From 892482250c3726b8f4b255d3aff7f4208bbfba97 Mon Sep 17 00:00:00 2001 From: Richard Huang Date: Sat, 18 Nov 2023 20:23:12 -0800 Subject: [PATCH] [yabai] Configure scripting addition Allow admins to execute `yabai --load-sa` as the root user without having to enter a password --- modules/services/yabai/default.nix | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/modules/services/yabai/default.nix b/modules/services/yabai/default.nix index d6af899..354c68b 100644 --- a/modules/services/yabai/default.nix +++ b/modules/services/yabai/default.nix @@ -7,9 +7,10 @@ let toYabaiConfig = opts: concatStringsSep "\n" (mapAttrsToList - (p: v: "yabai -m config ${p} ${toString v}") opts); + (p: v: "yabai -m config ${p} ${toString v}") + opts); - configFile = mkIf (cfg.config != {} || cfg.extraConfig != "") + configFile = mkIf (cfg.config != { } || cfg.extraConfig != "") "${pkgs.writeScript "yabairc" ( (if (cfg.config != {}) then "${toYabaiConfig cfg.config}" @@ -42,7 +43,7 @@ in services.yabai.config = mkOption { type = attrs; - default = {}; + default = { }; example = literalExpression '' { focus_follows_mouse = "autoraise"; @@ -77,7 +78,7 @@ in launchd.user.agents.yabai = { serviceConfig.ProgramArguments = [ "${cfg.package}/bin/yabai" ] - ++ optionals (cfg.config != {} || cfg.extraConfig != "") [ "-c" configFile ]; + ++ optionals (cfg.config != { } || cfg.extraConfig != "") [ "-c" configFile ]; serviceConfig.KeepAlive = true; serviceConfig.RunAtLoad = true; @@ -101,6 +102,12 @@ in serviceConfig.RunAtLoad = true; serviceConfig.KeepAlive.SuccessfulExit = false; }; + + environment.etc."sudoers.d/yabai".text = + let + sha = builtins.hashFile "sha256" "${cfg.package}/bin/yabai"; + in + "%admin ALL=(root) NOPASSWD: sha256:${sha} ${cfg.package}/bin/yabai --load-sa"; }) ]; }