ctucx.git: nixfiles

machines/blechbuechse: set default shell on systemActivation, enbale TouchId for `sudo`

diff --git a/machines/blechbuechse/darwin-configuration.nix b/machines/blechbuechse/darwin-configuration.nix
@@ -66,6 +66,17 @@ in {
       { HIDKeyboardModifierMappingSrc = 30064771302; HIDKeyboardModifierMappingDst = 30064771303; }
     ];
   };
+  system.activationScripts.postActivation.text = ''
+    # Set the default shell to bash. MacOS doesn't do this like nixOS does
+    sudo chsh -s ${pkgs.bashInteractive}/bin/bash leah
+
+    # Enable sudo Touch ID authentication, if not already enabled
+    if ! grep 'pam_tid.so' /etc/pam.d/sudo > /dev/null; then
+      sed -i "" '2i\
+    auth       sufficient     pam_tid.so # use TouchID with sudo
+      ' /etc/pam.d/sudo
+   fi
+  '';
 
   system.activationScripts.extraSystemSettings.text = ''
     # Sleep display after 30 minutes