feat: add tpm-fido

2023-10-08 22:15:40 +01:00 · 2023-10-08 22:15:40 +01:00 · 813924695b
commit 813924695b
parent 91ee547c48
2 changed files with 39 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -69,6 +69,7 @@
              fsh.homeModules.fsh
              ./home/ash
              ./home/ash/desktop.nix
+              ./home/ash/tpm-fido.nix
              ./home/ash/vscodium.nix
            ];
          };
--- a/home/ash/tpm-fido.nix
+++ b/home/ash/tpm-fido.nix
@ -0,0 +1,38 @@
+{ config, pkgs, lib, ... }:
+let
+  tpm-fido = pkgs.buildGoModule {
+    version = "5f8828b82b58f9badeed65718fca72bc31358c5c";
+    pname = "tpm-fido";
+    src = pkgs.fetchFromGitHub {
+      owner = "psanford";
+      repo = "tpm-fido";
+      rev = "5f8828b82b58f9badeed65718fca72bc31358c5c";
+      hash = "sha256-Yfr5B4AfcBscD31QOsukamKtEDWC9Cx2ee4L6HM2554=";
+    };
+    vendorHash = "sha256-qm/iDc9tnphQ4qooufpzzX7s4dbnUbR9J5L770qXw8Y=";
+    nativeBuildInputs = [ pkgs.makeWrapper ];
+    postInstall = ''
+    wrapProgram $out/bin/tpm-fido --prefix PATH : ${lib.makeBinPath [ pkgs.pinentry.gnome3 ]}
+    '';
+  };
+in
+{
+  systemd.user.services.tpm-fido = {
+    Unit = {
+      Description = "tpm-fido virtual FIDO2 key";
+      StartLimitIntervalSec = 500;
+      StartLimitBurst = 5;
+      PartOf = [ "graphical-session.target" ];
+      Wants = [ "xdg-desktop-autostart.target" ];
+      After = [ "xdg-desktop-autostart.target" ];
+    };
+    Install = {
+      WantedBy = ["xdg-desktop-autostart.target" ];
+    };
+    Service = {
+      ExecStart = "${tpm-fido}/bin/tpm-fido";
+      Restart = "on-failure";
+      RestartSec = "5s";
+    };
+  };
+}