From 7ef00d0f2748e75fa947b552fb6a717ca505ed1e Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Sun, 26 Apr 2020 18:34:10 +0100 Subject: feat(ops/nixos/camden): Enable SSH agent auth --- ops/nixos/camden/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ops/nixos/camden/default.nix b/ops/nixos/camden/default.nix index 4fe7b4376474..9d82eb9de46f 100644 --- a/ops/nixos/camden/default.nix +++ b/ops/nixos/camden/default.nix @@ -145,6 +145,9 @@ in lib.fix(self: { # Join Tailscale into home network services.tailscale.enable = true; + # Allow sudo-ing via the forwarded SSH agent. + security.pam.enableSSHAgentAuth = true; + # Run cgit for the depot. The onion here is nginx(thttpd(cgit)). systemd.services.cgit = { wantedBy = [ "multi-user.target" ]; -- cgit 1.4.1