Testing
This commit is contained in:
parent
e0b3062ee3
commit
569b9c3cae
3 changed files with 16 additions and 3 deletions
|
@ -13,6 +13,13 @@ keys:
|
|||
- &host_nuc-server
|
||||
|
||||
creation_rules:
|
||||
|
||||
- path_regex: secrets\/yubikey\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
- *user_albert
|
||||
- *host_nixos-framework
|
||||
|
||||
- path_regex: secrets\/secrets\.yaml$
|
||||
key_groups:
|
||||
- pgp:
|
||||
|
|
|
@ -4,9 +4,15 @@
|
|||
debug = true;
|
||||
control = "required";
|
||||
mode = "challenge-response";
|
||||
challengeResponsePath = /run/secrets/yubikey/;
|
||||
id = [ "18550256" ];
|
||||
};
|
||||
|
||||
sops.secrets."yubikey/albert-18550256" = {
|
||||
owner = "root";
|
||||
sopsFile = ../../secrets/yubikey.yaml;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
yubico-pam
|
||||
];
|
||||
|
@ -17,6 +23,6 @@
|
|||
ENV{ID_MODEL_ID}=="0407",\
|
||||
ENV{ID_VENDOR_ID}=="1050",\
|
||||
ENV{ID_VENDOR}=="Yubico",\
|
||||
RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
|
||||
RUN+="shutdown -h now"
|
||||
'';
|
||||
}
|
||||
|
|
|
@ -9,8 +9,8 @@ sops:
|
|||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-04-28T11:40:09Z"
|
||||
mac: ENC[AES256_GCM,data:0nfSYSCUKe4G5977jBuM8eQK531CkoA+rlrWGU6Dy8ukXkDCY3uG7nozKrbWgKFsiK22anfiHedcZbJ10tPvPGJK1WGiY26049cYoaDCCGGeZWS04YhbMomvNDRj2sqnj7NNcveJeLTThSSrkzv1f/KSSlnnuB8V3YjlrdX5D00=,iv:P4b+QtAz5QRwZfSONrg7YV7PhSZuTNrAfDJNxpq4gYk=,tag:JR4FZv8FMFCyHKJ4Pz6i5Q==,type:str]
|
||||
lastmodified: "2024-05-05T07:52:02Z"
|
||||
mac: ENC[AES256_GCM,data:xe5E4B0nIyAAEs7dJVlJOFiuC/xM8RCZ8/Gxj5C+kgcVRMqiL+UoaXMb6N4c5hAJDSbbF6SwDwqTy+bmZu7aV0NSoClICJl/zuyc1jPQrIFf/8GUWDe654mqSmsOijXPsNvPWWC+h2QDSEcut8fe1WQag6RA61ri4fL4ih4VukA=,iv:966NPVYUEdBspI7WhvutngvRs5SgwI+wyDVhldG9IqA=,tag:Pvmeir7NCw8mbN9rtoYsDg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-04-28T00:33:16Z"
|
||||
enc: |-
|
||||
|
|
Loading…
Reference in a new issue