diff options
Diffstat (limited to 'nixos/modules/programs')
| -rw-r--r-- | nixos/modules/programs/bash/bash.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/programs/browserpass.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/programs/clash-verge.nix | 14 | ||||
| -rw-r--r-- | nixos/modules/programs/direnv.nix | 18 | ||||
| -rw-r--r-- | nixos/modules/programs/ecryptfs.nix | 31 | ||||
| -rw-r--r-- | nixos/modules/programs/environment.nix | 9 | ||||
| -rw-r--r-- | nixos/modules/programs/firefox.nix | 28 | ||||
| -rw-r--r-- | nixos/modules/programs/fish.nix | 17 | ||||
| -rw-r--r-- | nixos/modules/programs/gnupg.nix | 29 | ||||
| -rw-r--r-- | nixos/modules/programs/hyprland.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/programs/nano.nix | 34 | ||||
| -rw-r--r-- | nixos/modules/programs/regreet.nix | 6 | ||||
| -rw-r--r-- | nixos/modules/programs/rust-motd.nix | 65 | ||||
| -rw-r--r-- | nixos/modules/programs/streamdeck-ui.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/programs/wayland/sway.nix | 13 | ||||
| -rw-r--r-- | nixos/modules/programs/yazi.nix | 53 | ||||
| -rw-r--r-- | nixos/modules/programs/yubikey-touch-detector.nix | 21 |
17 files changed, 264 insertions, 84 deletions
diff --git a/nixos/modules/programs/bash/bash.nix b/nixos/modules/programs/bash/bash.nix index 286faeadc48..7d3322ea5e5 100644 --- a/nixos/modules/programs/bash/bash.nix +++ b/nixos/modules/programs/bash/bash.nix @@ -81,7 +81,7 @@ in if [ "$TERM" != "dumb" ] || [ -n "$INSIDE_EMACS" ]; then PROMPT_COLOR="1;31m" ((UID)) && PROMPT_COLOR="1;32m" - if [ -n "$INSIDE_EMACS" ] || [ "$TERM" = "eterm" ] || [ "$TERM" = "eterm-color" ]; then + if [ -n "$INSIDE_EMACS" ]; then # Emacs term mode doesn't support xterm title escape sequence (\e]0;) PS1="\n\[\033[$PROMPT_COLOR\][\u@\h:\w]\\$\[\033[0m\] " else diff --git a/nixos/modules/programs/browserpass.nix b/nixos/modules/programs/browserpass.nix index 346d38e5e88..abd99056ff3 100644 --- a/nixos/modules/programs/browserpass.nix +++ b/nixos/modules/programs/browserpass.nix @@ -27,6 +27,6 @@ with lib; "opt/brave/native-messaging-hosts/${appId}".source = source "hosts/chromium"; "opt/brave/policies/managed/${appId}".source = source "policies/chromium"; }; - nixpkgs.config.firefox.enableBrowserpass = true; + programs.firefox.wrapperConfig.enableBrowserpass = true; }; } diff --git a/nixos/modules/programs/clash-verge.nix b/nixos/modules/programs/clash-verge.nix index 29977be3858..57a1c0377ed 100644 --- a/nixos/modules/programs/clash-verge.nix +++ b/nixos/modules/programs/clash-verge.nix @@ -2,17 +2,9 @@ { options.programs.clash-verge = { - enable = lib.mkEnableOption (lib.mdDoc '' - Clash Verge. - ''); - - autoStart = lib.mkEnableOption (lib.mdDoc '' - Clash Verge Auto Launch. - ''); - - tunMode = lib.mkEnableOption (lib.mdDoc '' - Clash Verge Tun Mode. - ''); + enable = lib.mkEnableOption (lib.mdDoc "Clash Verge"); + autoStart = lib.mkEnableOption (lib.mdDoc "Clash Verge auto launch"); + tunMode = lib.mkEnableOption (lib.mdDoc "Clash Verge TUN mode"); }; config = diff --git a/nixos/modules/programs/direnv.nix b/nixos/modules/programs/direnv.nix index 53717fae11a..1a80cb20280 100644 --- a/nixos/modules/programs/direnv.nix +++ b/nixos/modules/programs/direnv.nix @@ -32,15 +32,6 @@ in { the hiding of direnv logging ''); - persistDerivations = - (lib.mkEnableOption (lib.mdDoc '' - setting keep-derivations and keep-outputs to true - to prevent shells from getting garbage collected - '')) - // { - default = true; - }; - loadInNixShell = lib.mkEnableOption (lib.mdDoc '' loading direnv in `nix-shell` `nix shell` or `nix develop` @@ -62,6 +53,10 @@ in { }; }; + imports = [ + (lib.mkRemovedOptionModule ["programs" "direnv" "persistDerivations"] "persistDerivations was removed as it is on longer necessary") + ]; + config = lib.mkIf cfg.enable { programs = { @@ -87,11 +82,6 @@ in { ''; }; - nix.settings = lib.mkIf cfg.persistDerivations { - keep-outputs = true; - keep-derivations = true; - }; - environment = { systemPackages = if cfg.loadInNixShell then [cfg.package] diff --git a/nixos/modules/programs/ecryptfs.nix b/nixos/modules/programs/ecryptfs.nix new file mode 100644 index 00000000000..63c1a3ad441 --- /dev/null +++ b/nixos/modules/programs/ecryptfs.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.programs.ecryptfs; + +in { + options.programs.ecryptfs = { + enable = mkEnableOption (lib.mdDoc "ecryptfs setuid mount wrappers"); + }; + + config = mkIf cfg.enable { + security.wrappers = { + + "mount.ecryptfs_private" = { + setuid = true; + owner = "root"; + group = "root"; + source = "${lib.getBin pkgs.ecryptfs}/bin/mount.ecryptfs_private"; + }; + "umount.ecryptfs_private" = { + setuid = true; + owner = "root"; + group = "root"; + source = "${lib.getBin pkgs.ecryptfs}/bin/umount.ecryptfs_private"; + }; + + }; + }; +} diff --git a/nixos/modules/programs/environment.nix b/nixos/modules/programs/environment.nix index 3fbda153e0b..6cf9257d035 100644 --- a/nixos/modules/programs/environment.nix +++ b/nixos/modules/programs/environment.nix @@ -22,7 +22,6 @@ in # be specified here; do so in the default value of programs.less.envVariables instead PAGER = mkDefault "less"; EDITOR = mkDefault "nano"; - XDG_CONFIG_DIRS = [ "/etc/xdg" ]; # needs to be before profile-relative paths to allow changes through environment.etc }; # since we set PAGER to this above, make sure it's installed @@ -33,17 +32,19 @@ in "/run/current-system/sw" ]; + environment.sessionVariables = + { + XDG_CONFIG_DIRS = [ "/etc/xdg" ]; # needs to be before profile-relative paths to allow changes through environment.etc + }; + # TODO: move most of these elsewhere environment.profileRelativeSessionVariables = { PATH = [ "/bin" ]; INFOPATH = [ "/info" "/share/info" ]; - KDEDIRS = [ "" ]; - QT_PLUGIN_PATH = [ "/lib/qt4/plugins" "/lib/kde4/plugins" ]; QTWEBKIT_PLUGIN_PATH = [ "/lib/mozilla/plugins/" ]; GTK_PATH = [ "/lib/gtk-2.0" "/lib/gtk-3.0" "/lib/gtk-4.0" ]; XDG_CONFIG_DIRS = [ "/etc/xdg" ]; XDG_DATA_DIRS = [ "/share" ]; - MOZ_PLUGIN_PATH = [ "/lib/mozilla/plugins" ]; LIBEXEC_PATH = [ "/lib/libexec" ]; }; diff --git a/nixos/modules/programs/firefox.nix b/nixos/modules/programs/firefox.nix index 8653f066cf8..83a3edaf813 100644 --- a/nixos/modules/programs/firefox.nix +++ b/nixos/modules/programs/firefox.nix @@ -36,6 +36,12 @@ in ]; }; + wrapperConfig = mkOption { + type = types.attrs; + default = {}; + description = mdDoc "Arguments to pass to Firefox wrapper"; + }; + policies = mkOption { type = policyFormat.type; default = { }; @@ -227,17 +233,23 @@ in ] ++ optionals nmh.passff [ passff-host ]; + cfg = let + # copy-pasted from the wrapper; TODO: figure out fix + applicationName = cfg.package.binaryName or (lib.getName cfg.package); + + nixpkgsConfig = pkgs.config.${applicationName} or {}; + optionConfig = cfg.wrapperConfig; + nmhConfig = { + enableBrowserpass = nmh.browserpass; + enableBukubrow = nmh.bukubrow; + enableTridactylNative = nmh.tridactyl; + enableUgetIntegrator = nmh.ugetIntegrator; + enableFXCastBridge = nmh.fxCast; + }; + in nixpkgsConfig // optionConfig // nmhConfig; }) ]; - nixpkgs.config.firefox = { - enableBrowserpass = nmh.browserpass; - enableBukubrow = nmh.bukubrow; - enableTridactylNative = nmh.tridactyl; - enableUgetIntegrator = nmh.ugetIntegrator; - enableFXCastBridge = nmh.fxCast; - }; - environment.etc = let policiesJSON = policyFormat.generate "firefox-policies.json" { inherit (cfg) policies; }; diff --git a/nixos/modules/programs/fish.nix b/nixos/modules/programs/fish.nix index c85097f45e9..b500b8f24b2 100644 --- a/nixos/modules/programs/fish.nix +++ b/nixos/modules/programs/fish.nix @@ -258,16 +258,13 @@ in preferLocalBuild = true; allowSubstitutes = false; }; - generateCompletions = package: pkgs.runCommand - "${package.name}_fish-completions" - ( - { - inherit package; - preferLocalBuild = true; - allowSubstitutes = false; - } - // optionalAttrs (package ? meta.priority) { meta.priority = package.meta.priority; } - ) + generateCompletions = package: pkgs.runCommandLocal + ( with lib.strings; let + storeLength = stringLength storeDir + 34; # Nix' StorePath::HashLen + 2 for the separating slash and dash + pathName = substring storeLength (stringLength package - storeLength) package; + in (package.name or pathName) + "_fish-completions") + ( { inherit package; } // + optionalAttrs (package ? meta.priority) { meta.priority = package.meta.priority; }) '' mkdir -p $out if [ -d $package/share/man ]; then diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix index 697b6e9a0bd..aa1a536247c 100644 --- a/nixos/modules/programs/gnupg.nix +++ b/nixos/modules/programs/gnupg.nix @@ -6,6 +6,10 @@ let cfg = config.programs.gnupg; + agentSettingsFormat = pkgs.formats.keyValue { + mkKeyValue = lib.generators.mkKeyValueDefault { } " "; + }; + xserverCfg = config.services.xserver; defaultPinentryFlavor = @@ -82,6 +86,18 @@ in ''; }; + agent.settings = mkOption { + type = agentSettingsFormat.type; + default = { }; + example = { + default-cache-ttl = 600; + }; + description = lib.mdDoc '' + Configuration for /etc/gnupg/gpg-agent.conf. + See {manpage}`gpg-agent(1)` for supported options. + ''; + }; + dirmngr.enable = mkOption { type = types.bool; default = false; @@ -92,17 +108,20 @@ in }; config = mkIf cfg.agent.enable { - environment.etc."gnupg/gpg-agent.conf".text = - lib.optionalString (cfg.agent.pinentryFlavor != null) '' - pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry - ''; + programs.gnupg.agent.settings = { + pinentry-program = lib.mkIf (cfg.agent.pinentryFlavor != null) + "${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry"; + }; + + environment.etc."gnupg/gpg-agent.conf".source = + agentSettingsFormat.generate "gpg-agent.conf" cfg.agent.settings; # This overrides the systemd user unit shipped with the gnupg package systemd.user.services.gpg-agent = { unitConfig = { Description = "GnuPG cryptographic agent and passphrase cache"; Documentation = "man:gpg-agent(1)"; - Requires = [ "gpg-agent.socket" ]; + Requires = [ "sockets.target" ]; }; serviceConfig = { ExecStart = "${cfg.package}/bin/gpg-agent --supervised"; diff --git a/nixos/modules/programs/hyprland.nix b/nixos/modules/programs/hyprland.nix index e0ee5b6bd2a..638dfb98e8a 100644 --- a/nixos/modules/programs/hyprland.nix +++ b/nixos/modules/programs/hyprland.nix @@ -7,9 +7,7 @@ with lib; let cfg = config.programs.hyprland; finalPortalPackage = cfg.portalPackage.override { - hyprland-share-picker = pkgs.hyprland-share-picker.override { - hyprland = cfg.finalPackage; - }; + hyprland = cfg.finalPackage; }; in { diff --git a/nixos/modules/programs/nano.nix b/nixos/modules/programs/nano.nix index 7705bf0ddc7..28ddb4aaf66 100644 --- a/nixos/modules/programs/nano.nix +++ b/nixos/modules/programs/nano.nix @@ -2,14 +2,16 @@ let cfg = config.programs.nano; - LF = "\n"; in { - ###### interface - options = { programs.nano = { + enable = lib.mkEnableOption (lib.mdDoc "nano") // { + default = true; + }; + + package = lib.mkPackageOptionMD pkgs "nano" { }; nanorc = lib.mkOption { type = lib.types.lines; @@ -24,28 +26,22 @@ in set tabsize 2 ''; }; + syntaxHighlight = lib.mkOption { type = lib.types.bool; - default = true; + default = false; description = lib.mdDoc "Whether to enable syntax highlight for various languages."; }; }; }; - ###### implementation - - config = lib.mkIf (cfg.nanorc != "" || cfg.syntaxHighlight) { - environment.etc.nanorc.text = lib.concatStringsSep LF ( - ( lib.optionals cfg.syntaxHighlight [ - "# The line below is added because value of programs.nano.syntaxHighlight is set to true" - ''include "${pkgs.nano}/share/nano/*.nanorc"'' - "" - ]) - ++ ( lib.optionals (cfg.nanorc != "") [ - "# The lines below have been set from value of programs.nano.nanorc" - cfg.nanorc - ]) - ); + config = lib.mkIf cfg.enable { + environment = { + etc.nanorc.text = (lib.optionalString cfg.syntaxHighlight '' + # load syntax highlighting files + include "${cfg.package}/share/nano/*.nanorc" + '') + cfg.nanorc; + systemPackages = [ cfg.package ]; + }; }; - } diff --git a/nixos/modules/programs/regreet.nix b/nixos/modules/programs/regreet.nix index f6c750a45bf..640bc259573 100644 --- a/nixos/modules/programs/regreet.nix +++ b/nixos/modules/programs/regreet.nix @@ -66,10 +66,10 @@ in }; systemd.tmpfiles.rules = let - user = config.services.greetd.settings.default_session.user; + group = config.users.users.${config.services.greetd.settings.default_session.user}.group; in [ - "d /var/log/regreet 0755 greeter ${user} - -" - "d /var/cache/regreet 0755 greeter ${user} - -" + "d /var/log/regreet 0755 greeter ${group} - -" + "d /var/cache/regreet 0755 greeter ${group} - -" ]; }; } diff --git a/nixos/modules/programs/rust-motd.nix b/nixos/modules/programs/rust-motd.nix index d5f1820ba75..4c9b1018596 100644 --- a/nixos/modules/programs/rust-motd.nix +++ b/nixos/modules/programs/rust-motd.nix @@ -5,6 +5,23 @@ with lib; let cfg = config.programs.rust-motd; format = pkgs.formats.toml { }; + + # Order the sections in the TOML according to the order of sections + # in `cfg.order`. + motdConf = pkgs.runCommand "motd.conf" + { + __structuredAttrs = true; + inherit (cfg) order settings; + nativeBuildInputs = [ pkgs.remarshal pkgs.jq ]; + } + '' + cat "$NIX_ATTRS_JSON_FILE" \ + | jq '.settings as $settings + | .order + | map({ key: ., value: $settings."\(.)" }) + | from_entries' -r \ + | json2toml /dev/stdin "$out" + ''; in { options.programs.rust-motd = { enable = mkEnableOption (lib.mdDoc "rust-motd"); @@ -27,10 +44,43 @@ in { For possible formats, please refer to {manpage}`systemd.time(7)`. ''; }; + order = mkOption { + type = types.listOf types.str; + default = attrNames cfg.settings; + defaultText = literalExpression "attrNames cfg.settings"; + description = mdDoc '' + The order of the sections in [](#opt-programs.rust-motd.settings). + By default they are ordered alphabetically. + + Context: since attribute sets in Nix are always + ordered alphabetically internally this means that + + ```nix + { + uptime = { /* ... */ }; + banner = { /* ... */ }; + } + ``` + + will still have `banner` displayed before `uptime`. + + To work around that, this option can be used to define the order of all keys, + i.e. + + ```nix + { + order = [ + "uptime" + "banner" + ]; + } + ``` + + makes sure that `uptime` is placed before `banner` in the motd. + ''; + }; settings = mkOption { - type = types.submodule { - freeformType = format.type; - }; + type = types.attrsOf format.type; description = mdDoc '' Settings on what to generate. Please read the [upstream documentation](https://github.com/rust-motd/rust-motd/blob/main/README.md#configuration) @@ -45,14 +95,21 @@ in { `programs.rust-motd` is incompatible with `users.motd`! ''; } + { assertion = sort (a: b: a < b) cfg.order == attrNames cfg.settings; + message = '' + Please ensure that every section from `programs.rust-motd.settings` is present in + `programs.rust-motd.order`. + ''; + } ]; systemd.services.rust-motd = { path = with pkgs; [ bash ]; documentation = [ "https://github.com/rust-motd/rust-motd/blob/v${pkgs.rust-motd.version}/README.md" ]; description = "motd generator"; + wantedBy = [ "multi-user.target" ]; serviceConfig = { ExecStart = "${pkgs.writeShellScript "update-motd" '' - ${pkgs.rust-motd}/bin/rust-motd ${format.generate "motd.conf" cfg.settings} > motd + ${pkgs.rust-motd}/bin/rust-motd ${motdConf} > motd ''}"; CapabilityBoundingSet = [ "" ]; LockPersonality = true; diff --git a/nixos/modules/programs/streamdeck-ui.nix b/nixos/modules/programs/streamdeck-ui.nix index 4c055029e39..220f0a35f16 100644 --- a/nixos/modules/programs/streamdeck-ui.nix +++ b/nixos/modules/programs/streamdeck-ui.nix @@ -24,7 +24,7 @@ in config = mkIf cfg.enable { environment.systemPackages = with pkgs; [ cfg.package - (mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui"; package = cfg.package; })) + (mkIf cfg.autoStart (makeAutostartItem { name = "streamdeck-ui-noui"; package = cfg.package; })) ]; services.udev.packages = [ cfg.package ]; diff --git a/nixos/modules/programs/wayland/sway.nix b/nixos/modules/programs/wayland/sway.nix index 698d9c2b46c..de739faabee 100644 --- a/nixos/modules/programs/wayland/sway.nix +++ b/nixos/modules/programs/wayland/sway.nix @@ -42,6 +42,11 @@ in { <https://github.com/swaywm/sway/wiki> and "man 5 sway" for more information''); + enableRealtime = mkEnableOption (lib.mdDoc '' + add CAP_SYS_NICE capability on `sway` binary for realtime scheduling + privileges. This may improve latency and reduce stuttering, specially in + high load scenarios'') // { default = true; }; + package = mkOption { type = with types; nullOr package; default = defaultSwayPackage; @@ -149,6 +154,14 @@ in { "sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config"; }; }; + security.wrappers = mkIf (cfg.enableRealtime && cfg.package != null) { + sway = { + owner = "root"; + group = "root"; + source = "${cfg.package}/bin/sway"; + capabilities = "cap_sys_nice+ep"; + }; + }; # To make a Sway session available if a display manager like SDDM is enabled: services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ]; } (import ./wayland-session.nix { inherit lib pkgs; }) diff --git a/nixos/modules/programs/yazi.nix b/nixos/modules/programs/yazi.nix new file mode 100644 index 00000000000..973f5c0122c --- /dev/null +++ b/nixos/modules/programs/yazi.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.programs.yazi; + + settingsFormat = pkgs.formats.toml { }; + + names = [ "yazi" "theme" "keymap" ]; +in +{ + options.programs.yazi = { + enable = lib.mkEnableOption (lib.mdDoc "yazi terminal file manager"); + + package = lib.mkPackageOptionMD pkgs "yazi" { }; + + settings = lib.mkOption { + type = with lib.types; submodule { + options = lib.listToAttrs (map + (name: lib.nameValuePair name (lib.mkOption { + inherit (settingsFormat) type; + default = { }; + description = lib.mdDoc '' + Configuration included in `${name}.toml`. + + See https://github.com/sxyazi/yazi/blob/v${cfg.package.version}/config/docs/${name}.md for documentation. + ''; + })) + names); + }; + default = { }; + description = lib.mdDoc '' + Configuration included in `$YAZI_CONFIG_HOME`. + ''; + }; + }; + + config = lib.mkIf cfg.enable { + environment = { + systemPackages = [ cfg.package ]; + variables.YAZI_CONFIG_HOME = "/etc/yazi/"; + etc = lib.attrsets.mergeAttrsList (map + (name: lib.optionalAttrs (cfg.settings.${name} != { }) { + "yazi/${name}.toml".source = settingsFormat.generate "${name}.toml" cfg.settings.${name}; + }) + names); + }; + }; + meta = { + maintainers = with lib.maintainers; [ linsui ]; + # The version of the package is used in the doc. + buildDocsInSandbox = false; + }; +} diff --git a/nixos/modules/programs/yubikey-touch-detector.nix b/nixos/modules/programs/yubikey-touch-detector.nix new file mode 100644 index 00000000000..9a0d107f73c --- /dev/null +++ b/nixos/modules/programs/yubikey-touch-detector.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: +let cfg = config.programs.yubikey-touch-detector; +in { + options = { + programs.yubikey-touch-detector = { + enable = lib.mkEnableOption "yubikey-touch-detector"; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.packages = [ pkgs.yubikey-touch-detector ]; + + systemd.user.services.yubikey-touch-detector = { + path = [ pkgs.gnupg ]; + wantedBy = [ "graphical-session.target" ]; + }; + systemd.user.sockets.yubikey-touch-detector = { + wantedBy = [ "sockets.target" ]; + }; + }; +} |