From e1673c5f108069cacf1e4be3b3480e4a0a978bae Mon Sep 17 00:00:00 2001
From: Alex Mickelson <alexmickelson96@gmail.com>
Date: Wed, 18 Feb 2026 21:04:19 -0700
Subject: [PATCH] updates

---
 nix/home-server.nix          | 5 +++++
 nix/modules/gitea-runner.nix | 7 +++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/nix/home-server.nix b/nix/home-server.nix
index 3a6cf91..0c4c7eb 100644
--- a/nix/home-server.nix
+++ b/nix/home-server.nix
@@ -128,6 +128,11 @@
   ];
   services.envfs.enable = true;
 
+  security.sudo = {
+    enable = true;
+    wheelNeedsPassword = true;
+  };
+
   # printing
   services.printing = {
     enable = true;
diff --git a/nix/modules/gitea-runner.nix b/nix/modules/gitea-runner.nix
index 8b7d764..0b220e6 100644
--- a/nix/modules/gitea-runner.nix
+++ b/nix/modules/gitea-runner.nix
@@ -27,7 +27,6 @@
         kubectl
         kubernetes-helm
         curl
-        sudo
       ];
       settings = {
         container = { 
@@ -61,7 +60,11 @@
       commands = [
         {
           command = "${pkgs.nix}/bin/nix-collect-garbage";
-          options = [ "NOPASSWD" ];
+          options = [ "NOPASSWD" "SETENV" ];
+        }
+        {
+          command = "${pkgs.nix}/bin/nix-env";
+          options = [ "NOPASSWD" "SETENV" ];
         }
       ];
     }