peripherals/yubikey: init

modules/modules/hardware/form.nix

@@ -16,6 +16,7 @@ in
   config = mkMerge [
     (mkIf cfg.desktop {
       modules.hardware.audio.enable = mkDefault true;
+      modules.hardware.peripherals.yubikey.enable = true;
       info.stationary = mkDefault true;
     })
 
@@ -23,6 +24,7 @@ in
       modules.hardware = {
         wireless.enable = mkDefault true;
         audio.enable = mkDefault true;
+        peripherals.yubikey.enable = true;
       };
 
       hardware = {
@@ -64,6 +66,7 @@ in
           amdgpu = mkDefault true;
         };
         wireless.wifi.enable = true;
+        peripherals.yubikey.enable = true;
       };
 
       hardware.nvidia.powerManagement.enable = false;

modules/modules/hardware/peripherals/yubikey.nix

@@ -0,0 +1,22 @@
+{ config, lib, pkgs, ... }:
+with lib;
+with lib.our;
+let
+  cfg = config.modules.hardware.peripherals.yubikey;
+in
+{
+  options.modules.hardware.peripherals.yubikey = {
+    enable = mkBoolOpt false;
+  };
+  config = mkIf cfg.enable {
+    home.home.packages = with pkgs; [
+      yubikey-manager
+      yubikey-manager-qt
+      yubikey-personalization
+      yubikey-personalization-gui
+      yubico-piv-tool
+    ];
+    services.udev.packages = [ pkgs.yubikey-personalization ];
+    services.pcscd.enable = true;
+  };
+}

users/modules/global/gpg.nix

@@ -2,6 +2,9 @@
   programs.gpg = {
     enable = true;
     homedir = "${config.xdg.dataHome}/gnupg";
+    scdaemonSettings = {
+      disable-ccid = true;
+    };
   };
 
   services.gpg-agent = {