jay/nixverse
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add security setup.

Browse Source
This commit is contained in:
jay
2025-06-29 13:44:40 -04:00
parent e8711bc620
commit 3f1fcacffc
2 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nodes/hosts/common/configuration.nix
View File

@@ -17,6 +17,7 @@
./services/sound.nix ./services/sound.nix
./system/bluetooth.nix ./system/bluetooth.nix
./system/locale.nix ./system/locale.nix
./system/security.nix
./system/time.nix ./system/time.nix
./system/users.nix ./system/users.nix
]; ];

29
nodes/hosts/common/system/security.nix Normal file
View File

@@ -0,0 +1,29 @@
{ pkgs, lib, ... }: {
security = {
rtkit.enable = true;
pam.services.hyprlock = {};
polkit = {
enable = true;
adminIdentities = [
"unix-group:wheel"
];
};
sudo = {
enable = lib.mkForce false;
};
sudo-rs = {
enable = true;
wheelNeedsPassword = true;
execWheelOnly = true;
};
};
environment.systemPackages = [
pkgs.vulnix
];
}