From c1af411db238b0bd2e2acffd27d64c982629f727 Mon Sep 17 00:00:00 2001
From: Tyler Starr <starrtyler88@gmail.com>
Date: Sun, 8 Oct 2023 21:13:29 -0700
Subject: [PATCH] Allow password-less root for Bulwark

---
 provision/nixos/hosts/bulwark/configuration.nix | 9 +++++++++
 provision/nixos/hosts/kestrel/configuration.nix | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/provision/nixos/hosts/bulwark/configuration.nix b/provision/nixos/hosts/bulwark/configuration.nix
index aeb4c2c7..04f8932c 100644
--- a/provision/nixos/hosts/bulwark/configuration.nix
+++ b/provision/nixos/hosts/bulwark/configuration.nix
@@ -55,6 +55,15 @@
     extraGroups = [ "dialout" "wheel" "docker" "libvirtd" ]; # Enable ‘sudo’ for the user.
   };
 
+  # Password-less root
+  security.sudo.extraRules = [{ 
+    users = [ "${user}" ];
+    commands = [{ 
+      command = "ALL" ;
+      options= [ "NOPASSWD" ];
+    }];
+  }];
+
   # List packages installed in system profile.
   environment.systemPackages = with pkgs; [
       # One-off stable packages
diff --git a/provision/nixos/hosts/kestrel/configuration.nix b/provision/nixos/hosts/kestrel/configuration.nix
index 46593aa8..a0f0070a 100644
--- a/provision/nixos/hosts/kestrel/configuration.nix
+++ b/provision/nixos/hosts/kestrel/configuration.nix
@@ -63,7 +63,7 @@
     users = [ "${user}" ];
     commands = [{ 
       command = "ALL" ;
-      options= [ "NOPASSWD" ]; # "SETENV" # Adding the following could be a good idea
+      options= [ "NOPASSWD" ];
     }];
   }];