veneficium/sys-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update: modularize users, pam, gnupg, openssh

Browse source
This commit is contained in:
Veneficium 2024-08-14 21:40:54 +02:00
parent 15d7453ff2
commit b708969576
9 changed files with 113 additions and 73 deletions
Download patch file Download diff file Expand all files Collapse all files

16
nixosModules/services/pam.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, ... }: {
options.settings = {
services.pam.enable = lib.mkEnableOption "enables PAM";
services.pam.sshd.useGoogleAuth = lib.mkEnableOption "use pam_google_authenticator.so module";
services.pam.sshd.gnupg = lib.mkEnableOption "enable gnuPG integration";
};
security.pam = lib.mkIf config.settings.services.pam.enable {
services.sshd = {
name = "sshd";
unixAuth = true;
googleAuthenticator.enable = config.settings.services.pam.sshd.useGoogleAuth;
gnupg.enable = config.settings.services.pam.sshd.gnupg;
};
};
}