21 lines
489 B
Nix
21 lines
489 B
Nix
{ pkgs, ... }:
|
|
{
|
|
environment.systemPackages = with pkgs; [
|
|
bitwarden
|
|
bitwarden-cli
|
|
];
|
|
|
|
programs.zsh.interactiveShellInit = "export SSH_AUTH_SOCK=/home/vili/.bitwarden-ssh-agent.sock";
|
|
security = {
|
|
pam = {
|
|
rssh.enable = true;
|
|
services = {
|
|
sudo.rssh = true;
|
|
};
|
|
};
|
|
sudo.execWheelOnly = true;
|
|
};
|
|
|
|
# We need SSH for the sudo, but generally don't want it open on machines with Bitwarden client
|
|
services.openssh.openFirewall = false;
|
|
}
|