Compare commits

...

2 Commits

Author SHA1 Message Date
Nathan McCarty a798185a17
Format 2023-05-07 02:16:39 -04:00
Nathan McCarty c24e1ca432
Automount user tmpfs 2023-05-07 02:16:31 -04:00
5 changed files with 43 additions and 31 deletions

View File

@ -68,11 +68,11 @@ in with lib; {
gtk = true;
};
extraSessionCommands = ''
# Make qt theming work
export QT_QPA_PLATFORMTHEME="qt5ct"
# Prepare for wob
export WOBSOCK="$XDG_RUNTIME_DIR/wob.sock"
rm -rf $WOBSOCK && mkfifo $WOBSOCK
# Make qt theming work
export QT_QPA_PLATFORMTHEME="qt5ct"
# Prepare for wob
export WOBSOCK="$XDG_RUNTIME_DIR/wob.sock"
rm -rf $WOBSOCK && mkfifo $WOBSOCK
'';
config = {
# Startup wob

View File

@ -41,6 +41,7 @@
};
config = {
setupGrub = false;
userUid = "1001";
nix = {
autoUpdate = true;
autoGC = true;

View File

@ -138,6 +138,12 @@ in {
description = "Whether to install the 'nathan' user";
type = lib.types.bool;
};
homeTmpfs = mkEnableOptionT "~/.tmp as tmpfs";
userUid = mkOption {
default = "1000";
example = "1000";
description = "UID of the user";
};
# Should we harden this system?
# On by default
harden = mkEnableOptionT "Apply system hardening";

View File

@ -19,8 +19,7 @@ in with lib; {
};
environment.shells = [ pkgs.fish ];
users = {
# If we install the user and the system is hardended, then disable mutable users
mutableUsers = !(nc.installUser && nc.harden);
mutableUsers = !nc.installUser;
# Configure our user, if enabled
users."${nc.user}" = mkMerge [
(mkIf nc.installUser {
@ -65,5 +64,11 @@ in with lib; {
(mkIf config.nathan.hardware.amdPassthrough {
users.users."${nc.user}".extraGroups = [ "libvirtd" ];
})
(mkIf (nc.homeTmpfs && nc.installUser) {
fileSystems."/home/${nc.user}/.tmp" = {
fsType = "tmpfs";
options = [ "mode=700" "uid=${nc.userUid}" "gid=100" ];
};
})
];
}

View File

@ -1,29 +1,29 @@
{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, wayland-scanner
, libxkbcommon, mesa, pixman, xorg, wayland, gtest }:
{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, wayland-scanner
, libxkbcommon, mesa, pixman, xorg, wayland, gtest }:
stdenv.mkDerivation {
pname = "sommelier";
version = "104.0";
stdenv.mkDerivation {
pname = "sommelier";
version = "104.0";
src = fetchFromGitHub {
owner = "akvadrako";
repo = "sommelier";
rev = "31a42a2f8c649ae82a3239284bced7ef39a569ef";
sha256 = "sha256-ZTvH4mn7eK2e/1u6FVVpR7aaeAQ+JxSa4nhXWLxSfvo=";
};
src = fetchFromGitHub {
owner = "akvadrako";
repo = "sommelier";
rev = "31a42a2f8c649ae82a3239284bced7ef39a569ef";
sha256 = "sha256-ZTvH4mn7eK2e/1u6FVVpR7aaeAQ+JxSa4nhXWLxSfvo=";
};
nativeBuildInputs = [ meson ninja pkg-config wayland-scanner ];
buildInputs = [ libxkbcommon mesa pixman wayland xorg.libxcb ];
nativeBuildInputs = [ meson ninja pkg-config wayland-scanner ];
buildInputs = [ libxkbcommon mesa pixman wayland xorg.libxcb ];
doCheck = true;
nativeCheckInputs = [ gtest ];
doCheck = true;
nativeCheckInputs = [ gtest ];
meta = with lib; {
homepage =
"https://chromium.googlesource.com/chromiumos/platform2/+/refs/heads/main/vm_tools/sommelier/";
description = "Nested Wayland compositor with support for X11 forwarding";
maintainers = with maintainers; [ qyliss ];
license = licenses.bsd3;
platforms = platforms.linux;
};
}
meta = with lib; {
homepage =
"https://chromium.googlesource.com/chromiumos/platform2/+/refs/heads/main/vm_tools/sommelier/";
description = "Nested Wayland compositor with support for X11 forwarding";
maintainers = with maintainers; [ qyliss ];
license = licenses.bsd3;
platforms = platforms.linux;
};
}