flake: restrict nix access

2023-07-27 21:37:38 +02:00 · 2023-07-27 21:37:38 +02:00 · 0b304408b3
commit 0b304408b3
parent b404639e76
1 changed files with 1 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -46,6 +46,7 @@
          inherit (nixpkgs) lib;
          inherit inputs nixpkgs nixpkgs-stable nixos-hardware home-manager nur user location agenix jovian-nixos;   # Also inherit home-manager so it does not need to be defined here.
          nix.allowedUsers = [ "@wheel" ];
+          security.sudo.execWheelOnly = true;
        }
      );
    };