run0 instead of sudo, looks kinda ugly when promted · ladas552.me/Flake-ocean@3571113

ladas552.me / Flake-ocean

fork atom

My NixOS config Part 3: Flake-Parts Crusaders nix.ladas552.me

hjem nix nixos impermanence flake-parts nvfetcher niri noctalia

fork atom

run0 instead of sudo, looks kinda ugly when promted

ladas552.me 2 weeks ago 35711133 e56baaaf

verified

+32

4 changed files

expand all

unified split

modules

hosts

NixPort

imports.nix

NixToks

imports.nix

NixWool

imports.nix

nixosModules

run0.nix

modules/hosts/NixPort/imports.nix

··· 45 noct 46 xkb 47 zfs 48 network-manager 49 fish 50 yt-dlp

··· 45 noct 46 xkb 47 zfs 48 + run0 49 network-manager 50 fish 51 yt-dlp

modules/hosts/NixToks/imports.nix

··· 44 xkb 45 fish 46 yt-dlp-NixToks 47 48 # temporary 49 # tangled

··· 44 xkb 45 fish 46 yt-dlp-NixToks 47 + run0 48 49 # temporary 50 # tangled

modules/hosts/NixWool/imports.nix

··· 30 fish 31 bluesky-pds 32 tangled 33 # Users 34 root 35 ladas552

··· 30 fish 31 bluesky-pds 32 tangled 33 + run0 34 # Users 35 root 36 ladas552

+29

modules/nixosModules/run0.nix

···

··· 1 + { 2 + flake.modules.nixos.run0 = { 3 + # Stolen from @Gerg 4 + # https://github.com/Gerg-L/nixos/blob/96b7bbdb20bdfbeb9d7d733cee47eaac39cf5ec0/nixosModules/security.nix 5 + environment.shellAliases = { 6 + #make run0 use aliases 7 + sudo = "run0 --background='' "; 8 + }; 9 + services.dbus.implementation = "broker"; 10 + security = { 11 + sudo.enable = false; 12 + polkit = { 13 + enable = true; 14 + extraConfig = '' 15 + polkit.addRule(function(action, subject) { 16 + if (action.id == "org.freedesktop.policykit.exec" 17 + || action.id.indexOf("org.freedesktop.systemd1.") == 0) { 18 + return polkit.Result.AUTH_ADMIN_KEEP; 19 + } 20 + }); 21 + ''; 22 + }; 23 + }; 24 + environment.etc."polkit-1/polkitd.conf".text = '' 25 + [Polkitd] 26 + ExpirationSeconds=60 27 + ''; 28 + }; 29 + }