.enable = true; services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ]; services.udev.packages = [ yubikey-personalization ];
environment.systemPackages = with pkgs; [ environment.systemPackages = [
curl # Tool for transferring files with URL syntax curl # Tool for transferring files with URL syntax
gnupg # GNU Privacy Guard gnupg # GNU Privacy Guard
paperkey # Store OpenPGP or GnuPG on paper paperkey # Store OpenPGP or GnuPG on paper
pinentry_ncurses # GnuPGs interface to passphrase input pinentry # GnuPGs interface to passphrase input
wget # Retrieve files using HTTP, HTTPS, and FTP wget # Retrieve files using HTTP, HTTPS, and FTP
]; ];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
services.openssh.enable = false; #services.openssh.enable = false;
}; };
evalNixos = configuration: import <nixpkgs/nixos> { evalNixos = configuration: import <nixpkgs/nixos> {
inherit system configuration; inherit system configuration;