From 876cf84493d8fb7e10cc7a87c297b8312e999971 Mon Sep 17 00:00:00 2001
From: MDLeom <2809763-curben@users.noreply.gitlab.com>
Date: Thu, 27 Feb 2020 17:14:00 +0000
Subject: [PATCH] fix(nixos-1): add guide for OTP login

---
 source/_posts/caddy-nixos-part-1.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/source/_posts/caddy-nixos-part-1.md b/source/_posts/caddy-nixos-part-1.md
index 9501ad4..4d7adea 100644
--- a/source/_posts/caddy-nixos-part-1.md
+++ b/source/_posts/caddy-nixos-part-1.md
@@ -229,6 +229,18 @@ Following is my "configuration.nix". I'll show you how to secure NixOS using has
     };
   };
 
+  ## Requires OTP to login & sudo
+  security.pam.services = [
+    {
+      name = "login";
+      googleAuthenticator.enable = false;
+    }
+    {
+      name = "sudo";
+      googleAuthenticator.enable = false;
+    }
+  ];
+
   ## Caddy web server
 #  require = [ /etc/caddy/caddyProxy.nix /etc/caddy/caddyTor.nix ];
 #  services.caddyProxy = {