wait for device to be connected

dracut/96luks-2fa/fido2-connected.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Wait for a FIDO2 device to be connected
+
+[Service]
+Type=oneshot
+Environment=CON_MSG="Please connect your authenicator"
+ExecStartPre=/usr/bin/plymouth display-message --text "${CON_MSG}"
+ExecStart=/bin/bash -c 'while ! fido2luks connected; do sleep 1; done'
+ExecStopPost=/usr/bin/plymouth hide-message --text "${CON_MSG}"
+

dracut/96luks-2fa/luks-2fa-generator.sh

@@ -23,7 +23,7 @@ generate_service () {
                 printf -- "[Unit]"
                 printf -- "\nDescription=%s" "2fa for luks"
                 printf -- "\nBindsTo=%s" "$target_dev"
-                printf -- "\nAfter=%s cryptsetup-pre.target systemd-journald.socket" "$target_dev" #TODO: create service to wait or authenicator
+                printf -- "\nAfter=%s cryptsetup-pre.target fido2-connected.service systemd-journald.socket" "$target_dev" #TODO: create service to wait or authenicator
                 printf -- "\nBefore=%s umount.target luks-2fa.target" "$crypto_target_service"
                 printf -- "\nConflicts=umount.target"
                 printf -- "\nDefaultDependencies=no"

dracut/96luks-2fa/module-setup.sh

@@ -24,7 +24,10 @@ install () {
 
         inst "$moddir/luks-2fa.target" "/etc/systemd/system/luks-2fa.target"
         mkdir -p "$initdir/etc/systemd/system/luks-2fa.target.wants"
+        
+        inst "$moddir/fido2-connected.service" "/etc/systemd/system/fido2-connected.service"
 
         mkdir -p "$initdir/etc/systemd/system/sysinit.target.wants"
         ln -sf "/etc/systemd/system/luks-2fa.target" "$initdir/etc/systemd/system/sysinit.target.wants/"
+        ln -sf "/etc/systemd/system/fido2-connected.service" "$initdir/etc/systemd/system/sysinit.target.wants/"
 }