39 lines
1 KiB
Nix
39 lines
1 KiB
Nix
{
|
|
lib,
|
|
pkgs,
|
|
self,
|
|
...
|
|
}: let
|
|
inherit (lib) mkDefault mkBefore;
|
|
inherit (self.packages.${pkgs.system}) pam-fprint-grosshack;
|
|
|
|
pam_fprintd_grosshackSo = "${pam-fprint-grosshack}/lib/security/pam_fprintd_grosshack.so";
|
|
|
|
# https://wiki.archlinux.org/title/Fprint#Login_configuration
|
|
grosshackConf = ''
|
|
# pam-fprint-grosshack
|
|
auth sufficient ${pam_fprintd_grosshackSo} timeout=99
|
|
auth sufficient pam_unix.so try_first_pass nullok
|
|
'';
|
|
in {
|
|
services.fprintd.enable = true;
|
|
|
|
# https://www.reddit.com/r/NixOS/comments/z7i83r/fingertip_tip_start_fprintd_at_boot_for_a_quick/
|
|
systemd.services.fprintd = {
|
|
wantedBy = ["multi-user.target"];
|
|
serviceConfig.Type = "simple";
|
|
};
|
|
|
|
services.logind.lidSwitch = "lock";
|
|
|
|
security.sudo.extraConfig = ''
|
|
Defaults timestamp_timeout=600
|
|
'';
|
|
|
|
# https://stackoverflow.com/a/47041843
|
|
security.pam.services = {
|
|
sudo.text = mkDefault (mkBefore grosshackConf);
|
|
login.text = mkDefault (mkBefore grosshackConf);
|
|
polkit-1.text = mkDefault (mkBefore grosshackConf);
|
|
};
|
|
}
|