andy/linux-nixos-hyprland-config-dotfiles
Template
1
0
Fork 0
mirror of https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles.git synced 2025-09-15 09:45:58 +03:00
Code Activity

Compare commits

base: andy:604ca2daf955e2e941480216116b3db7334e6914
Branches Tags
andy:main
...
compare: andy:33aa287e1269d55d77fe62de5e49b529e57290ad
Branches Tags
andy:main

3 Commits
604ca2daf9 ... 33aa287e12

Author SHA1 Message Date
xnm
33aa287e12 🔒 feat(security): replace sudo with sudo-rs 
- Enable `sudo-rs` with wheel-only execution
- Disable legacy `sudo`
- Update AppArmor and U2F configs for `sudo-rs`
- Update Yubikey U2F auth for `sudo-rs`
 2025-05-18 03:40:44 +03:00
xnm
952fb7f7c1 📦 ️feat(work): update developer tooling 
- Add google-cloud-sdk and android-studio
- Reorganize package list ordering
 2025-05-18 03:37:28 +03:00
xnm
98452f31a3 📦 ️feat(terminal): add dotenvx to system packages 2025-05-18 03:33:40 +03:00
4 changed files with 11 additions and 3 deletions
Expand all files Collapse all files

7
nixos/security-services.nix
View File

@@ -10,6 +10,11 @@
# };
# Enable Security Services
security.sudo-rs = {
enable = true;
execWheelOnly = true;
};
security.sudo.enable = false;
users.users.root.hashedPassword = "!";
security.tpm2 = {
enable = true;
@@ -28,7 +33,7 @@
security.pam.services = {
login.enableAppArmor = true;
sshd.enableAppArmor = true;
sudo.enableAppArmor = true;
sudo-rs.enableAppArmor = true;
su.enableAppArmor = true;
greetd.enableAppArmor = true;
u2f.enableAppArmor = true;

1
nixos/terminal-utils.nix
View File

@@ -4,6 +4,7 @@
environment.systemPackages = with pkgs; [
file
upx
dotenvx
git
lazygit
delta

4
nixos/work.nix
View File

@@ -4,12 +4,14 @@
environment.systemPackages = with pkgs; [
slack
aws-sam-cli
google-cloud-sdk
awscli2
ssm-session-manager-plugin
cargo-lambda
gnumake
cmake
redli
firebase-tools
redli
android-studio
];
}

2
nixos/yubikey.nix
View File

@@ -14,7 +14,7 @@
security.pam.services = {
greetd.u2fAuth = true;
sudo.u2fAuth = true;
sudo-rs.u2fAuth = true;
hyprlock.u2fAuth = true;
};