From bc89ebcffeac8e655bc6e2d22893b5e1563e92d9 Mon Sep 17 00:00:00 2001
From: ChUrl <christoph.urlacher@protonmail.com>
Date: Sat, 27 May 2023 14:59:13 +0200
Subject: [PATCH] Use polkit module for container services

---
 system/modules/containers/default.nix | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/system/modules/containers/default.nix b/system/modules/containers/default.nix
index 1febf206..180a4f28 100644
--- a/system/modules/containers/default.nix
+++ b/system/modules/containers/default.nix
@@ -121,6 +121,16 @@ in {
       });
     };
 
+    modules.polkit.allowed-system-services = let
+      container-services = lib.pipe virtualisation.oci-containers.containers [
+        builtins.attrNames
+        (builtins.filter (c: cfg.${c}.enable))
+        (builtins.map (c: "podman-${c}.service"))
+      ];
+    in
+      container-services;
+
+    # TODO: Rewrite with builtins.pipe
     environment.etc."rofi-containers".text = let
       containers-list = attrNames virtualisation.oci-containers.containers;
       containers-filtered = filter (c: cfg.${c}.enable) containers-list;