Laurent/infrastructure
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

feat: restrict nix commands to sudoers

Browse source
This commit is contained in:
Laureηt 2022-12-23 15:28:14 +01:00
parent 80990950a0
commit 1f2a2a706d
Signed by: Laurent
SSH key fingerprint: SHA256:kZEpW8cMJ54PDeCvOhzreNr4FSh6R13CMGH/POoO8DI
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
hosts/neodymium/configuration.nix
View file

@ -26,6 +26,9 @@ in {
# clean /tmp at each boot # clean /tmp at each boot
boot.cleanTmpDir = true; boot.cleanTmpDir = true;
# restrict nix command to sudoers
nix.allowedUsers = [ "@wheel" ];
# hardware # hardware
hardware = { hardware = {
enableRedistributableFirmware = true; enableRedistributableFirmware = true;