27 lines
877 B
Bash
Executable File
27 lines
877 B
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Configure FIDO2 support declaratively for Nomarchy NixOS.
|
|
|
|
STATE_FILE="/etc/nixos/state.json"
|
|
|
|
if [[ "--remove" == $1 ]]; then
|
|
sudo jq '.features.fido2 = false' "$STATE_FILE" > /tmp/state.json && sudo mv /tmp/state.json "$STATE_FILE"
|
|
echo "FIDO2 support disabled. Applying changes..."
|
|
sudo nomarchy-sys-update
|
|
exit 0
|
|
fi
|
|
|
|
sudo jq '.features.fido2 = true' "$STATE_FILE" > /tmp/state.json && sudo mv /tmp/state.json "$STATE_FILE"
|
|
echo "FIDO2 support enabled. Applying changes..."
|
|
sudo nomarchy-sys-update
|
|
|
|
# Enrollment is still an imperative action
|
|
if command -v pamu2fcfg &> /dev/null; then
|
|
echo "Let's register your FIDO2 key now."
|
|
mkdir -p ~/.config/Yubico
|
|
pamu2fcfg > ~/.config/Yubico/u2f_keys
|
|
echo "FIDO2 key registered."
|
|
else
|
|
echo "pamu2fcfg not found. It will be available after the next reboot or sys-update."
|
|
fi
|