diff options
Diffstat (limited to 'modules/doas.nix')
| -rw-r--r-- | modules/doas.nix | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/modules/doas.nix b/modules/doas.nix new file mode 100644 index 0000000..2af324e --- /dev/null +++ b/modules/doas.nix @@ -0,0 +1,16 @@ +{ lib, config, ... }: { + options = { + doas.enable = lib.mkEnableOption "enables doas"; + sudo.enable = lib.mkEnableOption "enables sudo"; + }; + + config = lib.mkIf config.doas.enable { + security.doas.enable = true; + security.sudo.enable = config.sudo.enable; + security.doas.extraRules = [{ + groups = ["wheel"]; + keepEnv = true; + noPass = true; + }]; + }; +} |