From 04c7bc089fa67485d1288407463c128e99d1bef1 Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Mon, 22 Jan 2024 00:28:58 +0100
Subject: [PATCH] nitrokey: Force learn keys from card on plug

This allows the signing key to be shared among multiple nitrokeys.
---
 modules/nitrokey.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/modules/nitrokey.nix b/modules/nitrokey.nix
index bf32140..4862cf6 100644
--- a/modules/nitrokey.nix
+++ b/modules/nitrokey.nix
@@ -15,5 +15,15 @@ lib.mkMerge [
       #nitrokey-app2
       #pynitrokey
     ];
+
+    systemd.user.services.gpg-force-learn-cards = {
+      serviceConfig = {
+        ExecStart = "${pkgs.gnupg}/bin/gpg-connect-agent 'learn --force' '/bye'";
+      };
+    };
+
+    services.udev.extraRules = ''
+      SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="20a0", ATTRS{idProduct}=="42b2", ENV{SYSTEMD_USER_WANTS}="gpg-force-learn-cards.service"
+    '';
   })
 ]