nixpkgs/nixos/modules/services/security
Philip Potter e4029c34fc yubikey-agent: init at 0.1.3
This adds yubikey-agent as a package and a nixos module.

On macOS, we use `wrapProgram` to set pinentry_mac as default in PATH;
on Linux we rely on the user to set their preferred pinentry in PATH.
In particular, we use a systemd override to prefix PATH to select a
chosen pinentry program if specified.

On Linux, we need libnotify to provide the notify-send utility for
desktop notifications (such as "Waiting for Yubikey touch...").

This might work on other flavors of unix, but I haven't tested.

We reuse the programs.gnupg.agent.pinentryFlavor option for
yubikey-agent, but in doing so I hit a problem: pinentryFlavour's
default value is specified in a mkDefault, but only conditionally.  We
ought to be able to pick up the pinentryFlavour whether or not gpg-agent
is running.  As a result, this commit moves the default value to the
definition of programs.gnupg.agent.enable.
2020-07-16 15:29:33 +01:00
..
bitwarden_rs treewide: per RFC45, remove more unquoted URLs 2020-04-18 14:04:37 +02:00
certmgr.nix nixos/certmgr: Flip either submodule path type 2020-01-08 23:54:45 +01:00
cfssl.nix nixos/cfssl: don't create user/group unless service is enabled 2018-08-21 16:24:31 -04:00
clamav.nix treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
fail2ban.nix fail2ban: fix firewall warning 2020-03-22 18:11:36 +01:00
fprintd.nix fprintd: 0.9.0 -> 1.90.1 2020-05-19 14:03:31 +02:00
fprot.nix treewide: add bool type to enable options, or make use of mkEnableOption 2020-04-21 08:55:36 +02:00
haka.nix nixos/modules: Remove all usages of types.string 2019-08-31 18:19:00 +02:00
haveged.nix
hologram-agent.nix nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
hologram-server.nix nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
munge.nix nixos/modules: Remove all usages of types.string 2019-08-31 18:19:00 +02:00
nginx-sso.nix nixos/nginx.sso: add package option 2020-01-12 14:35:23 +01:00
oauth2_proxy_nginx.nix nixos/modules: Remove all usages of types.string 2019-08-31 18:19:00 +02:00
oauth2_proxy.nix nixos/*: use $out instead of $bin with buildGoPackage 2020-04-28 20:30:29 +10:00
physlock.nix nixos/physlock: add suspend-then-hibernate to suspend/hibernate units 2020-06-16 23:42:56 +02:00
privacyidea.nix privacyidea: address reviews 2020-05-09 12:11:44 +02:00
shibboleth-sp.nix
sks.nix treewide: remove redundant quotes 2019-08-26 21:40:19 +00:00
sshguard.nix nixos/sshguard: use nftables backend if enabled 2020-01-27 14:42:28 +01:00
tor.nix nixos/*: wheter -> whether 2020-07-04 15:20:41 +02:00
torify.nix nixos/tsocks: Add types to the options 2020-01-05 00:15:26 +01:00
torsocks.nix treewide: use attrs instead of list for types.loaOf options 2020-01-06 10:39:18 -05:00
usbguard.nix nixos/usbguard: update systemd sandboxing features 2020-05-24 10:36:07 +02:00
vault.nix nixos/vault: add ExecReload entry 2020-01-24 18:59:13 +01:00
yubikey-agent.nix yubikey-agent: init at 0.1.3 2020-07-16 15:29:33 +01:00