Doas

I like the simplicity of doas compared to sudo. Also, not using the most popular program used for privilege escalation increases security. You may call it security by obscurity, but it doesn’t make it wrong.

{
  security.doas = {
    enable = true;
    extraRules = [
      {
        groups = [ "wheel" ];
        persist = true;
        keepEnv = true;
        setEnv = [ "PATH" ];
      }
    ];
  };
  security.sudo.enable = false;
  users.allowNoPasswordLogin = true;
}

{ pkgs, ... }:
 
{
  environment.systemPackages = [
    pkgs.doas-sudo-shim
  ];
}

nix.org

Graph View

Explorer

Backlinks