diff --git a/buer.scm b/buer.scm index 63d9f28..11581f9 100644 --- a/buer.scm +++ b/buer.scm @@ -241,45 +241,43 @@ (respawn? #f))) #|Doas configuration services|# - (service doas-service-type - (append #|Miscellaneous|# - (list (permit (identity ":wheel") - (setenv `("GUILE_LOAD_PATH"))) + (simple-service 'miscellaneous-permissions doas-service-type + (list (permit (identity ":wheel") + (setenv `("GUILE_LOAD_PATH"))) + (permit (identity ":wheel") + (nopass? #t) + (command "guix") + (args `("pull"))))) + (simple-service 'text-editors-permissions doas-service-type + (map (lambda (cmd) + (permit (identity ":wheel") + (keepenv? #t) + (command cmd))) + `("kak" "emacsclient"))) + (simple-service 'power-management-permissions doas-service-type + (map (lambda (cmd) (permit (identity ":wheel") (nopass? #t) - (command "guix") - (args `("pull"))) + (command cmd) + (args '()))) + `("zzz" "halt" "reboot"))) + (simple-service 'shepherd-status-permissions doas-service-type + (map (lambda (arglist) (permit (identity ":wheel") (nopass? #t) (command "herd") - (args `("status" - "detailed-status")))) - - #|Text editors|# - (map (lambda (cmd) - (permit (identity ":wheel") - (keepenv? #t) - (command cmd))) - `("kak" "emacsclient")) - - #|Power management|# - (map (lambda (cmd) - (permit (identity ":wheel") - (nopass? #t) - (command cmd) - (args '()))) - `("zzz" "halt" "reboot")) - - #|Service management|# - (flatmap (lambda (service action) - (permit (identity ":wheel") - (nopass? #t) - (command "herd") - (args (list action service)))) - `("tlp" "tor" "thermald" "thinkfan" - "wpa-supplicant") - `("doc" "stop" "start" "enable" - "status" "restart" "disable")))) + (args (list arg)))) + `("status" "detailed-status"))) + (simple-service 'service-management-permissions doas-service-type + (flatmap (lambda (service action) + (permit (identity ":wheel") + (nopass? #t) + (command "herd") + (args (list action service)))) + `("tlp" "tor" "thermald" "thinkfan" + "wpa-supplicant") + `("doc" "stop" "start" "enable" + "status" "restart" "disable"))) #|Special file services|# (service special-files-service-type