commit 428761870415863846fd53048380c13be47e51d2
author Skyler Grey <skyler3665@gmail.com> Sun Mar 05 13:03:42 2023 +0000
committer Skyler Grey <skyler3665@gmail.com> Sun Mar 05 13:03:42 2023 +0000
tree a1c4fee7cd1ec356e0495bb2ad359b61494a554d
parent 335bd9083e8952dcfcd6560021b752c3ab4df5a5

Replace sudo with doas

flake.nix

diff --git a/flake.nix b/flake.nix
index cb2a600..f13435b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -24,14 +24,15 @@
           ./modules/node.nix
           ./modules/kitty.nix
           ./modules/tesseract.nix
+          ./modules/doas.nix
           {
-            security.sudo.wheelNeedsPassword = false;
             users.mutableUsers = false;
           }
         ];
       };
 
     deploy.nodes.clicks = {
+      sudo = "doas -u";
       profiles.system = {
         remoteBuild = true;
         user = "root";

modules/doas.nix

diff --git a/modules/doas.nix b/modules/doas.nix
new file mode 100644
index 0000000..ab4303e
--- /dev/null
+++ b/modules/doas.nix
@@ -0,0 +1,11 @@
+{ config, ... }: {
+  security = {
+    doas = {
+      enable = true;
+      wheelNeedsPassword = false;
+    };
+    sudo.enable = false;
+  };
+
+  environment.shellAliases.sudo = "${config.security.wrapperDir}/${config.security.wrappers.doas.program}";
+}