Skip to content

Commit

Permalink
[yabai] Configure scripting addition
Browse files Browse the repository at this point in the history
Allow admins to execute `yabai --load-sa` as the root user without
having to enter a password
  • Loading branch information
aeolyus committed Nov 19, 2023
1 parent e67f2bf commit 8924822
Showing 1 changed file with 11 additions and 4 deletions.
15 changes: 11 additions & 4 deletions modules/services/yabai/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,10 @@ let

toYabaiConfig = opts:
concatStringsSep "\n" (mapAttrsToList
(p: v: "yabai -m config ${p} ${toString v}") opts);
(p: v: "yabai -m config ${p} ${toString v}")
opts);

configFile = mkIf (cfg.config != {} || cfg.extraConfig != "")
configFile = mkIf (cfg.config != { } || cfg.extraConfig != "")
"${pkgs.writeScript "yabairc" (
(if (cfg.config != {})
then "${toYabaiConfig cfg.config}"
Expand Down Expand Up @@ -42,7 +43,7 @@ in

services.yabai.config = mkOption {
type = attrs;
default = {};
default = { };
example = literalExpression ''
{
focus_follows_mouse = "autoraise";
Expand Down Expand Up @@ -77,7 +78,7 @@ in

launchd.user.agents.yabai = {
serviceConfig.ProgramArguments = [ "${cfg.package}/bin/yabai" ]
++ optionals (cfg.config != {} || cfg.extraConfig != "") [ "-c" configFile ];
++ optionals (cfg.config != { } || cfg.extraConfig != "") [ "-c" configFile ];

serviceConfig.KeepAlive = true;
serviceConfig.RunAtLoad = true;
Expand All @@ -101,6 +102,12 @@ in
serviceConfig.RunAtLoad = true;
serviceConfig.KeepAlive.SuccessfulExit = false;
};

environment.etc."sudoers.d/yabai".text =
let
sha = builtins.hashFile "sha256" "${cfg.package}/bin/yabai";
in
"%admin ALL=(root) NOPASSWD: sha256:${sha} ${cfg.package}/bin/yabai --load-sa";
})
];
}

0 comments on commit 8924822

Please sign in to comment.