mirror of
https://github.com/nix-community/home-manager
synced 2024-06-30 18:38:31 +02:00
36a53d9f26
This process was automated by [my fork of `nix-doc-munge`]. All
conversions were automatically checked to produce the same DocBook
result when converted back, modulo minor typographical/formatting
differences on the acceptable-to-desirable spectrum.
To reproduce this commit, run:
$ NIX_PATH=nixpkgs=flake:nixpkgs/e7e69199f0372364a6106a1e735f68604f4c5a25 \
nix shell nixpkgs#coreutils \
-c find . -name '*.nix' \
-exec nix run -- github:emilazy/nix-doc-munge/98dadf1f77351c2ba5dcb709a2a171d655f15099 \
{} +
$ ./format
[my fork of `nix-doc-munge`]: https://github.com/emilazy/nix-doc-munge/tree/home-manager
69 lines
1.8 KiB
Nix
69 lines
1.8 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.pam;
|
|
|
|
in {
|
|
meta.maintainers = with maintainers; [ rycee veehaitch ];
|
|
|
|
options = {
|
|
pam.sessionVariables = mkOption {
|
|
default = { };
|
|
type = types.attrs;
|
|
example = { EDITOR = "vim"; };
|
|
description = lib.mdDoc ''
|
|
Environment variables that will be set for the PAM session.
|
|
The variable values must be as described in
|
|
{manpage}`pam_env.conf(5)`.
|
|
|
|
Note, this option will become deprecated in the future and its use is
|
|
therefore discouraged.
|
|
'';
|
|
};
|
|
|
|
pam.yubico.authorizedYubiKeys = {
|
|
ids = mkOption {
|
|
type = with types;
|
|
let
|
|
yubiKeyId = addCheck str (s: stringLength s == 12) // {
|
|
name = "yubiKeyId";
|
|
description = "string of length 12";
|
|
};
|
|
in listOf yubiKeyId;
|
|
default = [ ];
|
|
description = lib.mdDoc ''
|
|
List of authorized YubiKey token IDs. Refer to
|
|
<https://developers.yubico.com/yubico-pam>
|
|
for details on how to obtain the token ID of a YubiKey.
|
|
'';
|
|
};
|
|
|
|
path = mkOption {
|
|
type = types.str;
|
|
default = ".yubico/authorized_yubikeys";
|
|
description = lib.mdDoc ''
|
|
File path to write the authorized YubiKeys,
|
|
relative to {env}`HOME`.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkMerge [
|
|
(mkIf (cfg.sessionVariables != { }) {
|
|
home.file.".pam_environment".text = concatStringsSep "\n"
|
|
(mapAttrsToList (n: v: ''${n} OVERRIDE="${toString v}"'')
|
|
cfg.sessionVariables) + "\n";
|
|
})
|
|
|
|
(mkIf (cfg.yubico.authorizedYubiKeys.ids != [ ]) {
|
|
home.file.${cfg.yubico.authorizedYubiKeys.path}.text =
|
|
concatStringsSep ":"
|
|
([ config.home.username ] ++ cfg.yubico.authorizedYubiKeys.ids);
|
|
})
|
|
];
|
|
}
|