diff --git a/modules/sudo.nix b/modules/sudo.nix
index ebe10d1..d47d889 100644
--- a/modules/sudo.nix
+++ b/modules/sudo.nix
@@ -1,5 +1,22 @@
 { pkgs, inputs, ... }:
-
+let
+  commandsWithoutPassword = [
+    "/run/current-system/sw/bin/systemctl restart tor.service"
+  ];
+in
 {
-  security.sudo.execWheelOnly = true;
+  security.sudo = {
+    execWheelOnly = true;
+    extraRules = [
+      {
+        groups = [ "wheel" ];
+        commands = map
+          (cmd: {
+            command = cmd;
+            options = [ "NOPASSWD" ];
+          })
+          commandsWithoutPassword;
+      }
+    ];
+  };
 }