added sudo and step-client modules

2026-03-12 12:25:58 -05:00
parent 1825230029
commit 9a22aba03a
4 changed files with 46 additions and 1 deletions
--- a/modules/programs/step-client.nix
+++ b/modules/programs/step-client.nix
@@ -0,0 +1,12 @@
+{ inputs, ... }:
+{
+  flake.modules.homeManager.step-client = { pkgs, ... }: {
+    home.packages = with pkgs; [
+      step-cli
+      (writeShellScriptBin "check-ssh" ''
+        set -euo pipefail
+        bash <(curl -sL https://gitea.john-stream.com/john/janus/raw/branch/main/scripts/ssh-server-check.sh)
+      '')
+    ];
+  };
+}
--- a/modules/programs/sudo.nix
+++ b/modules/programs/sudo.nix
@@ -0,0 +1,29 @@
+{ inputs, ... }: {
+  flake.modules.nixos.sudo = { pkgs, lib, ... }: {
+    security.sudo = {
+      enable = true;
+      extraRules = [{
+        commands = [
+          {
+            command = "${pkgs.systemd}/bin/systemctl suspend";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "${pkgs.systemd}/bin/reboot";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "${pkgs.systemd}/bin/poweroff";
+            options = [ "NOPASSWD" ];
+          }
+        ];
+        groups = [ "wheel" ];
+      }];
+      extraConfig = with pkgs; ''
+        Defaults:picloud secure_path="${lib.makeBinPath [
+          systemd
+        ]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
+      '';
+    };
+  };
+}