1
0
Fork 0
mirror of https://git.sr.ht/~azikx/wyswort synced 2024-10-30 11:26:20 +00:00
wyswort/host/misc/security.nix
2024-10-12 18:43:57 +09:00

32 lines
512 B
Nix

{ pkgs, ... }:
{
security = {
sudo = { # FUCKING CRAP
enable = true;
};
doas = { # VERY TOP
enable = true;
wheelNeedsPassword = true;
extraRules = [
{
users = [ "megamozg" ];
keepEnv = true;
persist = true;
}
];
extraConfig = ''
permit nopass megamozg as root cmd light
permit nopass megamozg as root cmd tee
'';
};
pam = { # SOMTHING WITH FPRINT
services = {
swaylock.fprintAuth = true;
};
};
polkit = {
enable = true;
};
};
}