Add security setup.
This commit is contained in:
29
nodes/hosts/common/system/security.nix
Normal file
29
nodes/hosts/common/system/security.nix
Normal file
@@ -0,0 +1,29 @@
|
||||
{ pkgs, lib, ... }: {
|
||||
security = {
|
||||
rtkit.enable = true;
|
||||
pam.services.hyprlock = {};
|
||||
|
||||
polkit = {
|
||||
enable = true;
|
||||
adminIdentities = [
|
||||
"unix-group:wheel"
|
||||
];
|
||||
};
|
||||
|
||||
sudo = {
|
||||
enable = lib.mkForce false;
|
||||
};
|
||||
|
||||
sudo-rs = {
|
||||
enable = true;
|
||||
wheelNeedsPassword = true;
|
||||
execWheelOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.vulnix
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user