From 4dc55a82c9b5d40477a2e16b780411e289627b79 Mon Sep 17 00:00:00 2001
From: mc-fucker <dev@mc-fucker.cool>
Date: Fri, 6 Jun 2025 10:23:41 +0200
Subject: [PATCH] added sudo rule to allow zabbix to execute smartctl

---
 modules/zabbix-agent.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/modules/zabbix-agent.nix b/modules/zabbix-agent.nix
index faae769..3846d9f 100644
--- a/modules/zabbix-agent.nix
+++ b/modules/zabbix-agent.nix
@@ -22,6 +22,19 @@ in
     pkgs.smartmontools
   ];
   users.users.zabbix-agent.extraGroups = [ "systemd-journal" ];
+
+  #allow zabbix-agent to run smartctl
+  security.sudo.extraRules = [
+    {
+      users = [ "zabbix-agent" ];
+      commands = [
+        {
+          command = "${pkgs.smartmontools}/bin/smartctl";
+          options = [ "NOPASSWD" ];
+        }
+      ];
+    }
+  ];
 }
 
 # vim: set et ts=2 sw=2 ai: