From 85e8b4774d3d05ead05e2837c91d594d55c71f0c Mon Sep 17 00:00:00 2001
From: Truxnell <9149206+truxnell@users.noreply.github.com>
Date: Sun, 24 Mar 2024 18:50:38 +1100
Subject: [PATCH] fix: wheelsudo

---
 README.md                               | 15 +++++++++++++++
 nixos/modules/nixos/system/security.nix |  4 ++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index da70126..f7ab5b2 100644
--- a/README.md
+++ b/README.md
@@ -63,6 +63,21 @@ cd ~/dotfiles
 nixos-rebuild switch --flake .#nameOfMachine --target-host machineToSshInto --use-remote-sudo
 ```
 
+## Hacking at nix files
+
+Eval config to see what keys are being set.
+
+```bash
+nix eval .#nixosConfigurations.rickenbacker.config.security.sudo.WheelNeedsPassword
+nix eval .#nixosConfigurations.rickenbacker.config.mySystem.security.wheelNeedsPassword
+```
+
+Quickly run a flake to see what the next error message is as you hack.
+
+```bash
+nixos-rebuild dry-run --flake . --fast --impure
+```
+
 ## Links & References
 
 - [Misterio77/nix-starter-config](https://github.com/Misterio77/nix-starter-configs)
diff --git a/nixos/modules/nixos/system/security.nix b/nixos/modules/nixos/system/security.nix
index bd9b9df..1ad617e 100644
--- a/nixos/modules/nixos/system/security.nix
+++ b/nixos/modules/nixos/system/security.nix
@@ -17,8 +17,8 @@ in
 
   config =
     {
-      security.pam.enableSSHAgentAuth = lib.mkIf cfg.sshAgentAuth.enable true;
-      security.sudo.wheelNeedsPassword = lib.mkIf cfg.wheelNeedsSudoPassword true;
+      security.pam.enableSSHAgentAuth = cfg.sshAgentAuth.enable;
+      security.sudo.wheelNeedsPassword = cfg.wheelNeedsSudoPassword;
 
     };