allencai/ccl-nixos-dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(doas): add sudo wrapper

Browse Source
This commit is contained in:
imxyy_soope_
2025-07-04 21:32:35 +08:00
parent d0fcde133d
commit e79ed0f643
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/user.nix
View File

@@ -35,20 +35,22 @@ lib.my.makeSwitch {
};
users.users.root.hashedPasswordFile = lib.mkDefault config.sops.secrets.imxyy-nix-hashed-password.path;
security.sudo.enable = false;
security.doas = {
enable = true;
extraRules = [
{
users = [ username ];
noPass = true;
keepEnv = true;
}
];
};
environment.shellAliases = {
sudo = "doas";
sudoedit = "doasedit";
};
environment.systemPackages = [
(pkgs.writeShellScriptBin "sudo" ''exec doas "$@"'')
(pkgs.writeShellScriptBin "doasedit" ''
if [ -n "''${2}" ]; then
printf 'Expected only one argument\n'