Format

home-manager/linux/programs/sway.nix

@@ -68,11 +68,11 @@ in with lib; {
         gtk = true;
       };
       extraSessionCommands = ''
-        # Make qt theming work
+                # Make qt theming work
-        export QT_QPA_PLATFORMTHEME="qt5ct"
+                export QT_QPA_PLATFORMTHEME="qt5ct"
-        # Prepare for wob
+                # Prepare for wob
-        export WOBSOCK="$XDG_RUNTIME_DIR/wob.sock"
+                export WOBSOCK="$XDG_RUNTIME_DIR/wob.sock"
-	rm -rf $WOBSOCK && mkfifo $WOBSOCK
+        	rm -rf $WOBSOCK && mkfifo $WOBSOCK
       '';
       config = {
         # Startup wob

machines/tounge/configuration.nix

@@ -41,6 +41,7 @@
     };
     config = {
       setupGrub = false;
+      userUid = "1001";
       nix = {
         autoUpdate = true;
         autoGC = true;

modules/linux/default.nix

@@ -138,6 +138,12 @@ in {
             description = "Whether to install the 'nathan' user";
             type = lib.types.bool;
           };
+          homeTmpfs = mkEnableOptionT "~/.tmp as tmpfs";
+          userUid = mkOption {
+            default = "1000";
+            example = "1000";
+            description = "UID of the user";
+          };
           # Should we harden this system?
           # On by default
           harden = mkEnableOptionT "Apply system hardening";

modules/linux/user.nix

@@ -19,8 +19,7 @@ in with lib; {
       };
       environment.shells = [ pkgs.fish ];
       users = {
-        # If we install the user and the system is hardended, then disable mutable users
+        mutableUsers = !nc.installUser;
-        mutableUsers = !(nc.installUser && nc.harden);
         # Configure our user, if enabled
         users."${nc.user}" = mkMerge [
           (mkIf nc.installUser {
@@ -65,5 +64,11 @@ in with lib; {
     (mkIf config.nathan.hardware.amdPassthrough {
       users.users."${nc.user}".extraGroups = [ "libvirtd" ];
     })
+    (mkIf (nc.homeTmpfs && nc.installUser) {
+      fileSystems."/home/${nc.user}/.tmp" = {
+        fsType = "tmpfs";
+        options = [ "mode=700" "uid=${nc.userUid}" "gid=100" ];
+      };
+    })
   ];
 }

packages/sommelier/default.nix

@@ -1,29 +1,29 @@
-  { lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, wayland-scanner
+{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, wayland-scanner
-  , libxkbcommon, mesa, pixman, xorg, wayland, gtest }:
+, libxkbcommon, mesa, pixman, xorg, wayland, gtest }:
 
-  stdenv.mkDerivation {
+stdenv.mkDerivation {
-    pname = "sommelier";
+  pname = "sommelier";
-    version = "104.0";
+  version = "104.0";
 
-    src = fetchFromGitHub {
+  src = fetchFromGitHub {
-      owner = "akvadrako";
+    owner = "akvadrako";
-      repo = "sommelier";
+    repo = "sommelier";
-      rev = "31a42a2f8c649ae82a3239284bced7ef39a569ef";
+    rev = "31a42a2f8c649ae82a3239284bced7ef39a569ef";
-      sha256 = "sha256-ZTvH4mn7eK2e/1u6FVVpR7aaeAQ+JxSa4nhXWLxSfvo=";
+    sha256 = "sha256-ZTvH4mn7eK2e/1u6FVVpR7aaeAQ+JxSa4nhXWLxSfvo=";
-    };
+  };
 
-    nativeBuildInputs = [ meson ninja pkg-config wayland-scanner ];
+  nativeBuildInputs = [ meson ninja pkg-config wayland-scanner ];
-    buildInputs = [ libxkbcommon mesa pixman wayland xorg.libxcb ];
+  buildInputs = [ libxkbcommon mesa pixman wayland xorg.libxcb ];
 
-    doCheck = true;
+  doCheck = true;
-    nativeCheckInputs = [ gtest ];
+  nativeCheckInputs = [ gtest ];
 
-    meta = with lib; {
+  meta = with lib; {
-      homepage =
+    homepage =
-        "https://chromium.googlesource.com/chromiumos/platform2/+/refs/heads/main/vm_tools/sommelier/";
+      "https://chromium.googlesource.com/chromiumos/platform2/+/refs/heads/main/vm_tools/sommelier/";
-      description = "Nested Wayland compositor with support for X11 forwarding";
+    description = "Nested Wayland compositor with support for X11 forwarding";
-      maintainers = with maintainers; [ qyliss ];
+    maintainers = with maintainers; [ qyliss ];
-      license = licenses.bsd3;
+    license = licenses.bsd3;
-      platforms = platforms.linux;
+    platforms = platforms.linux;
-    };
+  };
-  }
+}