From d241f84f300b662c8672317eb8332ef3918ab474 Mon Sep 17 00:00:00 2001
From: joy <mail@joygnu.org>
Date: Tue, 15 Oct 2024 20:13:25 +0200
Subject: [PATCH] doas

---
 modules/programs/home/zsh/default.nix        |  4 ++--
 modules/programs/home/zsh/scripts/rebuild.sh |  6 +++---
 modules/system/default.nix                   |  1 +
 modules/system/doas/default.nix              | 11 +++++++++++
 modules/system/user/default.nix              |  1 -
 5 files changed, 17 insertions(+), 6 deletions(-)
 create mode 100644 modules/system/doas/default.nix

diff --git a/modules/programs/home/zsh/default.nix b/modules/programs/home/zsh/default.nix
index fecd93e..924ee2b 100644
--- a/modules/programs/home/zsh/default.nix
+++ b/modules/programs/home/zsh/default.nix
@@ -15,9 +15,9 @@
       ser = "ssh root@joygnu.org";
       ip = "sh ~/nix/modules/programs/home/zsh/scripts/ip.sh";
       rb = "sh ~/nix/modules/programs/home/zsh/scripts/rebuild.sh";
-      fr = "sudo systemctl reboot --firmware";
+      fr = "doas systemctl reboot --firmware";
       up = "nix flake update ~/nix";
-      del = "sudo nix-collect-garbage -d";
+      del = "doas nix-collect-garbage -d";
       dn = "dotnet new console";
       dr = "dotnet run";
     };
diff --git a/modules/programs/home/zsh/scripts/rebuild.sh b/modules/programs/home/zsh/scripts/rebuild.sh
index cc69898..035de95 100755
--- a/modules/programs/home/zsh/scripts/rebuild.sh
+++ b/modules/programs/home/zsh/scripts/rebuild.sh
@@ -11,11 +11,11 @@ alejandra .
 hostname=$(hostname)
 
 if echo "$hostname" | grep -q 'desktop'; then
-    sudo nixos-rebuild switch --flake ~/nix/#desktop 
+    doas nixos-rebuild switch --flake ~/nix/#desktop 
 elif echo "$hostname" | grep -q 'laptop'; then
-    sudo nixos-rebuild switch --flake ~/nix/#laptop 
+    doas nixos-rebuild switch --flake ~/nix/#laptop 
 elif echo "$hostname" | grep -q 'server'; then
-    sudo nixos-rebuild switch --flake ~/nix/#server
+    doas nixos-rebuild switch --flake ~/nix/#server
 elif echo "$hostname" | grep -q 'localhost'; then
     nix-on-droid switch --flake ~/nix
 fi
diff --git a/modules/system/default.nix b/modules/system/default.nix
index 6b67be2..2d5ff97 100644
--- a/modules/system/default.nix
+++ b/modules/system/default.nix
@@ -5,6 +5,7 @@
     ./xdg
     ./networking
     ./lact
+    ./doas
     ./misc
   ];
 }
diff --git a/modules/system/doas/default.nix b/modules/system/doas/default.nix
new file mode 100644
index 0000000..2a59f9e
--- /dev/null
+++ b/modules/system/doas/default.nix
@@ -0,0 +1,11 @@
+{
+  security.doas.enable = true;
+  security.sudo.enable = false;
+  security.doas.extraRules = [
+    {
+      users = ["joy"];
+      keepEnv = true;
+      persist = true;
+    }
+  ];
+}
diff --git a/modules/system/user/default.nix b/modules/system/user/default.nix
index 307a831..58bf155 100644
--- a/modules/system/user/default.nix
+++ b/modules/system/user/default.nix
@@ -2,6 +2,5 @@
   users.users.joy = {
     isNormalUser = true;
     description = "joy";
-    extraGroups = ["wheel" "sudo"];
   };
 }