2023-01-21 19:03:24 +01:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
2023-01-27 12:09:49 +01:00
|
|
|
# email passwords
|
|
|
|
sops.secrets."email/tu-dresden".owner = "rouven";
|
|
|
|
sops.secrets."email/rfive".owner = "rouven";
|
|
|
|
sops.secrets."email/google".owner = "rouven";
|
2023-01-31 16:16:03 +01:00
|
|
|
sops.secrets."email/ifsr".owner = "rouven";
|
2023-01-27 12:09:49 +01:00
|
|
|
|
2023-01-21 19:03:24 +01:00
|
|
|
# generate system completions
|
|
|
|
programs.zsh.enable = true;
|
|
|
|
|
|
|
|
# fixes pam entries for swaylock
|
|
|
|
security.pam.services.swaylock.text = ''
|
|
|
|
# Account management.
|
|
|
|
account required pam_unix.so
|
|
|
|
|
|
|
|
# Authentication management.
|
|
|
|
|
|
|
|
auth sufficient pam_unix.so nullok likeauth try_first_pass
|
|
|
|
auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
|
|
|
|
auth required pam_deny.so
|
|
|
|
|
|
|
|
# Password management.
|
|
|
|
password sufficient pam_unix.so nullok sha512
|
|
|
|
|
|
|
|
# Session management.
|
|
|
|
session required pam_env.so conffile=/etc/pam/environment readenv=0
|
|
|
|
session required pam_unix.so
|
|
|
|
'';
|
|
|
|
}
|