nitrokey: Force learn keys from card on plug

This allows the signing key to be shared among multiple nitrokeys.
2024-01-22 00:28:58 +01:00 · 2024-01-22 00:28:58 +01:00 · 04c7bc089f
parent 04a0a6e5ff
commit 04c7bc089f
1 changed files with 10 additions and 0 deletions
--- a/modules/nitrokey.nix
+++ b/modules/nitrokey.nix
@ -15,5 +15,15 @@ lib.mkMerge [
      #nitrokey-app2
      #pynitrokey
    ];
+
+    systemd.user.services.gpg-force-learn-cards = {
+      serviceConfig = {
+        ExecStart = "${pkgs.gnupg}/bin/gpg-connect-agent 'learn --force' '/bye'";
+      };
+    };
+
+    services.udev.extraRules = ''
+      SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b2", ENV{SYSTEMD_USER_WANTS}="gpg-force-learn-cards.service"
+    '';
  })
 ]