Initial commit

module.nix

@@ -0,0 +1,38 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.services.softu2f;
+  softu2f = pkgs.callPackage ./softu2f.nix { };
+in
+{
+  options.services.softu2f = {
+    enable = lib.mkEnableOption "Enables the softu2f service";
+  };
+  config = lib.mkIf cfg.enable {
+    systemd.sockets.softu2f = {
+      wantedBy = [ "sockets.target" ];
+      socketConfig = {
+        ListenStream = "/run/softu2f/softu2f.sock";
+      };
+    };
+    systemd.services.softu2f = {
+      description = "Software-only U2F Emulation Service";
+      wants = [ "softu2f.socket" ];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${softu2f}/bin/softu2f-system-daemon";
+        PrivateNetwork = "yes";
+        PrivateTmp = "true";
+      };
+    };
+    systemd.user.services.softu2f = {
+      description = "Software-only U2F Emulation Service";
+      wantedBy = [ "default.target" ];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${softu2f}/bin/softu2f-user-daemon";
+        NoNewPrivileges = "true";
+        PrivateTmp = "true";
+      };
+    };
+  };
+}