chore: move doas configuration to doas-service in system declaration
anemofilia
parent
db58f18d93
commit
94e87a5602
41
buer.scm
41
buer.scm
|
|
@ -6,6 +6,7 @@
|
||||||
(radix packages linux)
|
(radix packages linux)
|
||||||
(radix packages text-editors)
|
(radix packages text-editors)
|
||||||
(radix packages shells)
|
(radix packages shells)
|
||||||
|
(radix services admin)
|
||||||
(radix services linux)
|
(radix services linux)
|
||||||
(radix system setuid)
|
(radix system setuid)
|
||||||
(radix secrets)
|
(radix secrets)
|
||||||
|
|
@ -239,8 +240,44 @@
|
||||||
(respawn? #f)))
|
(respawn? #f)))
|
||||||
|
|
||||||
#|Doas config service|#
|
#|Doas config service|#
|
||||||
(simple-service 'doas-config etc-service-type
|
(service doas-service-type
|
||||||
`(("doas.conf" ,file:doas-config)))
|
(append #|Miscellaneous|#
|
||||||
|
(list (permit (identity ":wheel")
|
||||||
|
(setenv `("GUILE_LOAD_PATH")))
|
||||||
|
(permit (identity ":wheel")
|
||||||
|
(nopass? #t)
|
||||||
|
(command "guix")
|
||||||
|
(args `("pull")))
|
||||||
|
(permit (identity ":wheel")
|
||||||
|
(nopass? #t)
|
||||||
|
(command "herd")
|
||||||
|
(args `("status"
|
||||||
|
"detailed-status"))))
|
||||||
|
|
||||||
|
#|Text editors|#
|
||||||
|
(map (lambda (cmd)
|
||||||
|
(permit (identity ":wheel")
|
||||||
|
(keepenv? #t)
|
||||||
|
(command cmd)))
|
||||||
|
`("kak" "emacsclient"))
|
||||||
|
|
||||||
|
#|Power management|#
|
||||||
|
(map (lambda (cmd)
|
||||||
|
(permit (identity ":wheel")
|
||||||
|
(nopass? #t)
|
||||||
|
(args '())))
|
||||||
|
`("zzz" "halt" "reboot"))
|
||||||
|
|
||||||
|
#|Service management|#
|
||||||
|
(flatmap (lambda (service action)
|
||||||
|
(permit (identity ":wheel")
|
||||||
|
(nopass? #t)
|
||||||
|
(command "herd")
|
||||||
|
(args (cons action service))))
|
||||||
|
`(("tlp") ("tor") ("thermald")
|
||||||
|
("thinkfan") ("wpa-supplicant")))
|
||||||
|
`("doc" "stop" "start" "status"
|
||||||
|
"restart" "enable" "disable"))))
|
||||||
|
|
||||||
#|Special file services|#
|
#|Special file services|#
|
||||||
(service special-files-service-type
|
(service special-files-service-type
|
||||||
|
|
|
||||||
|
|
@ -1,19 +0,0 @@
|
||||||
permit setenv { GUILE_LOAD_PATH } :wheel
|
|
||||||
permit keepenv :wheel cmd kak
|
|
||||||
permit keepenv :wheel cmd emacsclient
|
|
||||||
permit nopass :wheel cmd zzz args
|
|
||||||
permit nopass :wheel cmd halt args
|
|
||||||
permit nopass :wheel cmd reboot args
|
|
||||||
permit nopass :wheel cmd guix args pull
|
|
||||||
permit nopass :wheel cmd herd args status
|
|
||||||
permit nopass :wheel cmd herd args doc thinkfan
|
|
||||||
permit nopass :wheel cmd herd args stop thinkfan
|
|
||||||
permit nopass :wheel cmd herd args start thinkfan
|
|
||||||
permit nopass :wheel cmd herd args status thinkfan
|
|
||||||
permit nopass :wheel cmd herd args restart thinkfan
|
|
||||||
permit nopass :wheel cmd herd args doc wpa-supplicant
|
|
||||||
permit nopass :wheel cmd herd args stop wpa-supplicant
|
|
||||||
permit nopass :wheel cmd herd args start wpa-supplicant
|
|
||||||
permit nopass :wheel cmd herd args status wpa-supplicant
|
|
||||||
permit nopass :wheel cmd herd args restart wpa-supplicant
|
|
||||||
|
|
||||||
|
|
@ -1,9 +1,6 @@
|
||||||
(define-module (radix files doas)
|
(define-module (radix files doas)
|
||||||
#:use-module (gnu)
|
#:use-module (gnu)
|
||||||
#:export (completion config))
|
#:export (completion))
|
||||||
|
|
||||||
(define completion
|
(define completion
|
||||||
(local-file "../../../files/doas/doas-completion"))
|
(local-file "../../../files/doas/doas-completion"))
|
||||||
|
|
||||||
(define config
|
|
||||||
(local-file "../../../files/doas/doas.conf"))
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue