Deploy without sudo password

This commit is contained in:
Andreas Zweili 2023-06-26 14:05:47 +02:00
parent 35b9bd3fde
commit 695a0043e2
1 changed files with 25 additions and 11 deletions

View File

@ -113,17 +113,31 @@
};
security.sudo = {
extraRules = [
{
users = [ "%wheel" ];
commands = [
{
command = "ALL";
options = [ "SETENV" "NOPASSWD" ];
}
];
}
];
extraRules =
let
storePrefix = "/nix/store/*";
systemName = "nixos-system-${config.networking.hostName}-*";
in
[
{
commands = [
{
command = "${storePrefix}-nix-*/bin/nix-env -p /nix/var/nix/profiles/system --set ${storePrefix}-${systemName}";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
{
commands = [
{
command = "${storePrefix}-${systemName}/bin/switch-to-configuration";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
];
};