started SSH certs

2026-03-12 13:22:40 -05:00
parent 3bbe6d359e
commit 026f413e7b
4 changed files with 33 additions and 28 deletions
--- a/modules/programs/step-client.nix
+++ b/modules/programs/step-client.nix
@@ -1,5 +1,13 @@
 { inputs, ... }:
 {
+  flake.modules.nixos.step-client = { pkgs, config, ... }: {
+    imports = with inputs.self.modules.nixos; [ ssh ];
+    ssh.certificates = true;
+    home-manager.sharedModules = with inputs.self.modules; [
+      homeManager.step-client
+    ];
+  };
+
  flake.modules.homeManager.step-client = { pkgs, ... }: {
    home.packages = with pkgs; [
      step-cli
--- a/modules/programs/sudo.nix
+++ b/modules/programs/sudo.nix
@@ -3,27 +3,14 @@
    security.sudo = {
      enable = true;
      extraRules = [{
+        groups = [ "wheel" ];
        commands = [
          {
-            command = "${pkgs.systemd}/bin/systemctl suspend";
-            options = [ "NOPASSWD" ];
-          }
-          {
-            command = "${pkgs.systemd}/bin/reboot";
-            options = [ "NOPASSWD" ];
-          }
-          {
-            command = "${pkgs.systemd}/bin/poweroff";
+            command = "ALL";
            options = [ "NOPASSWD" ];
          }
        ];
-        groups = [ "wheel" ];
      }];
-      extraConfig = with pkgs; ''
-        Defaults:picloud secure_path="${lib.makeBinPath [
-          systemd
-        ]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
-      '';
    };
  };
 }