programs/niri: add PAM strategy for swaylock with fprintd

This commit is contained in:
Anthony Rodriguez 2024-10-06 12:11:01 +02:00
parent c7c8108bc4
commit 7b22fd5ca7
Signed by: nezia
GPG key ID: EE3BE97C040A86CE

View file

@ -1,4 +1,10 @@
{inputs, ...}: { {
inputs,
lib,
pkgs,
config,
...
}: {
imports = [ imports = [
inputs.niri.nixosModules.niri inputs.niri.nixosModules.niri
]; ];
@ -6,4 +12,19 @@
programs.niri = { programs.niri = {
enable = true; enable = true;
}; };
# copied from https://github.com/linyinfeng/dotfiles/blob/91b0363b093303f57885cbae9da7f8a99bbb4432/nixos/profiles/graphical/niri/default.nix#L17-L29
security.pam.services.swaylock.text = lib.mkIf config.services.fprintd.enable ''
account required pam_unix.so
# check passwork before fprintd
auth sufficient pam_unix.so try_first_pass likeauth
auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
auth required pam_deny.so
password sufficient pam_unix.so nullok yescrypt
session required pam_env.so conffile=/etc/pam/environment readenv=0
session required pam_unix.so
'';
} }