initial commit

2026-03-24 19:07:42 +01:00
commit 7a2f92fd98
112 changed files with 12548 additions and 0 deletions
--- a/modules/core/security.nix
+++ b/modules/core/security.nix
@@ -0,0 +1,50 @@
+{ pkgs, username, ... }: {
+  security = {
+    rtkit.enable = true;
+    polkit = {
+      enable = true;
+      extraConfig = ''
+        polkit.addRule(function(action, subject) {
+          if ( subject.isInGroup("users") && (
+           action.id == "org.freedesktop.login1.reboot" ||
+           action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
+           action.id == "org.freedesktop.login1.power-off" ||
+           action.id == "org.freedesktop.login1.power-off-multiple-sessions"
+          ))
+          { return polkit.Result.YES; }
+        })
+      '';
+    };
+
+    pam.services = {
+      login.enableGnomeKeyring = true;
+      login.enableKwallet = true;
+    };
+
+    pam.services.hyprlock = {
+      text = ''
+        auth sufficient pam_unix.so try_first_pass nullok
+        auth required pam_deny.so
+      '';
+    };
+
+    pam.services.swaylock = {
+      text = ''
+        auth sufficient pam_unix.so try_first_pass nullok
+        auth required pam_deny.so
+      '';
+    };
+
+    sudo.extraRules = [
+      {
+        users = [ "${username}" ];
+        commands = [
+          {
+            command = "ALL";
+            options = [ "NOPASSWD" ];
+          }
+        ];
+      }
+    ];
+  };
+}