From 7e4383aa897bbdcf6124d3d4b52ce6249630e09a Mon Sep 17 00:00:00 2001
From: Mikhail Klementev <blame@dumpstack.io>
Date: Mon, 13 Feb 2023 09:16:09 +0000
Subject: [PATCH] to not affect local development, remove system-wide
 out-of-tree

---
 security.nix | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/security.nix b/security.nix
index 033a90e..1ef5ec2 100644
--- a/security.nix
+++ b/security.nix
@@ -41,22 +41,10 @@
     extraConfig = ''
       %wheel ALL=(ALL:ALL) NOPASSWD: ${pkgs.light}/bin/light
       %wheel ALL=(captive) NOPASSWD: ${pkgs.firefox}/bin/firefox
-      %wheel ALL=(out-of-tree) NOPASSWD: ${pkgs.out-of-tree}/bin/out-of-tree
     '';
   };
 
-  users.users.out-of-tree = {
-    home = "/var/out-of-tree";
-    group = "out-of-tree";
-    isSystemUser = true;
-    createHome = true;
-    extraGroups = [ "docker" "kvm" ];
-  };
-  users.groups.out-of-tree = {};
-
   environment.systemPackages = with pkgs; [
     (writeShellScriptBin "captive" "sudo -H -u captive ${pkgs.firefox}/bin/firefox")
-    (writeShellScriptBin "out-of-tree"
-      "sudo -H -u out-of-tree ${pkgs.out-of-tree}/bin/out-of-tree $@")
   ];
 }