diff options
Diffstat (limited to 'nixpkgs/nixos/modules/programs')
-rw-r--r-- | nixpkgs/nixos/modules/programs/digitalbitbox/default.md | 36 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/goldwarden.nix | 50 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/nix-ld.nix | 42 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/plotinus.md | 6 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/steam.nix | 4 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/zsh/oh-my-zsh.md | 8 |
6 files changed, 103 insertions, 43 deletions
diff --git a/nixpkgs/nixos/modules/programs/digitalbitbox/default.md b/nixpkgs/nixos/modules/programs/digitalbitbox/default.md index 9bca14e97ffe..5147bb971e3a 100644 --- a/nixpkgs/nixos/modules/programs/digitalbitbox/default.md +++ b/nixpkgs/nixos/modules/programs/digitalbitbox/default.md @@ -4,8 +4,10 @@ Digital Bitbox is a hardware wallet and second-factor authenticator. The `digitalbitbox` programs module may be installed by setting `programs.digitalbitbox` to `true` in a manner similar to -``` -programs.digitalbitbox.enable = true; +```nix +{ + programs.digitalbitbox.enable = true; +} ``` and bundles the `digitalbitbox` package (see [](#sec-digitalbitbox-package)), which contains the `dbb-app` and `dbb-cli` binaries, along with the hardware @@ -21,27 +23,33 @@ For more information, see <https://digitalbitbox.com/start_linux>. The binaries, `dbb-app` (a GUI tool) and `dbb-cli` (a CLI tool), are available through the `digitalbitbox` package which could be installed as follows: -``` -environment.systemPackages = [ - pkgs.digitalbitbox -]; +```nix +{ + environment.systemPackages = [ + pkgs.digitalbitbox + ]; +} ``` ## Hardware {#sec-digitalbitbox-hardware-module} The digitalbitbox hardware package enables the udev rules for Digital Bitbox devices and may be installed as follows: -``` -hardware.digitalbitbox.enable = true; +```nix +{ + hardware.digitalbitbox.enable = true; +} ``` In order to alter the udev rules, one may provide different values for the `udevRule51` and `udevRule52` attributes by means of overriding as follows: -``` -programs.digitalbitbox = { - enable = true; - package = pkgs.digitalbitbox.override { - udevRule51 = "something else"; +```nix +{ + programs.digitalbitbox = { + enable = true; + package = pkgs.digitalbitbox.override { + udevRule51 = "something else"; + }; }; -}; +} ``` diff --git a/nixpkgs/nixos/modules/programs/goldwarden.nix b/nixpkgs/nixos/modules/programs/goldwarden.nix new file mode 100644 index 000000000000..26f9a87c1986 --- /dev/null +++ b/nixpkgs/nixos/modules/programs/goldwarden.nix @@ -0,0 +1,50 @@ +{ lib, config, pkgs, ... }: +let + cfg = config.programs.goldwarden; +in +{ + options.programs.goldwarden = { + enable = lib.mkEnableOption "Goldwarden"; + package = lib.mkPackageOption pkgs "goldwarden" {}; + useSshAgent = lib.mkEnableOption "Goldwarden's SSH Agent" // { default = true; }; + }; + + config = lib.mkIf cfg.enable { + assertions = [{ + assertion = cfg.useSshAgent -> !config.programs.ssh.startAgent; + message = "Only one ssh-agent can be used at a time."; + }]; + + environment = { + etc = lib.mkIf config.programs.chromium.enable { + "chromium/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chromium/native-messaging-hosts/com.8bit.bitwarden.json"; + "opt/chrome/native-messaging-hosts/com.8bit.bitwarden.json".source = "${cfg.package}/etc/chrome/native-messaging-hosts/com.8bit.bitwarden.json"; + }; + + extraInit = lib.mkIf cfg.useSshAgent '' + if [ -z "$SSH_AUTH_SOCK" -a -n "$HOME" ]; then + export SSH_AUTH_SOCK="$HOME/.goldwarden-ssh-agent.sock" + fi + ''; + + systemPackages = [ + # for cli and polkit action + cfg.package + # binary exec's into pinentry which should match the DE + config.programs.gnupg.agent.pinentryPackage + ]; + }; + + programs.firefox.nativeMessagingHosts.packages = [ cfg.package ]; + + # see https://github.com/quexten/goldwarden/blob/main/cmd/goldwarden.service + systemd.user.services.goldwarden = { + description = "Goldwarden daemon"; + wantedBy = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig.ExecStart = "${lib.getExe cfg.package} daemonize"; + path = [ config.programs.gnupg.agent.pinentryPackage ]; + unitConfig.ConditionUser = "!@system"; + }; + }; +} diff --git a/nixpkgs/nixos/modules/programs/nix-ld.nix b/nixpkgs/nixos/modules/programs/nix-ld.nix index 6f36ce33640c..b095437733cc 100644 --- a/nixpkgs/nixos/modules/programs/nix-ld.nix +++ b/nixpkgs/nixos/modules/programs/nix-ld.nix @@ -3,7 +3,7 @@ let cfg = config.programs.nix-ld; nix-ld-libraries = pkgs.buildEnv { - name = "lb-library-path"; + name = "ld-library-path"; pathsToLink = [ "/lib" ]; paths = map lib.getLib cfg.libraries; # TODO make glibc here configurable? @@ -13,25 +13,6 @@ let extraPrefix = "/share/nix-ld"; ignoreCollisions = true; }; - - # We currently take all libraries from systemd and nix as the default. - # Is there a better list? - baseLibraries = with pkgs; [ - zlib - zstd - stdenv.cc.cc - curl - openssl - attr - libssh - bzip2 - libxml2 - acl - libsodium - util-linux - xz - systemd - ]; in { meta.maintainers = [ lib.maintainers.mic92 ]; @@ -41,7 +22,7 @@ in libraries = lib.mkOption { type = lib.types.listOf lib.types.package; description = lib.mdDoc "Libraries that automatically become available to all programs. The default set includes common libraries."; - default = baseLibraries; + default = [ ]; defaultText = lib.literalExpression "baseLibraries derived from systemd and nix dependencies."; }; }; @@ -57,5 +38,24 @@ in NIX_LD = "/run/current-system/sw/share/nix-ld/lib/ld.so"; NIX_LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib"; }; + + # We currently take all libraries from systemd and nix as the default. + # Is there a better list? + programs.nix-ld.libraries = with pkgs; [ + zlib + zstd + stdenv.cc.cc + curl + openssl + attr + libssh + bzip2 + libxml2 + acl + libsodium + util-linux + xz + systemd + ]; }; } diff --git a/nixpkgs/nixos/modules/programs/plotinus.md b/nixpkgs/nixos/modules/programs/plotinus.md index fac3bbad1e08..0a2c688c722c 100644 --- a/nixpkgs/nixos/modules/programs/plotinus.md +++ b/nixpkgs/nixos/modules/programs/plotinus.md @@ -12,6 +12,8 @@ palette provides a searchable list of of all menu items in the application. To enable Plotinus, add the following to your {file}`configuration.nix`: -``` -programs.plotinus.enable = true; +```nix +{ + programs.plotinus.enable = true; +} ``` diff --git a/nixpkgs/nixos/modules/programs/steam.nix b/nixpkgs/nixos/modules/programs/steam.nix index c93a34f61849..bab9bf8107b6 100644 --- a/nixpkgs/nixos/modules/programs/steam.nix +++ b/nixpkgs/nixos/modules/programs/steam.nix @@ -45,6 +45,8 @@ in { apply = steam: steam.override (prev: { extraEnv = (lib.optionalAttrs (cfg.extraCompatPackages != [ ]) { STEAM_EXTRA_COMPAT_TOOLS_PATHS = makeSearchPathOutput "steamcompattool" "" cfg.extraCompatPackages; + }) // (optionalAttrs cfg.extest.enable { + LD_PRELOAD = "${pkgs.pkgsi686Linux.extest}/lib/libextest.so"; }) // (prev.extraEnv or {}); extraLibraries = pkgs: let prevLibs = if prev ? extraLibraries then prev.extraLibraries pkgs else [ ]; @@ -59,8 +61,6 @@ in { # use the setuid wrapped bubblewrap bubblewrap = "${config.security.wrapperDir}/.."; }; - } // optionalAttrs cfg.extest.enable { - extraEnv.LD_PRELOAD = "${pkgs.pkgsi686Linux.extest}/lib/libextest.so"; }); description = lib.mdDoc '' The Steam package to use. Additional libraries are added from the system diff --git a/nixpkgs/nixos/modules/programs/zsh/oh-my-zsh.md b/nixpkgs/nixos/modules/programs/zsh/oh-my-zsh.md index 6a310006edbf..7e4a41641eea 100644 --- a/nixpkgs/nixos/modules/programs/zsh/oh-my-zsh.md +++ b/nixpkgs/nixos/modules/programs/zsh/oh-my-zsh.md @@ -9,7 +9,7 @@ prompt themes. The module uses the `oh-my-zsh` package with all available features. The initial setup using Nix expressions is fairly similar to the configuration format of `oh-my-zsh`. -``` +```nix { programs.zsh.ohMyZsh = { enable = true; @@ -33,7 +33,7 @@ environment variable for this which points to a directory with additional scripts. The module can do this as well: -``` +```nix { programs.zsh.ohMyZsh.custom = "~/path/to/custom/scripts"; } @@ -48,7 +48,7 @@ which bundles completion scripts and a plugin for `oh-my-zsh`. Rather than using a single mutable path for `ZSH_CUSTOM`, it's also possible to generate this path from a list of Nix packages: -``` +```nix { pkgs, ... }: { programs.zsh.ohMyZsh.customPkgs = [ @@ -89,7 +89,7 @@ If third-party customizations (e.g. new themes) are supposed to be added to [upstream repo.](https://github.com/robbyrussell/oh-my-zsh/tree/91b771914bc7c43dd7c7a43b586c5de2c225ceb7/plugins) A derivation for `oh-my-zsh` may look like this: -``` +```nix { stdenv, fetchFromGitHub }: stdenv.mkDerivation rec { |