From b96d73924b22bdac79f812e3e26accddec2d288d Mon Sep 17 00:00:00 2001
From: Ryota <rytswd@gmail.com>
Date: Sat, 17 Jan 2026 02:15:56 +0000
Subject: [PATCH] feat(nix-darwin): add requirePcscd option for consistency

Add the requirePcscd option to the nix-darwin module for consistency
with NixOS and home-manager modules. On macOS, CryptoTokenKit typically
handles YubiKey communication automatically, but this option is provided
for API consistency.
---
 modules/nix-darwin/default.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/modules/nix-darwin/default.nix b/modules/nix-darwin/default.nix
index 27331bc..b3ec176 100644
--- a/modules/nix-darwin/default.nix
+++ b/modules/nix-darwin/default.nix
@@ -316,6 +316,22 @@ in
           List of plugins to use for sops decryption.
         '';
       };
+
+      # Options for hardware key support (YubiKey, FIDO2, etc.)
+      requirePcscd = lib.mkOption {
+        type = lib.types.bool;
+        default = false;
+        description = ''
+          Whether pcscd (PC/SC Smart Card Daemon) is required for age decryption.
+          Enable this when using hardware key plugins like age-plugin-yubikey
+          or age-plugin-fido2-hmac.
+
+          On macOS, the system's built-in smart card services (CryptoTokenKit)
+          typically handle YubiKey communication automatically. This option
+          is provided for consistency with Linux but may not require additional
+          configuration on macOS.
+        '';
+      };
     };
 
     gnupg = {