fix sudo

modules/base/default.nix

@@ -13,6 +13,7 @@
     ./packages.nix
     ./ripgrep.nix
     ./ssh.nix
+    ./sudo.nix
     ./users.nix
     ./vim
   ];

modules/base/sudo.nix

@@ -1,14 +1,14 @@
 {...}: {
   security.sudo = {
     # Only allow members of the wheel group to execute sudo by setting the
-    # executable’s permissions accordingly. This prevents users that are not
+    # executable's permissions accordingly. This prevents users that are not
     # members of wheel from exploiting vulnerabilities in sudo such as
     # CVE-2021-3156.
-    security.sudo.execWheelOnly = true;
+    execWheelOnly = true;
 
     # With great power comes great responsibility, we get it.. Also means we
     # don't have state in /var/db/sudo/lectured.
-    security.sudo.extraConfig = ''
+    extraConfig = ''
       Defaults lecture = never
     '';
   };