flakes/hosts/winter/security.nix

{ config, pkgs, ... }: {
  networking.firewall.enable = false;
  services.openssh.enable = true;

  security = {
    polkit.enable = true;
    sudo.enable = false;
    doas = {
      enable = true;
      extraRules = [
        {
          groups = ["wheel"];
          keepEnv = true;
          persist = true;
        }
      ];
    };
  };

  programs.gnupg.agent = {
    enable = true;
    pinentryFlavor = "gnome3";
  };
}
a 2021-05-11 14:32:58 +07:00			`{ config, pkgs, ... }: {`
			`networking.firewall.enable = false;`
			`services.openssh.enable = true;`

			`security = {`
			`polkit.enable = true;`
			`sudo.enable = false;`
			`doas = {`
			`enable = true;`
			`extraRules = [`
			`{`
			`groups = ["wheel"];`
			`keepEnv = true;`
			`persist = true;`
			`}`
			`];`
			`};`
			`};`

			`programs.gnupg.agent = {`
			`enable = true;`
			`pinentryFlavor = "gnome3";`
			`};`
			`}`