services/yabai: Remove IFD

enableScriptingAddition no longer triggers IFD by using runCommand to generate sudoers.d/yabai, instead of builtins.hashFile and interpolating the string in nix.
author: Nikodem Rabuliński <nikodem@rabulinski.com> 2024-02-01 23:00:34 +0100
committer: Nikodem Rabuliński <nikodem@rabulinski.com> 2024-02-01 23:06:13 +0100
commit: 4363d3b42f71156c5de80c3cf9ff998ff0a5681a (patch)
tree: da6f436da07934995603131d5924d12190b6c3df /modules/services
parent: 91b9daf672c957ef95a05491a75f62e6a01d5aaf (diff)
1 files changed, 7 insertions, 5 deletions
diff --git a/modules/services/yabai/default.nix b/modules/services/yabai/default.nix
index 63fbfdb..a26c7ca 100644
--- a/modules/services/yabai/default.nix
+++ b/modules/services/yabai/default.nix
@@ -96,11 +96,13 @@ in
         serviceConfig.KeepAlive.SuccessfulExit = false;
       };
 
-      environment.etc."sudoers.d/yabai".text =
-        let
-          sha = builtins.hashFile "sha256" "${cfg.package}/bin/yabai";
-        in
-        "%admin ALL=(root) NOPASSWD: sha256:${sha} ${cfg.package}/bin/yabai --load-sa";
+      environment.etc."sudoers.d/yabai".source = pkgs.runCommand "sudoers-yabai" {} ''
+        YABAI_BIN="${cfg.package}/bin/yabai"
+        SHASUM=$(sha256sum "$YABAI_BIN" | cut -d' ' -f1)
+        cat <<EOF >"$out"
+        %admin ALL=(root) NOPASSWD: sha256:$SHASUM $YABAI_BIN --load-sa
+        EOF
+      '';
     })
   ];
 }
author	Nikodem Rabuliński <nikodem@rabulinski.com>	2024-02-01 23:00:34 +0100
committer	Nikodem Rabuliński <nikodem@rabulinski.com>	2024-02-01 23:06:13 +0100
commit	4363d3b42f71156c5de80c3cf9ff998ff0a5681a (patch)
tree	da6f436da07934995603131d5924d12190b6c3df /modules/services
parent	91b9daf672c957ef95a05491a75f62e6a01d5aaf (diff)