diff options
| author | Tim Keller <tjkeller.xyz> | 2025-01-05 16:19:45 -0600 |
|---|---|---|
| committer | Tim Keller <tjkeller.xyz> | 2025-01-05 16:19:45 -0600 |
| commit | 1835aa04051f2f0c41017423f2bcba6c549f26b0 (patch) | |
| tree | b5f26e29032e9084b27eeb0688c7a3a9bb0df57f /modules/root/doas.nix | |
| parent | d0faef2f53e2e5195b2acc7cc7bba898bd7cd05b (diff) | |
| download | nixos-1835aa04051f2f0c41017423f2bcba6c549f26b0.tar.xz nixos-1835aa04051f2f0c41017423f2bcba6c549f26b0.zip | |
overhual
Diffstat (limited to 'modules/root/doas.nix')
| -rw-r--r-- | modules/root/doas.nix | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/modules/root/doas.nix b/modules/root/doas.nix index 54cf63a..c6707ce 100644 --- a/modules/root/doas.nix +++ b/modules/root/doas.nix @@ -5,12 +5,15 @@ }; config = { - security.sudo.enable = config.sudo.enable; - security.doas.enable = config.doas.enable; - security.doas.extraRules = lib.mkIf config.doas.enable [{ - groups = ["wheel"]; - keepEnv = true; - noPass = true; - }]; + security = { + #sudo.enable = config.sudo.enable; + sudo.enable = true; # TODO remove once can be built from flake w git + sudo.wheelNeedsPassword = false; + doas.enable = config.doas.enable; + doas.extraRules = lib.mkIf config.doas.enable [{ + keepEnv = true; + }]; + doas.wheelNeedsPassword = false; + }; }; } |