| 1 Dec 2022 |
 @ask-yourself:matrix.org | Don't I do that with keepEnv? | 20:48:46 |
| @ask-yourself:matrix.org | {user, ...}: {
# deployment.privilegeEscalationCommand = ["doas"];
security = {
doas = {
enable = true;
extraRules = [
{
keepEnv = true;
noPass = true;
users = ["${user}"];
}
];
};
sudo.enable = true ;
};
}
| 20:48:51 |
 Zhaofeng Li | Does doas git work? | 20:49:51 |
| @ask-yourself:matrix.org | Yup. | 20:50:02 |
| Zhaofeng Li | Hmm, this is very weird indeed. | 20:52:00 |
| Zhaofeng Li | And the weirdness is part of the reason I changed it to only escalate during activation. Permissions can also be easily messed up if you interact with the flake as another user. | 20:52:18 |
| @ask-yourself:matrix.org | I can deinitely switch to unstable. | 20:52:58 |
| @ask-yourself:matrix.org | I was just a bit confused how to do that. | 20:53:04 |
| Zhaofeng Li | nix shell github:zhaofengli/colmena should get you in a shell that has the unstable colmena. To add it to your config, add inputs.colmena.url = "github:zhaofengli/colmena"; and insert colmena.packages.${system}.colmena to devShell/systemPackages. | 20:55:36 |
| @ask-yourself:matrix.org | Ok doing this now. And then once I'm unstable the command is just colmena apply-local? | 20:56:26 |
| Zhaofeng Li | colmena apply --sudo with deployment.privilegeEscalationCommand set in the config. | 20:56:59 |
| @ask-yourself:matrix.org | Ahhh, ok right. | 20:57:09 |
