blob: c6707ce1a0b7efd861a1345109148fb191959684 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
{ lib, config, ... }: {
options = {
doas.enable = lib.mkEnableOption "enables doas";
sudo.enable = lib.mkEnableOption "enables sudo";
};
config = {
security = {
#sudo.enable = config.sudo.enable;
sudo.enable = true; # TODO remove once can be built from flake w git
sudo.wheelNeedsPassword = false;
doas.enable = config.doas.enable;
doas.extraRules = lib.mkIf config.doas.enable [{
keepEnv = true;
}];
doas.wheelNeedsPassword = false;
};
};
}
|
