mirror of
https://codeberg.org/leana8959/.files.git
synced 2025-12-06 22:59:15 +00:00
26 lines
824 B
Nix
26 lines
824 B
Nix
{pkgs, ...}: {
|
|
security.sudo.enable = false;
|
|
|
|
environment.systemPackages = [
|
|
pkgs.doas-sudo-shim
|
|
];
|
|
security.doas = {
|
|
enable = true;
|
|
extraRules = [
|
|
{
|
|
# Invoke just with doas directly as a nixos-rebuild helper
|
|
#
|
|
# Specifiying just here is impractical, because
|
|
# - Use absolute path?
|
|
# Works only for a specific version of just binary.
|
|
# Also, for some reason, the rule won't match.
|
|
# - Use relative path?
|
|
# doas's docs says it searches in a "limited subset of PATH" if it's relative.
|
|
# I suspect that it doesn't search the PATH added ad-hoc by the nix-shell, also not a good solution.
|
|
# Also, for some reason, the rule won't match.
|
|
users = [":wheel"];
|
|
setEnv = ["PATH"];
|
|
}
|
|
];
|
|
};
|
|
}
|