2025-01-19 00:44:22 -05:00
|
|
|
{config, ...}: {
|
2024-10-18 23:42:11 -04:00
|
|
|
security.doas = {
|
|
|
|
|
enable = true;
|
|
|
|
|
extraRules = [
|
2024-10-27 13:34:49 -04:00
|
|
|
{
|
|
|
|
|
groups = ["wheel"];
|
|
|
|
|
persist = true;
|
|
|
|
|
}
|
2024-11-13 05:16:06 -05:00
|
|
|
{
|
|
|
|
|
groups = ["wheel"];
|
|
|
|
|
noPass = true;
|
|
|
|
|
cmd = "journalctl";
|
|
|
|
|
}
|
2024-10-18 23:42:11 -04:00
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
security.polkit.enable = true;
|
2024-11-12 03:25:50 -05:00
|
|
|
services.physlock = {
|
|
|
|
|
enable = true;
|
|
|
|
|
allowAnyUser = true;
|
|
|
|
|
};
|
2025-01-19 00:44:22 -05:00
|
|
|
sops.defaultSopsFile = ../secrets/secrets.yaml;
|
|
|
|
|
sops.defaultSopsFormat = "yaml";
|
|
|
|
|
sops.age.keyFile = "/home/ahnwuoa/.config/sops/age/keys.txt";
|
|
|
|
|
sops.secrets = {
|
|
|
|
|
passwd = {};
|
|
|
|
|
root-passwd = {};
|
|
|
|
|
pool-credentials = {
|
|
|
|
|
uid = 1000;
|
|
|
|
|
};
|
|
|
|
|
porkbun-credentials = {};
|
|
|
|
|
};
|
|
|
|
|
users.users.root.hashedPasswordFile = config.sops.secrets.root-passwd.path;
|
2024-10-18 23:42:11 -04:00
|
|
|
}
|
