From ae5a3ffc15a2c0ff21e72344f0c610e5dd6b490b Mon Sep 17 00:00:00 2001
From: Michael Mandl <mandlm@molez.net>
Date: Sun, 5 Nov 2023 18:25:07 +0100
Subject: [PATCH] feat: allow yubikey otp authentication

---
 configuration.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/configuration.nix b/configuration.nix
index 283960e..5c80b80 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -73,6 +73,13 @@
     polkit.enable = true;
     rtkit.enable = true;
     pam.services.swaylock = { };
+
+    pam.yubico = {
+      enable = true;
+      mode = "challenge-response";
+      id = [ "23664350" ];
+      control = "sufficient";
+    };
   };
 
   environment.systemPackages = with pkgs; [
@@ -87,6 +94,8 @@
     wlr.enable = true;
   };
 
+  services.udev.packages = [ pkgs.yubikey-personalization ];
+
   services.pipewire = {
     enable = true;
     wireplumber.enable = true;