xin/system/nix-lockdown.nix

{ config
, lib
, ...
}:
with lib; {
  options = {
    nixLockdown = {
      enable = mkOption {
        description = "Lockdown Nix";
        default = true;
        example = true;
        type = lib.types.bool;
      };
    };
  };
  config = mkIf config.nixLockdown.enable {
    nix = {
      settings = {
        sandbox = true;
        trusted-users = [ "@wheel" ];
        allowed-users = [ "root" "qbit" ];
      };
    };
  };
}
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`{ config`
			`, lib`
			`, ...`
all: format with alejandra 2023-07-11 09:12:50 -06:00			`}:`
hello world! 2022-08-25 12:21:35 -06:00			`with lib; {`
			`options = {`
			`nixLockdown = {`
			`enable = mkOption {`
			`description = "Lockdown Nix";`
			`default = true;`
			`example = true;`
			`type = lib.types.bool;`
			`};`
			`};`
			`};`
			`config = mkIf config.nixLockdown.enable {`
all: update to 22.11 \o/ 2022-11-22 21:30:31 -07:00			`nix = {`
all: switch to nixpkgs-fmt 2023-09-12 08:44:05 -06:00			`settings = {`
			`sandbox = true;`
			`trusted-users = [ "@wheel" ];`
			`allowed-users = [ "root" "qbit" ];`
			`};`
hello world! 2022-08-25 12:21:35 -06:00			`};`
			`};`
			`}`