alex/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix group and command

Browse Source
This commit is contained in:
alex
2025-04-21 23:24:10 +08:00
parent 5c0196c3f7
commit 11e4e1b850
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/nixos/core/system.nix
View File

@@ -34,6 +34,7 @@
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
]; ];
trusted-users = [ "root" ]; trusted-users = [ "root" ];
build-users-group = "nixbld";
# Enable local binary cache # Enable local binary cache
keep-outputs = true; keep-outputs = true;

13
modules/nixos/user.nix
View File

@@ -16,12 +16,15 @@
"wheel" "wheel"
"networkmanager" "networkmanager"
"audio" "audio"
"nixbld"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
]; ];
}; };
}; };
binPath = "${pkgs.nix}/bin";
# DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure` # DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure`
security.sudo = { security.sudo = {
# wheelNeedsPassword = false; # wheelNeedsPassword = false;
@@ -31,7 +34,7 @@
commands = commands =
[ [
{ {
command = "/run/current-system/sw/bin/nix-store"; command = "${binPath}/nix-store";
options = [ "NOPASSWD" ]; options = [ "NOPASSWD" ];
} }
{ {
@@ -39,15 +42,11 @@
options = [ "NOPASSWD" "SETENV" ]; options = [ "NOPASSWD" "SETENV" ];
} }
{ {
command = "${pkgs.systemd}/bin/systemctl suspend"; command = "${binPath}/reboot";
options = [ "NOPASSWD" ]; options = [ "NOPASSWD" ];
} }
{ {
command = "${pkgs.systemd}/bin/reboot"; command = "${binPath}/bin/poweroff";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ]; options = [ "NOPASSWD" ];
} }
]; ];