system/services/security.nix at main · matthew-hre.com/flake

matthew-hre.com / flake

fork atom

My NixOS configuration (mirror)

fork atom

flake / system / services / security.nix

at main 32 lines 727 B view raw

wrap content

Matthew Hrehirchuk feat: home manager overhaul (#7) 3mo ago

c99bd7fc

 1{
 2  config,
 3  lib,
 4  ...
 5}: {
 6  options.modules.services.security = {
 7    enable = lib.mkEnableOption "base security";
 8    fingerprintPam.enable = lib.mkEnableOption "fingerprint PAM integration";
 9  };
10
11  config = let
12    cfg = config.modules.services.security;
13  in
14    lib.mkMerge [
15      {
16        security.sudo.enable = true;
17        security.rtkit.enable = true;
18      }
19
20      (lib.mkIf cfg.fingerprintPam.enable {
21        security.pam.services = {
22          hyprlock = {
23            text = "auth include login";
24            enableGnomeKeyring = true;
25          };
26          "polkit-1".fprintAuth = true;
27          greetd.enableGnomeKeyring = true;
28          login.enableGnomeKeyring = true;
29        };
30      })
31    ];
32}