feat: docker now works.. kinda, root use only

configuration.nix

@@ -99,7 +99,6 @@
   environment.systemPackages = with pkgs; [
     home-manager
     firefox
-    docker
     vmware-workstation
     cacert
   ];
@@ -154,9 +153,12 @@
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
 
   # Enable docker
-  virtualisation.docker.rootless = {
+  virtualisation.docker = {
-    enable = true;
+  enable = true;
-    setSocketVariable = true;
+    rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
   };
   
   virtualisation.vmware.host.enable = true; 
@@ -213,4 +215,18 @@
       xdg-desktop-portal-hyprland 
     ];
   };
+
+  security.pam.services = {
+    login.u2fAuth = true;
+    sudo.u2fAuth = true;
+  };
+
+  services.udev.extraRules = ''
+      ACTION=="remove",\
+       ENV{ID_BUS}=="usb",\
+       ENV{ID_MODEL_ID}=="0407",\
+       ENV{ID_VENDOR_ID}=="1050",\
+       ENV{ID_VENDOR}=="Yubico",\
+       RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
+  '';
 }