summary refs log tree commit diff
path: root/nixos/modules/security/duosec.nix
Commit message (Collapse)AuthorAge
* More derpParnell Springmeyer2017-01-29
|
* Addressing PR feedbackParnell Springmeyer2017-01-28
|
* setcap-wrapper: Merging with upstream master and resolving conflictsParnell Springmeyer2017-01-25
|\
| * duosec module: use enumEric Sagnes2016-11-16
| |
* | Adapting everything for the merged permissions wrappers work.Parnell Springmeyer2016-09-01
| |
* | everything?: Updating every package that depended on the old setuidPrograms ↵Parnell Springmeyer2016-09-01
|/ | | | configuration.
* Fix user-facing typos (mainly in descriptions)Tobias Geerinckx-Rice2014-12-30
|
* nixos/duosec: Add an option to allow TCP forwardingAustin Seipp2014-05-20
| | | | Signed-off-by: Austin Seipp <aseipp@pobox.com>
* Rewrite ‘with pkgs.lib’ -> ‘with lib’Eelco Dolstra2014-04-14
| | | | | | | | Using pkgs.lib on the spine of module evaluation is problematic because the pkgs argument depends on the result of module evaluation. To prevent an infinite recursion, pkgs and some of the modules are evaluated twice, which is inefficient. Using ‘with lib’ prevents this problem.
* nixos: add Duo Security moduleAustin Seipp2014-03-16
This module adds the security.duosec attributes, which you can use to enable simple two-factor authentication for NixOS logins. The module currently provides PAM and SSH support, although the PAM unix system configuration isn't automatically dealt with (although the configuration is automatically built). Enabling it is as easy as saying: security.duosec.ssh.enable = true; security.duosec.ikey = "XXXXXXXX..."; security.duosec.skey = "XXXXXXXX..."; security.duosec.host = "api-XXXXXXX.duosecurity.com"; security.duosec.group = "duosec"; which will enforce two-factor authentication for SSH logins for users in the 'duosec' group. This requires uid/gid support in the environment.etc module. Signed-off-by: Austin Seipp <aseipp@pobox.com>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-06 13:00:50 +0000