modules/nixos/sils/sudo.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

{
  config,
  lib,
  ...
}: let
  persistentLecture = !config.sils.sudo.persistentLecture.disable;
in {
  options.sils.sudo.persistentLecture.disable = lib.mkEnableOption "sudo lecture after every boot";
  config = {
    security.sudo = {
      enable = true;
    };
    environment.persistence.${config.sils.meta.globalDataDir}.files = lib.mkIf persistentLecture [
      {
        file = "/var/db/sudo/lectured/${builtins.toString config.users.users.sils.uid}";
        parentDirectory = {
          user = "root";
          group = config.users.users.sils.group;
          mode = "0600";
        };
      }
    ];
  };
}