From eeb197bdd88ddd8a0520d202c9b8a8cfe2ea8834 Mon Sep 17 00:00:00 2001
From: Christoph Cullmann <christoph@cullmann.io>
Date: Fri, 9 May 2025 23:19:20 +0200
Subject: [PATCH] keep the environment, need that for many scripts

---
 share/common.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/share/common.nix b/share/common.nix
index 2163b29..2cf4567 100644
--- a/share/common.nix
+++ b/share/common.nix
@@ -547,6 +547,11 @@ in
   # use doas instead of sudo
   security.sudo.enable = false;
   security.doas.enable = true;
+  security.doas.extraRules = [
+    # wheel users are allowed to become all users
+    # keep the environment, need that for many scripts
+    { groups = [ "wheel" ]; noPass = false; keepEnv = true; persist = true; }
+  ];
 
   # try local AI stuff
   services.ollama = {