55 lines
1.2 KiB
Nix
55 lines
1.2 KiB
Nix
{ lib, config, pkgs, ... }:
|
|
|
|
let
|
|
cfg = config.systemModules.security;
|
|
in
|
|
|
|
{
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
polkit_gnome
|
|
];
|
|
|
|
programs = {
|
|
gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
};
|
|
_1password = {
|
|
enable = true;
|
|
};
|
|
_1password-gui = {
|
|
enable = true;
|
|
polkitPolicyOwners = [ "ooks" ];
|
|
};
|
|
};
|
|
security = {
|
|
polkit = {
|
|
enable = true;
|
|
};
|
|
sudo = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
};
|
|
rtkit.enable = true;
|
|
pam.services.hyprlock = {};
|
|
};
|
|
|
|
systemd = {
|
|
user.services.polkit-gnome-authentication-agent-1 = {
|
|
description = "polkit-gnome-authentication-agent-1";
|
|
wantedBy = [ "graphical-session.target" ];
|
|
wants = [ "graphical-session.target" ];
|
|
after = [ "graphical-session.target" ];
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
|
|
Restart = "on-failure";
|
|
RestartSec = 1;
|
|
TimeoutStopSec = 10;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|