dotfiles/nixos/system/security.nix

{ pkgs, config, systemd, ... }:
{
	
  # enabling firejail for sandboxing
  programs.firejail = {
    enable = true;
  };

  # enabling doas
  security.doas.enable = true;
  security.sudo.enable = false;
  security.doas.extraRules = [{
    users = [ "grape" ];
    keepEnv = true;
    persist = true;
  }];

  # setting up a polkit 
  security.polkit.enable = true;
}
created files 2024-04-28 11:35:35 +02:00			`{ pkgs, config, systemd, ... }:`
			`{`

			`# enabling firejail for sandboxing`
			`programs.firejail = {`
			`enable = true;`
			`};`

			`# enabling doas`
			`security.doas.enable = true;`
			`security.sudo.enable = false;`
			`security.doas.extraRules = [{`
			`users = [ "grape" ];`
			`keepEnv = true;`
			`persist = true;`
			`}];`

			`# setting up a polkit`
			`security.polkit.enable = true;`
			`}`