nixos-config/modules/system/settings/security/privilege/default.nix

{ ... }:
{
  security.sudo-rs = {
    enable = true;
    execWheelOnly = true;
    extraRules = [
      {
        users = [ "sudo" ];
        commands = [
          {
            command = "ALL";
            options = [ "NOPASSWD" ];
          }
        ];
      }
    ];
  };

  # Create a user that has admin non-interactively
  users.users.sudo = {
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3B9Uf3h5JiD2HjF/vQ5Zx9pibMgRrlf7ZoBktev9eB Warden"
    ];
  };
}