nixos-config/system/security/doas.nix

17 lines
326 B
Nix
Raw Normal View History

{ config, username, pkgs, ... }:
{
# Doas instead of sudo
security.doas.enable = true;
security.sudo.enable = false;
security.doas.extraRules = [{
users = [ "${username}" ];
keepEnv = true;
persist = true;
}];
environment.systemPackages = [
(pkgs.writeScriptBin "sudo" ''exec doas "$@"'')
];
}