Compare commits
5 Commits
master
...
wip-nix-fa
Author | SHA1 | Date |
---|---|---|
Colin | 084541da4c | |
Colin | f7a82a845c | |
Colin | 2bdef04552 | |
Colin | 2822a6f0dd | |
Colin | ab6e362f0c |
94
flake.lock
94
flake.lock
|
@ -1,5 +1,23 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1698882062,
|
||||
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mobile-nixos": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -17,6 +35,60 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-fast-build": {
|
||||
"inputs": {
|
||||
"flake-parts": "flake-parts",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703607026,
|
||||
"narHash": "sha256-Emh0BPoqlS4ntp2UJrwydXfIP4qIMF0VBB2FUE3/M/E=",
|
||||
"owner": "Mic92",
|
||||
"repo": "nix-fast-build",
|
||||
"rev": "4376b8a33b217ee2f78ba3dcff01a3e464d13a46",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"repo": "nix-fast-build",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1698890957,
|
||||
"narHash": "sha256-DJ+SppjpPBoJr0Aro9TAcP3sxApCSieY6BYBCoWGUX8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c082856b850ec60cda9f0a0db2bc7bd8900d708c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1698611440,
|
||||
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"dir": "lib",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-next-unpatched": {
|
||||
"locked": {
|
||||
"lastModified": 1708992120,
|
||||
|
@ -68,6 +140,7 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"mobile-nixos": "mobile-nixos",
|
||||
"nix-fast-build": "nix-fast-build",
|
||||
"nixpkgs-next-unpatched": "nixpkgs-next-unpatched",
|
||||
"nixpkgs-unpatched": "nixpkgs-unpatched",
|
||||
"sops-nix": "sops-nix",
|
||||
|
@ -95,6 +168,27 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nix-fast-build",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1698438538,
|
||||
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"uninsane-dot-org": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
|
|
@ -57,6 +57,10 @@
|
|||
url = "github:nixos/mobile-nixos?ref=d25d3b87e7f300d8066e31d792337d9cd7ecd23b";
|
||||
flake = false;
|
||||
};
|
||||
nix-fast-build = {
|
||||
# https://github.com/Mic92/nix-fast-build
|
||||
url = "github:Mic92/nix-fast-build";
|
||||
};
|
||||
sops-nix = {
|
||||
# <https://github.com/Mic92/sops-nix>
|
||||
# used to distribute secrets to my hosts
|
||||
|
@ -77,6 +81,7 @@
|
|||
nixpkgs-unpatched,
|
||||
nixpkgs-next-unpatched ? nixpkgs-unpatched,
|
||||
mobile-nixos,
|
||||
nix-fast-build,
|
||||
sops-nix,
|
||||
uninsane-dot-org,
|
||||
...
|
||||
|
@ -207,8 +212,11 @@
|
|||
let
|
||||
mobile = (import "${mobile-nixos}/overlay/overlay.nix");
|
||||
uninsane = uninsane-dot-org.overlays.default;
|
||||
# TODO: why do i have to use `self.inputs.nix-fast-build` instead of just `nix-fast-build` here?
|
||||
nix-fast-build = (_: prev: self.inputs.nix-fast-build.packages."${prev.stdenv.system}" or {});
|
||||
in
|
||||
(mobile final prev)
|
||||
// (nix-fast-build final prev)
|
||||
// (uninsane final prev)
|
||||
;
|
||||
};
|
||||
|
|
|
@ -206,6 +206,8 @@ in
|
|||
alsaUtils.sandbox.wrapperType = "wrappedDerivation";
|
||||
alsaUtils.sandbox.whitelistAudio = true; #< not strictly necessary?
|
||||
|
||||
backblaze-b2 = {};
|
||||
|
||||
blanket.sandbox.method = "bwrap";
|
||||
blanket.sandbox.wrapperType = "wrappedDerivation";
|
||||
blanket.sandbox.whitelistAudio = true;
|
||||
|
@ -243,6 +245,8 @@ in
|
|||
|
||||
cargo.persist.byStore.plaintext = [ ".cargo" ];
|
||||
|
||||
clang = {};
|
||||
|
||||
# cryptsetup: typical use is `cryptsetup open /dev/loopxyz mappedName`, and creates `/dev/mapper/mappedName`
|
||||
cryptsetup.sandbox.method = "landlock";
|
||||
cryptsetup.sandbox.wrapperType = "wrappedDerivation";
|
||||
|
@ -293,6 +297,8 @@ in
|
|||
dtrx.sandbox.whitelistPwd = true;
|
||||
dtrx.sandbox.autodetectCliPaths = "existing"; #< for the archive
|
||||
|
||||
duplicity = {};
|
||||
|
||||
e2fsprogs.sandbox.method = "landlock";
|
||||
e2fsprogs.sandbox.wrapperType = "wrappedDerivation";
|
||||
e2fsprogs.sandbox.autodetectCliPaths = "existing";
|
||||
|
@ -303,6 +309,8 @@ in
|
|||
"/sys/firmware/efi"
|
||||
];
|
||||
|
||||
eg25-control = {};
|
||||
|
||||
electrum.sandbox.method = "bwrap"; # TODO:sandbox: untested
|
||||
electrum.sandbox.wrapperType = "wrappedDerivation";
|
||||
electrum.sandbox.net = "all"; # TODO: probably want to make this run behind a VPN, always
|
||||
|
@ -409,6 +417,8 @@ in
|
|||
gdb.sandbox.wrapperType = "wrappedDerivation";
|
||||
gdb.sandbox.autodetectCliPaths = true;
|
||||
|
||||
geoclue2-with-demo-agent = {};
|
||||
|
||||
# MS GitHub stores auth token in .config
|
||||
# TODO: we can populate gh's stuff statically; it even lets us use the same oauth across machines
|
||||
gh.persist.byStore.private = [ ".config/gh" ];
|
||||
|
@ -505,6 +515,9 @@ in
|
|||
".persist/plaintext"
|
||||
];
|
||||
|
||||
gnused = {};
|
||||
gpsd = {};
|
||||
|
||||
gptfdisk.sandbox.method = "landlock";
|
||||
gptfdisk.sandbox.wrapperType = "wrappedDerivation";
|
||||
gptfdisk.sandbox.extraPaths = [
|
||||
|
@ -512,6 +525,8 @@ in
|
|||
];
|
||||
gptfdisk.sandbox.autodetectCliPaths = "existing"; #< sometimes you'll use gdisk on a device file.
|
||||
|
||||
grim = {};
|
||||
|
||||
hase.sandbox.method = "bwrap";
|
||||
hase.sandbox.wrapperType = "wrappedDerivation";
|
||||
hase.sandbox.net = "clearnet";
|
||||
|
@ -643,6 +658,8 @@ in
|
|||
lsof.sandbox.method = "capshonly"; # lsof doesn't sandbox under bwrap or even landlock w/ full access to /
|
||||
lsof.sandbox.wrapperType = "wrappedDerivation";
|
||||
|
||||
lua = {};
|
||||
|
||||
"mate.engrampa".sandbox.method = "bwrap"; # TODO:sandbox: untested
|
||||
"mate.engrampa".sandbox.wrapperType = "inplace";
|
||||
"mate.engrampa".sandbox.whitelistWayland = true;
|
||||
|
@ -717,6 +734,8 @@ in
|
|||
"/proc"
|
||||
];
|
||||
|
||||
nodejs = {};
|
||||
|
||||
# `nvme list` only shows results when run as root.
|
||||
nvme-cli.sandbox.method = "landlock";
|
||||
nvme-cli.sandbox.wrapperType = "wrappedDerivation";
|
||||
|
@ -743,6 +762,8 @@ in
|
|||
];
|
||||
parted.sandbox.autodetectCliPaths = "existing"; #< sometimes you'll use parted on a device file.
|
||||
|
||||
patchelf = {};
|
||||
|
||||
pavucontrol.sandbox.method = "bwrap";
|
||||
pavucontrol.sandbox.wrapperType = "wrappedDerivation";
|
||||
pavucontrol.sandbox.whitelistAudio = true;
|
||||
|
@ -801,6 +822,8 @@ in
|
|||
rsync.sandbox.net = "clearnet";
|
||||
rsync.sandbox.autodetectCliPaths = "existingOrParent";
|
||||
|
||||
rustc = {};
|
||||
|
||||
screen.sandbox.enable = false; #< tty; needs to run anything
|
||||
|
||||
sequoia.sandbox.method = "bwrap"; # TODO:sandbox: untested
|
||||
|
@ -818,6 +841,8 @@ in
|
|||
# printer/filament settings
|
||||
slic3r.persist.byStore.plaintext = [ ".Slic3r" ];
|
||||
|
||||
slurp = {};
|
||||
|
||||
# use like `sudo smartctl /dev/sda -a`
|
||||
smartmontools.sandbox.method = "landlock";
|
||||
smartmontools.sandbox.wrapperType = "inplace"; # ships a script in /etc that calls into its bin
|
||||
|
@ -864,6 +889,8 @@ in
|
|||
speedtest-cli.sandbox.wrapperType = "wrappedDerivation";
|
||||
speedtest-cli.sandbox.net = "all";
|
||||
|
||||
sqlite = {};
|
||||
|
||||
strace.sandbox.enable = false; #< needs to `exec` its args, and therefore support *anything*
|
||||
|
||||
subversion.sandbox.method = "bwrap";
|
||||
|
@ -963,6 +990,8 @@ in
|
|||
wl-clipboard.sandbox.wrapperType = "wrappedDerivation";
|
||||
wl-clipboard.sandbox.whitelistWayland = true;
|
||||
|
||||
wtype = {};
|
||||
|
||||
xwayland.sandbox.method = "bwrap";
|
||||
xwayland.sandbox.wrapperType = "inplace"; #< consumers use it as a library (e.g. wlroots)
|
||||
xwayland.sandbox.whitelistWayland = true; #< just assuming this is needed
|
||||
|
@ -978,13 +1007,11 @@ in
|
|||
yt-dlp.sandbox.wrapperType = "wrappedDerivation";
|
||||
yt-dlp.sandbox.net = "all";
|
||||
yt-dlp.sandbox.whitelistPwd = true; # saves to pwd by default
|
||||
|
||||
zfs = {};
|
||||
};
|
||||
|
||||
programs.feedbackd = lib.mkIf config.sane.programs.feedbackd.enabled {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
programs.firejail = lib.mkIf config.sane.programs.firejail.enabled {
|
||||
enable = true; #< install the suid binary
|
||||
};
|
||||
}
|
||||
|
|
|
@ -26,6 +26,7 @@
|
|||
./evince.nix
|
||||
./feedbackd.nix
|
||||
./firefox.nix
|
||||
./firejail.nix
|
||||
./flare-signal.nix
|
||||
./fontconfig.nix
|
||||
./fractal.nix
|
||||
|
|
|
@ -0,0 +1,8 @@
|
|||
{ lib, config, ... }:
|
||||
{
|
||||
sane.programs.firejail = {};
|
||||
|
||||
programs.firejail = lib.mkIf config.sane.programs.firejail.enabled {
|
||||
enable = true; #< install the suid binary
|
||||
};
|
||||
}
|
|
@ -1,5 +1,6 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
sane.programs.fwupd = {};
|
||||
services.fwupd = lib.mkIf config.sane.programs.fwupd.enabled {
|
||||
# enables the dbus service, which i think the frontend speaks to.
|
||||
enable = true;
|
||||
|
|
|
@ -49,6 +49,9 @@ in
|
|||
"sane-scripts.sync-music"
|
||||
];
|
||||
|
||||
"sane-scripts.backup-ls" = {};
|
||||
"sane-scripts.backup-restore" = {};
|
||||
|
||||
"sane-scripts.bt-add".sandbox = {
|
||||
method = "bwrap";
|
||||
wrapperType = "wrappedDerivation";
|
||||
|
@ -121,6 +124,8 @@ in
|
|||
net = "all";
|
||||
};
|
||||
|
||||
"sane-scripts.ip-port-forward" = {};
|
||||
|
||||
"sane-scripts.private-change-passwd".sandbox = {
|
||||
method = "bwrap";
|
||||
wrapperType = "wrappedDerivation";
|
||||
|
@ -216,9 +221,14 @@ in
|
|||
];
|
||||
};
|
||||
|
||||
"sane-scripts.stop-all-servo" = {};
|
||||
|
||||
# if `tee` isn't trustworthy we have bigger problems
|
||||
"sane-scripts.sudo-redirect".sandbox.enable = false;
|
||||
|
||||
"sane-scripts.sync-music" = {};
|
||||
"sane-scripts.sync-from-iphone" = {};
|
||||
|
||||
"sane-scripts.tag-music".sandbox = {
|
||||
method = "bwrap";
|
||||
wrapperType = "wrappedDerivation";
|
||||
|
|
|
@ -10,7 +10,6 @@ in
|
|||
./gnome.nix
|
||||
./greetd.nix
|
||||
./gtk.nix
|
||||
./phosh.nix
|
||||
./sxmo
|
||||
./theme
|
||||
];
|
||||
|
|
|
@ -1,159 +0,0 @@
|
|||
{ lib, config, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.sane.gui.phosh;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
sane.gui.phosh.enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
sane.gui.phosh.useGreeter = mkOption {
|
||||
description = ''
|
||||
launch phosh via a greeter (like lightdm-mobile-greeter).
|
||||
phosh is usable without a greeter, but skipping the greeter means no PAM session.
|
||||
'';
|
||||
default = true;
|
||||
type = types.bool;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
{
|
||||
sane.programs.phoshApps = {
|
||||
packageUnwrapped = null;
|
||||
suggestedPrograms = [
|
||||
"guiApps"
|
||||
# TODO: see about removing gnome-bluetooth if the in-built gnome-settings bluetooth manager can work
|
||||
"gnome.gnome-bluetooth"
|
||||
"gnome.gnome-terminal"
|
||||
"phosh-mobile-settings"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
(mkIf cfg.enable {
|
||||
sane.programs.phoshApps.enableFor.user.colin = true;
|
||||
|
||||
# docs: https://github.com/NixOS/nixpkgs/blob/nixos-22.05/nixos/modules/services/x11/desktop-managers/phosh.nix
|
||||
# docs: <repo:gnome/phosh:src/phoc.ini.example>
|
||||
# docs: <repo:gnome/phosh:src/settings.c#config_ini_handler>
|
||||
services.xserver.desktopManager.phosh = {
|
||||
enable = true;
|
||||
user = "colin";
|
||||
group = "users";
|
||||
phocConfig = {
|
||||
# xwayland = "true";
|
||||
# find default outputs by catting /etc/phosh/phoc.ini
|
||||
outputs.DSI-1 = {
|
||||
scale = 1.5;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# phosh enables `services.gnome.{core-os-services, core-shell}`
|
||||
# and this in turn enables some default apps we don't really care about.
|
||||
# see <nixos/modules/services/x11/desktop-managers/gnome.nix>
|
||||
environment.gnome.excludePackages = with pkgs; [
|
||||
# gnome.gnome-menus # unused outside gnome classic, but probably harmless
|
||||
gnome-tour
|
||||
];
|
||||
services.dleyna-renderer.enable = false;
|
||||
services.dleyna-server.enable = false;
|
||||
services.gnome.gnome-browser-connector.enable = false;
|
||||
services.gnome.gnome-initial-setup.enable = false;
|
||||
services.gnome.gnome-online-accounts.enable = false;
|
||||
services.gnome.gnome-remote-desktop.enable = false;
|
||||
services.gnome.gnome-user-share.enable = false;
|
||||
services.gnome.rygel.enable = false;
|
||||
|
||||
# gnome doesn't use mkDefault for these -- unclear why not
|
||||
services.gnome.evolution-data-server.enable = mkForce false;
|
||||
services.gnome.gnome-online-miners.enable = mkForce false;
|
||||
|
||||
# XXX: phosh enables networkmanager by default; can probably disable these lines
|
||||
networking.networkmanager.enable = true;
|
||||
networking.wireless.enable = lib.mkForce false;
|
||||
|
||||
# XXX: not clear if these are actually needed?
|
||||
hardware.bluetooth.enable = true;
|
||||
services.blueman.enable = true;
|
||||
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport = true;
|
||||
|
||||
environment.variables = {
|
||||
# Qt apps won't always start unless this env var is set
|
||||
QT_QPA_PLATFORM = "wayland";
|
||||
# electron apps (e.g. Element) should use the wayland backend
|
||||
# toggle this to have electron apps (e.g. Element) use the wayland backend.
|
||||
# phocConfig.xwayland should be disabled if you do this
|
||||
NIXOS_OZONE_WL = "1";
|
||||
};
|
||||
|
||||
systemd.services.phosh.environment = {
|
||||
# PHOC_DEBUG: comma-separated list of:
|
||||
# - ``auto-maximize``: Maximize toplevels
|
||||
# - ``damage-tracking``: Debug damage tracking
|
||||
# - ``no-quit``: Don't quit when session ends
|
||||
# - ``touch-points``: Debug touch points
|
||||
# - ``layer-shell``: Debug layer shell
|
||||
# - ``cutouts``: Debug display cutouts and notches
|
||||
PHOC_DEBUG = "layer-shell";
|
||||
# G_DEBUG, G_MESSAGE_DEBUG for glib debugging: <https://docs.gtk.org/glib/running.html>
|
||||
};
|
||||
|
||||
programs.dconf.packages = [
|
||||
# org.kde.konsole.desktop
|
||||
(pkgs.writeTextFile {
|
||||
name = "dconf-phosh-settings";
|
||||
destination = "/etc/dconf/db/site.d/00_phosh_settings";
|
||||
text = ''
|
||||
[org/gnome/desktop/interface]
|
||||
show-battery-percentage=true
|
||||
|
||||
[org/gnome/settings-daemon/plugins/power]
|
||||
sleep-inactive-ac-timeout=5400
|
||||
sleep-inactive-battery-timeout=5400
|
||||
|
||||
[sm/puri/phosh]
|
||||
favorites=['gpodder.desktop', 'nheko.desktop', 'sublime-music.desktop', 'firefox.desktop', 'org.gnome.Terminal.desktop']
|
||||
'';
|
||||
})
|
||||
];
|
||||
})
|
||||
|
||||
(mkIf (cfg.enable && cfg.useGreeter) {
|
||||
services.xserver.enable = true;
|
||||
# NB: setting defaultSession has the critical side-effect that it lets org.freedesktop.AccountsService
|
||||
# know that our user exists. this ensures lightdm succeeds when calling /org/freedesktop/AccountsServices ListCachedUsers
|
||||
# lightdm greeters get the login users from lightdm which gets it from org.freedesktop.Accounts.ListCachedUsers.
|
||||
# this requires the user we want to login as to be cached.
|
||||
services.xserver.displayManager.job.preStart = ''
|
||||
${pkgs.systemd}/bin/busctl call org.freedesktop.Accounts /org/freedesktop/Accounts org.freedesktop.Accounts CacheUser s colin
|
||||
'';
|
||||
# XXX for some reason specifying defaultSession = "sm.puri.Phosh" breaks cross-compiled display-manager startup
|
||||
# - causes an attempt to load x86-64 glib-2.76.2/lib/libglib-2.0.so.0
|
||||
# - likely <repo:nixpkgs:nixos/modules/services/x11/display-managers/account-service-util.nix>
|
||||
# - but i believe some variant of this issue existed even during emulated compilation
|
||||
# services.xserver.displayManager.defaultSession = "sm.puri.Phosh";
|
||||
services.xserver.displayManager.lightdm.extraSeatDefaults = ''
|
||||
user-session = phosh
|
||||
'';
|
||||
# services.xserver.displayManager.lightdm.greeters.gtk.enable = false; # gtk greeter overrides our own?
|
||||
# services.xserver.displayManager.lightdm.greeter = {
|
||||
# enable = true;
|
||||
# package = pkgs.lightdm-mobile-greeter.xgreeters;
|
||||
# name = "lightdm-mobile-greeter";
|
||||
# };
|
||||
# # services.xserver.displayManager.lightdm.enable = true;
|
||||
|
||||
services.xserver.displayManager.lightdm.enable = true;
|
||||
services.xserver.displayManager.lightdm.greeters.mobile.enable = true;
|
||||
|
||||
systemd.services.phosh.wantedBy = lib.mkForce []; # disable auto-start
|
||||
})
|
||||
];
|
||||
}
|
|
@ -652,26 +652,8 @@ in
|
|||
{
|
||||
environment.pathsToLink = [ "/share/sane-sandboxed" ];
|
||||
environment.systemPackages = [ config.sane.sandboxHelper ];
|
||||
}
|
||||
{
|
||||
# expose the pkgs -- as available to the system -- as a build target.
|
||||
system.build.pkgs = pkgs;
|
||||
|
||||
sane.programs = lib.mkMerge [
|
||||
# make a program for every (toplevel) package
|
||||
(lib.mapAttrs (_pkgName: _pkg: {}) pkgs)
|
||||
|
||||
# do the same for programs in known groups
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "cacert.${pkgName}"; value = {}; }) pkgs.cacert)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "gnome.${pkgName}"; value = {}; }) pkgs.gnome)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "libsForQt5.${pkgName}"; value = {}; }) pkgs.libsForQt5)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "mate.${pkgName}"; value = {}; }) pkgs.mate)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "perlPackages.${pkgName}"; value = {}; }) pkgs.perlPackages)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "plasma5Packages.${pkgName}"; value = {}; }) pkgs.plasma5Packages)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "python3Packages.${pkgName}"; value = {}; }) pkgs.python3Packages)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "sane-scripts.${pkgName}"; value = {}; }) pkgs.sane-scripts)
|
||||
(lib.mapAttrs' (pkgName: _pkg: { name = "sway-contrib.${pkgName}"; value = {}; }) pkgs.sway-contrib)
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -28,10 +28,10 @@ wipe_browser() {
|
|||
|| true # in case no matches
|
||||
|
||||
# browsers like to stick around in the background so they can load faster
|
||||
sudo pkill brave || true
|
||||
sudo pkill epiphany || true
|
||||
sudo pkill firefox || true
|
||||
sudo pkill librewolf || true
|
||||
pkill brave || true
|
||||
pkill epiphany || true
|
||||
pkill firefox || true
|
||||
pkill librewolf || true
|
||||
}
|
||||
|
||||
wipe_dino() {
|
||||
|
|
Loading…
Reference in New Issue