From 04a95a2543ad731a6e7154a995d257f5e071d3a7 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Thu, 2 Jan 2025 09:43:00 -0500 Subject: [PATCH] More failed attempts to get gpg working. --- nix/configuration/roles/gpg/default.nix | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/nix/configuration/roles/gpg/default.nix b/nix/configuration/roles/gpg/default.nix index 760fd90..38dc3ca 100644 --- a/nix/configuration/roles/gpg/default.nix +++ b/nix/configuration/roles/gpg/default.nix @@ -15,7 +15,18 @@ # gpg -vvv --auto-key-locate local,wkd --locate-keys tom@fizz.buzz hardware.gpgSmartcards.enable = true; - services.udev.packages = [ pkgs.yubikey-personalization ]; + services.udev.packages = [ + pkgs.yubikey-personalization + pkgs.libfido2 + (pkgs.writeTextFile { + name = "my-rules"; + text = '' + ACTION=="add", SUBSYSTEM=="usb", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0406", MODE="660", GROUP="wheel" + KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0406", TAG+="uaccess", GROUP="wheel", MODE="0660" + ''; + destination = "/etc/udev/rules.d/50-yubikey.rules"; + }) + ]; services.pcscd.enable = true; # services.gnome.gnome-keyring.enable = true; @@ -36,7 +47,7 @@ }; }; - programs.gnupg.dirmngr.enable = true; + # programs.gnupg.dirmngr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; @@ -87,12 +98,15 @@ environment.systemPackages = with pkgs; [ pcsctools + yubikey-personalization + yubikey-manager ]; # nixpkgs.overlays = [ # (final: prev: { # gnupg = pkgs-unstable.gnupg; # scdaemon = pkgs-unstable.scdaemon; + # libgcrypt = pkgs-unstable.libgcrypt; # }) # ]; @@ -108,4 +122,5 @@ # }) # ]; + programs.gnupg.agent.enableExtraSocket = true; }