From 343f3d481f7fab97726e93c22cf4f0403a31d5e9 Mon Sep 17 00:00:00 2001
From: Mohammad Rafiq <rafiq@rrv.sh>
Date: Mon, 14 Jul 2025 19:19:02 +0800
Subject: [PATCH] feat(sudo): configure sudo with nix modules

---
 nix/modules/system/sudo.nix | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/nix/modules/system/sudo.nix b/nix/modules/system/sudo.nix
index 55b32ee..ec974cc 100644
--- a/nix/modules/system/sudo.nix
+++ b/nix/modules/system/sudo.nix
@@ -8,9 +8,12 @@ in
     nix.settings.trusted-users = [ "@wheel" ];
     users.users.${cfg.admin.username}.extraGroups = [ "wheel" ];
   };
-  flake.modules.darwin.default.security.pam.services.sudo_local = {
-    enable = true;
-    reattach = true;
-    touchIdAuth = true;
+  flake.modules.darwin.default.security = {
+    sudo.extraConfig = "%admin          ALL = (ALL) NOPASSWD: ALL";
+    pam.services.sudo_local = {
+      enable = true;
+      reattach = true;
+      touchIdAuth = true;
+    };
   };
 }