Acasă Explorează Ajutor
Autentificare
control
/
home
1
0
Bifurcare 0
Fisiere
Arbore: 24699b6a7d
Ramuri Etichete
home
/
users
/
thomas
/
desktop
/
yubikey.nix

yubikey.nix 911 B
Istoric Crud

1234567891011121314151617181920212223242526272829303132333435363738 
  1. { lib, pkgs, ... }:
    2. 

  2. 

  3. with lib;
    4. 

  4. 

  5. let
    6. 

  6.   inherit (pkgs.stdenv.hostPlatform) isLinux;
    7. 

  7. in
    8. 

  8. {
    9. 

  9.   programs.gpg = {
    10. 

  10.     settings = {
    11. 

  11.       no-comments = true;
    12. 

  12.       no-emit-version = true;
    13. 

  13.       no-symkey-cache = true;
    14. 

  14.       default-new-key-algo = "ed25519/cert,sign+cv25519/encr";
    15. 

  15.       personal-cipher-preferences = "AES256 CAMELLIA256 AES192 CAMELLIA192 AES CAMELLIA128";
    16. 

  16.       personal-compress-preferences = "ZLIB BZIP2 ZIP Uncompressed";
    17. 

  17.       personal-digest-preferences = "SHA512 SHA384 SHA256";
    18. 

  18.       pinentry-mode = "loopback";
    19. 

  19.     };
    20. 

  20. 

  21.     scdaemonSettings = {
    22. 

  22.       reader-port = "Yubico Yubi";
    23. 

  23.       disable-ccid = true;
    24. 

  24.     };
    25. 

  25.   };
    26. 

  26. 

  27.   services.gpg-agent = mkIf isLinux {
    28. 

  28.     enable = mkDefault true;
    29. 

  29.     enableBashIntegration = true;
    30. 

  30.     enableFishIntegration = true;
    31. 

  31.     enableSshSupport = true;
    32. 

  32.     pinentryFlavor = "curses";
    33. 

  33.     sshKeys = [
    34. 

  34.       "0C8022799396573FE31D595B2C4B60B871618D9C"
    35. 

  35.     ];
    36. 

  36.   };
    37. 

  37. }
    38. 

  38.