mirror of
https://codeberg.org/privacy1st/nix-git
synced 2024-11-23 22:19:33 +01:00
20 lines
1008 B
Markdown
20 lines
1008 B
Markdown
|
# TODOs
|
||
|
|
||
|
This document contains ideas about possible extensions or improvements of my NixOS configuration.
|
||
|
|
||
|
* Nitrokey LUKS unlock
|
||
|
* Yubikey LUKS: https://nixos.wiki/wiki/Yubikey_based_Full_Disk_Encryption_(FDE)_on_NixOS
|
||
|
* Yubikey LUKS: https://github.com/georgewhewell/nixos-host/blob/master/profiles/luks-yubi.nix
|
||
|
* Old wiki entry, initramfs smartcard LUKS unlock: https://wiki.ubuntu.com/SmartCardLUKSDiskEncryption#SmartCard_Setup
|
||
|
* Nitrokey PAM log-in
|
||
|
* https://docs.nitrokey.com/pro/linux/login-with-pam
|
||
|
* You have two options: `pam_p11` or `PAM Poldi`.
|
||
|
* The solution with pam_p11 is more difficult to achieve and is based on S/MIME certificates.
|
||
|
* I could not find pam-poldi for NixOS :/
|
||
|
|
||
|
* Impermanence, opt-in to persistence:
|
||
|
https://github.com/Misterio77/nix-starter-configs/tree/main#try-opt-in-persistance
|
||
|
* nix-shell / lorri
|
||
|
* https://ghedam.at/15978/an-introduction-to-nix-shell
|
||
|
* docker-compose.yml for services and nix-shell to run the code
|