From 0c1989a6b6883bd5fc6213f57a2fe26b1a372339 Mon Sep 17 00:00:00 2001
From: Christoph Urlacher <christoph.urlacher@protonmail.com>
Date: Sun, 13 Oct 2024 13:00:33 +0200
Subject: [PATCH] Nixos: Use ${username} in polkit system module

---
 system/modules/polkit/default.nix | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/system/modules/polkit/default.nix b/system/modules/polkit/default.nix
index 0b514bf0..f8b2c317 100644
--- a/system/modules/polkit/default.nix
+++ b/system/modules/polkit/default.nix
@@ -1,9 +1,8 @@
 {
   config,
-  nixosConfig,
   lib,
   mylib,
-  pkgs,
+  username,
   ...
 }:
 with lib;
@@ -15,9 +14,8 @@ in {
   config = mkIf cfg.enable {
     security.polkit.enable = true;
 
-    # TODO: Don't hardcode subject.user == "christoph"
     security.polkit.extraConfig = let
-      # Stuff that is non-negotiable
+      # Stuff that should always get a rule
       always-predicates = [];
 
       mkServicePredicate = service: "action.lookup(\"unit\") == \"${service}\"";
@@ -27,7 +25,7 @@ in {
       ];
     in ''
       polkit.addRule(function(action, subject) {
-          if (action.id == "org.freedesktop.systemd1.manage-units" && subject.user == "christoph" && (
+          if (action.id == "org.freedesktop.systemd1.manage-units" && subject.user == "${username}" && (
               ${predicates}
           )) {
               return polkit.Result.YES;