palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update yubikey-image.nix

Browse source
This commit is contained in:
Ingolf Wagner 2024-08-14 11:24:08 +02:00
parent 96ee5a488e
commit aed8c552ba
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
1 changed files with 38 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
images/yubikey-image.nix
View file

@ -1,7 +1,22 @@
# NixOS livesystem to generate yubikeys in an air-gapped manner # NixOS livesystem to generate yubikeys in an air-gapped manner
# screenshot: https://dl.thalheim.io/wmxIqucOEo2xuLk0Ut45fQ/yubikey-live-system.png # screenshot: https://dl.thalheim.io/wmxIqucOEo2xuLk0Ut45fQ/yubikey-live-system.png
# $ nixos-generator -f iso -c yubikey-image.nix # $ nix-shell -p nixos-generate --run "nixos-generate -f iso -c yubikey-image.nix"
{ pkgs, ... }: { { pkgs, ... }:
let
guide = pkgs.stdenv.mkDerivation {
name = "yubikey-guide-2019-01-21.html";
src = pkgs.fetchFromGitHub {
owner = "drduh";
repo = "YubiKey-Guide";
rev = "035d98ebbed54a0218ccbf23905054d32f97508e";
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
};
buildInputs = [ pkgs.pandoc ];
installPhase =
"pandoc --highlight-style pygments -s --toc README.md -o $out";
};
in
{
environment.interactiveShellInit = '' environment.interactiveShellInit = ''
export GNUPGHOME=/run/user/$(id -u)/gnupghome export GNUPGHOME=/run/user/$(id -u)/gnupghome
if [ ! -d $GNUPGHOME ]; then if [ ! -d $GNUPGHOME ]; then
@ -9,8 +24,7 @@
fi fi
cp ${ cp ${
pkgs.fetchurl { pkgs.fetchurl {
url = url = "https://raw.githubusercontent.com/drduh/config/662c16404eef04f506a6a208f1253fee2f4895d9/gpg.conf";
"https://raw.githubusercontent.com/drduh/config/662c16404eef04f506a6a208f1253fee2f4895d9/gpg.conf";
sha256 = "118fmrsn28fz629y7wwwcx7r1wfn59h3mqz1snyhf8b5yh0sb8la"; sha256 = "118fmrsn28fz629y7wwwcx7r1wfn59h3mqz1snyhf8b5yh0sb8la";
} }
} "$GNUPGHOME/gpg.conf" } "$GNUPGHOME/gpg.conf"
@ -19,6 +33,9 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
yubikey-personalization yubikey-personalization
yubikey-personalization-gui
yubikey-manager
yubikey-manager-qt
cryptsetup cryptsetup
pwgen pwgen
midori midori
@ -35,34 +52,24 @@
networking.wireless.enable = false; networking.wireless.enable = false;
networking.dhcpcd.enable = false; networking.dhcpcd.enable = false;
services.mingetty.helpLine = "The 'root' account has an empty password."; services.getty.helpLine = "The 'root' account has an empty password.";
services.displayManager = {
defaultSession = "xfce";
autoLogin = {
enable = true;
user = "root";
};
};
services.xserver = { services.xserver = {
enable = true; enable = true;
displayManager.auto.enable = true; desktopManager = {
desktopManager =
let
guide = pkgs.stdenv.mkDerivation {
name = "yubikey-guide-2019-01-21.html";
src = pkgs.fetchFromGitHub {
owner = "drduh";
repo = "YubiKey-Guide";
rev = "035d98ebbed54a0218ccbf23905054d32f97508e";
sha256 = "0rzy06a5xgfjpaklxdgrxml24d0vhk78lb577l3z4x7a2p32dbyq";
};
buildInputs = [ pkgs.pandoc ];
installPhase =
"pandoc --highlight-style pygments -s --toc README.md -o $out";
};
in
{
default = "xfce";
xterm.enable = false; xterm.enable = false;
xfce.enable = true; xfce.enable = true;
xfce.extraSessionCommands = '' };
displayManager = {
sessionCommands = ''
${pkgs.midori}/bin/midori ${guide} & ${pkgs.midori}/bin/midori ${guide} &
${pkgs.xfce.terminal}/bin/xfce4-terminal &
''; '';
}; };
}; };