christoph/flake-nixinator
1
Fork 0
Code Activity

Use polkit module

Browse Source
This commit is contained in:
Christoph Urlacher
2023-05-27 15:01:16 +02:00
parent bc89ebcffe
commit 05b5a0c8a4
1 changed files with 2 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
system/default.nix
View File

@ -22,6 +22,8 @@ with mylib.networking; {
]; ];
modules = { modules = {
polkit.enable = true;
systemd-networkd = { systemd-networkd = {
enable = true; enable = true;
hostname = hostname; hostname = hostname;
@ -111,33 +113,6 @@ with mylib.networking; {
protectKernelImage = true; protectKernelImage = true;
rtkit.enable = true; rtkit.enable = true;
polkit.enable = true;
# TODO: Add this to container/podman system module
# TODO: Also generate the containers.txt file through the container/podman system module
polkit.extraConfig = ''
// Allow to manage podman services
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.systemd1.manage-units" && subject.user == "christoph" && (
// HomeLab Selfhosted Services
action.lookup("unit") == "podman-jellyfin.service" ||
action.lookup("unit") == "podman-sonarr.service" ||
action.lookup("unit") == "podman-radarr.service" ||
action.lookup("unit") == "podman-hydra.service" ||
action.lookup("unit") == "podman-sabnzbd.service" ||
action.lookup("unit") == "podman-homeassistant.service" ||
// Various Containers
// action.lookup("unit") == "podman-stablediffusion.service" ||
// VPNs
action.lookup("unit") == "wg0-lu-16.service" ||
action.lookup("unit") == "wg0-de-115.service"
)) {
return polkit.Result.YES;
}
});
'';
# TODO: Replace with polkit # TODO: Replace with polkit
sudo.enable = true; sudo.enable = true;
sudo.extraRules = [ sudo.extraRules = [