john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added sudo and step-client modules

Browse Source
This commit is contained in:
John Lancaster
2026-03-12 12:25:58 -05:00
parent 1825230029
commit 9a22aba03a
4 changed files with 46 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/hosts/test-nix.nix
View File

@@ -19,6 +19,7 @@ in
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
nixos."${username}" nixos."${username}"
nixos.lxc nixos.lxc
nixos.sudo
nixos.zsh nixos.zsh
nixos.docker nixos.docker
{ {
@@ -27,6 +28,9 @@ in
}; };
home-manager.users."${username}" = { home-manager.users."${username}" = {
imports = with inputs.self.modules.homeManager; [
step-client
];
shell.program = "zsh"; shell.program = "zsh";
docker.enable = true; docker.enable = true;
ssh.matchSets = { ssh.matchSets = {

2
modules/nixos/lxc.nix
View File

@@ -9,7 +9,7 @@
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
environment.systemPackages = with pkgs; [ git zsh ]; environment.systemPackages = with pkgs; [ git zsh ];
security.sudo-rs.enable = true; # security.sudo-rs.enable = true;
programs.nix-ld.enable = true; programs.nix-ld.enable = true;
nix.optimise.automatic = true; nix.optimise.automatic = true;
nix.gc = { nix.gc = {

12
modules/programs/step-client.nix Normal file
View File

@@ -0,0 +1,12 @@
{ inputs, ... }:
{
flake.modules.homeManager.step-client = { pkgs, ... }: {
home.packages = with pkgs; [
step-cli
(writeShellScriptBin "check-ssh" ''
set -euo pipefail
bash <(curl -sL https://gitea.john-stream.com/john/janus/raw/branch/main/scripts/ssh-server-check.sh)
'')
];
};
}

29
modules/programs/sudo.nix Normal file
View File

@@ -0,0 +1,29 @@
{ inputs, ... }: {
flake.modules.nixos.sudo = { pkgs, lib, ... }: {
security.sudo = {
enable = true;
extraRules = [{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
extraConfig = with pkgs; ''
Defaults:picloud secure_path="${lib.makeBinPath [
systemd
]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
'';
};
};
}