diff options
| author | Tim Keller <tjk@tjkeller.xyz> | 2026-06-15 15:40:14 -0500 |
|---|---|---|
| committer | Tim Keller <tjk@tjkeller.xyz> | 2026-06-15 15:40:14 -0500 |
| commit | 54c6ed12b0c5844be789a7a4c865b004a2a70ac6 (patch) | |
| tree | fe91289a4d4e7b3ffc4bca807bf02ca673bee90d | |
| parent | 9f0dbb1523e5aaf686958d5e100375789ca5eaee (diff) | |
| download | nixos-54c6ed12b0c5844be789a7a4c865b004a2a70ac6.tar.xz nixos-54c6ed12b0c5844be789a7a4c865b004a2a70ac6.zip | |
move sudo and doas config to user timmy and remove irrelevant option modules
| -rw-r--r-- | archetypes/profiles/desktop/default.nix | 1 | ||||
| -rw-r--r-- | archetypes/profiles/headless/default.nix | 4 | ||||
| -rw-r--r-- | nixos/default.nix | 2 | ||||
| -rw-r--r-- | nixos/doas.nix | 17 | ||||
| -rw-r--r-- | nixos/sudo.nix | 15 | ||||
| -rw-r--r-- | users/timmy/default.nix | 11 |
6 files changed, 11 insertions, 39 deletions
diff --git a/archetypes/profiles/desktop/default.nix b/archetypes/profiles/desktop/default.nix index 7cde6b2..07cbd82 100644 --- a/archetypes/profiles/desktop/default.nix +++ b/archetypes/profiles/desktop/default.nix @@ -20,7 +20,6 @@ }; security = { - _doas.enable = mkDesktop true; _polkit = { enable = mkDesktop true; gnome.enable = mkDesktop true; diff --git a/archetypes/profiles/headless/default.nix b/archetypes/profiles/headless/default.nix index c3ab755..ac1eb80 100644 --- a/archetypes/profiles/headless/default.nix +++ b/archetypes/profiles/headless/default.nix @@ -8,10 +8,6 @@ }; }; - security = { - _doas.enable = mkHeadless true; - }; - programs = { _ddcutil.enable = mkHeadless true; }; diff --git a/nixos/default.nix b/nixos/default.nix index ce2a417..6defa6b 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -14,7 +14,6 @@ ./bootloader.nix ./decklink.nix - ./doas.nix ./geoclue.nix ./hosts.nix ./net-iface-labels.nix @@ -23,7 +22,6 @@ ./polkit.nix ./powerkeys.nix ./secrets.nix - ./sudo.nix ./suspend.nix ./zshenv.nix ]; diff --git a/nixos/doas.nix b/nixos/doas.nix deleted file mode 100644 index e1fa994..0000000 --- a/nixos/doas.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ lib, config, ... }: let - cfg = config.security._doas; -in { - options.security._doas = { - enable = lib.mkEnableOption "enables doas"; - }; - - config = lib.mkIf cfg.enable { - security.doas = { - enable = true; - wheelNeedsPassword = false; - extraRules = [{ - keepEnv = true; - }]; - }; - }; -} diff --git a/nixos/sudo.nix b/nixos/sudo.nix deleted file mode 100644 index 5fa2727..0000000 --- a/nixos/sudo.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ lib, config, ... }: let - cfg = config.security._sudo; -in { - options.security._sudo = { - enable = lib.mkEnableOption "enables sudo"; - }; - - #config = lib.mkIf cfg.enable { - config = { # TODO remove once can be built from flake w git - security.sudo = { - enable = true; - wheelNeedsPassword = false; - }; - }; -} diff --git a/users/timmy/default.nix b/users/timmy/default.nix index 3a8a4e3..cb8eb7b 100644 --- a/users/timmy/default.nix +++ b/users/timmy/default.nix @@ -55,6 +55,17 @@ in { ]; }; + # Enable sudo and doas + security.sudo = { + enable = true; + wheelNeedsPassword = false; + }; + security.doas = { + enable = true; + wheelNeedsPassword = false; + extraRules = [{ keepEnv = true; }]; + }; + # Configure automatic login with getty services.getty = lib.mkIf cfg.autologin.enable { autologinUser = username; |