diff options
Diffstat (limited to 'nixos/modules/programs')
-rw-r--r-- | nixos/modules/programs/bandwhich.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/browserpass.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/calls.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/cnping.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/direnv.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/feedbackd.nix | 4 | ||||
-rw-r--r-- | nixos/modules/programs/firefox.nix | 110 | ||||
-rw-r--r-- | nixos/modules/programs/fish.nix | 4 | ||||
-rw-r--r-- | nixos/modules/programs/gnupg.nix | 27 | ||||
-rw-r--r-- | nixos/modules/programs/kdeconnect.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/nano.nix | 3 | ||||
-rw-r--r-- | nixos/modules/programs/openvpn3.nix | 20 | ||||
-rw-r--r-- | nixos/modules/programs/projecteur.nix | 20 | ||||
-rw-r--r-- | nixos/modules/programs/regreet.nix | 15 | ||||
-rw-r--r-- | nixos/modules/programs/virt-manager.nix | 16 | ||||
-rw-r--r-- | nixos/modules/programs/wayland/cardboard.nix | 24 | ||||
-rw-r--r-- | nixos/modules/programs/wayland/sway.nix | 13 | ||||
-rw-r--r-- | nixos/modules/programs/wayland/wayfire.nix | 2 |
18 files changed, 206 insertions, 64 deletions
diff --git a/nixos/modules/programs/bandwhich.nix b/nixos/modules/programs/bandwhich.nix index 8d1612217ad8..aa6a0dfb6ffd 100644 --- a/nixos/modules/programs/bandwhich.nix +++ b/nixos/modules/programs/bandwhich.nix @@ -24,7 +24,7 @@ in { security.wrappers.bandwhich = { owner = "root"; group = "root"; - capabilities = "cap_net_raw,cap_net_admin+ep"; + capabilities = "cap_sys_ptrace,cap_dac_read_search,cap_net_raw,cap_net_admin+ep"; source = "${pkgs.bandwhich}/bin/bandwhich"; }; }; diff --git a/nixos/modules/programs/browserpass.nix b/nixos/modules/programs/browserpass.nix index abd99056ff3b..a9670a37e618 100644 --- a/nixos/modules/programs/browserpass.nix +++ b/nixos/modules/programs/browserpass.nix @@ -27,6 +27,6 @@ with lib; "opt/brave/native-messaging-hosts/${appId}".source = source "hosts/chromium"; "opt/brave/policies/managed/${appId}".source = source "policies/chromium"; }; - programs.firefox.wrapperConfig.enableBrowserpass = true; + programs.firefox.nativeMessagingHosts.packages = [ pkgs.browserpass ]; }; } diff --git a/nixos/modules/programs/calls.nix b/nixos/modules/programs/calls.nix index 7a18982915a9..3d757bc1fc32 100644 --- a/nixos/modules/programs/calls.nix +++ b/nixos/modules/programs/calls.nix @@ -8,7 +8,7 @@ in { options = { programs.calls = { enable = mkEnableOption (lib.mdDoc '' - Whether to enable GNOME calls: a phone dialer and call handler. + GNOME calls: a phone dialer and call handler ''); }; }; diff --git a/nixos/modules/programs/cnping.nix b/nixos/modules/programs/cnping.nix index d3cf659d4297..143267fc9a42 100644 --- a/nixos/modules/programs/cnping.nix +++ b/nixos/modules/programs/cnping.nix @@ -8,7 +8,7 @@ in { options = { programs.cnping = { - enable = mkEnableOption (lib.mdDoc "Whether to install a setcap wrapper for cnping"); + enable = mkEnableOption (lib.mdDoc "a setcap wrapper for cnping"); }; }; diff --git a/nixos/modules/programs/direnv.nix b/nixos/modules/programs/direnv.nix index 1a80cb202806..77a6568e73b8 100644 --- a/nixos/modules/programs/direnv.nix +++ b/nixos/modules/programs/direnv.nix @@ -11,7 +11,7 @@ in { enable = lib.mkEnableOption (lib.mdDoc '' direnv integration. Takes care of both installation and setting up the sourcing of the shell. Additionally enables nix-direnv - integration. Note that you need to logout and login for this change to apply. + integration. Note that you need to logout and login for this change to apply ''); package = lib.mkPackageOptionMD pkgs "direnv" {}; diff --git a/nixos/modules/programs/feedbackd.nix b/nixos/modules/programs/feedbackd.nix index cee8daa31462..e3fde947a3df 100644 --- a/nixos/modules/programs/feedbackd.nix +++ b/nixos/modules/programs/feedbackd.nix @@ -8,9 +8,9 @@ in { options = { programs.feedbackd = { enable = mkEnableOption (lib.mdDoc '' - Whether to enable the feedbackd D-BUS service and udev rules. + the feedbackd D-BUS service and udev rules. - Your user needs to be in the `feedbackd` group to trigger effects. + Your user needs to be in the `feedbackd` group to trigger effects ''); package = mkOption { description = lib.mdDoc '' diff --git a/nixos/modules/programs/firefox.nix b/nixos/modules/programs/firefox.nix index 83a3edaf813e..85f47530cf5a 100644 --- a/nixos/modules/programs/firefox.nix +++ b/nixos/modules/programs/firefox.nix @@ -5,8 +5,6 @@ with lib; let cfg = config.programs.firefox; - nmh = cfg.nativeMessagingHosts; - policyFormat = pkgs.formats.json { }; organisationInfo = '' @@ -17,6 +15,50 @@ let given control of your browser, unless of course they also control your NixOS configuration. ''; + + # deprecated per-native-messaging-host options + nmhOptions = { + browserpass = { + name = "Browserpass"; + package = pkgs.browserpass; + }; + bukubrow = { + name = "Bukubrow"; + package = pkgs.bukubrow; + }; + euwebid = { + name = "Web eID"; + package = pkgs.web-eid-app; + }; + ff2mpv = { + name = "ff2mpv"; + package = pkgs.ff2mpv; + }; + fxCast = { + name = "fx_cast"; + package = pkgs.fx-cast-bridge; + }; + gsconnect = { + name = "GSConnect"; + package = pkgs.gnomeExtensions.gsconnect; + }; + jabref = { + name = "JabRef"; + package = pkgs.jabref; + }; + passff = { + name = "PassFF"; + package = pkgs.passff-host; + }; + tridactyl = { + name = "Tridactyl"; + package = pkgs.tridactyl-native; + }; + ugetIntegrator = { + name = "Uget Integrator"; + package = pkgs.uget-integrator; + }; + }; in { options.programs.firefox = { @@ -204,50 +246,32 @@ in ''; }; - nativeMessagingHosts = mapAttrs (_: v: mkEnableOption (mdDoc v)) { - browserpass = "Browserpass support"; - bukubrow = "Bukubrow support"; - euwebid = "Web eID support"; - ff2mpv = "ff2mpv support"; - fxCast = "fx_cast support"; - gsconnect = "GSConnect support"; - jabref = "JabRef support"; - passff = "PassFF support"; - tridactyl = "Tridactyl support"; - ugetIntegrator = "Uget Integrator support"; - }; + nativeMessagingHosts = ({ + packages = mkOption { + type = types.listOf types.package; + default = []; + description = mdDoc '' + Additional packages containing native messaging hosts that should be made available to Firefox extensions. + ''; + }; + }) // (mapAttrs (k: v: mkEnableOption (mdDoc "${v.name} support")) nmhOptions); }; - config = mkIf cfg.enable { - environment.systemPackages = [ - (cfg.package.override { - extraPrefs = cfg.autoConfig; - extraNativeMessagingHosts = with pkgs; optionals nmh.ff2mpv [ - ff2mpv - ] ++ optionals nmh.euwebid [ - web-eid-app - ] ++ optionals nmh.gsconnect [ - gnomeExtensions.gsconnect - ] ++ optionals nmh.jabref [ - jabref - ] ++ optionals nmh.passff [ - passff-host - ]; - cfg = let - # copy-pasted from the wrapper; TODO: figure out fix - applicationName = cfg.package.binaryName or (lib.getName cfg.package); + config = let + forEachEnabledNmh = fn: flatten (mapAttrsToList (k: v: lib.optional cfg.nativeMessagingHosts.${k} (fn k v)) nmhOptions); + in mkIf cfg.enable { + warnings = forEachEnabledNmh (k: v: + "The `programs.firefox.nativeMessagingHosts.${k}` option is deprecated, " + + "please add `${v.package.pname}` to `programs.firefox.nativeMessagingHosts.packages` instead." + ); + programs.firefox.nativeMessagingHosts.packages = forEachEnabledNmh (_: v: v.package); - nixpkgsConfig = pkgs.config.${applicationName} or {}; - optionConfig = cfg.wrapperConfig; - nmhConfig = { - enableBrowserpass = nmh.browserpass; - enableBukubrow = nmh.bukubrow; - enableTridactylNative = nmh.tridactyl; - enableUgetIntegrator = nmh.ugetIntegrator; - enableFXCastBridge = nmh.fxCast; - }; - in nixpkgsConfig // optionConfig // nmhConfig; - }) + environment.systemPackages = [ + (cfg.package.override (old: { + extraPrefsFiles = old.extraPrefsFiles or [] ++ [(pkgs.writeText "firefox-autoconfig.js" cfg.autoConfig)]; + nativeMessagingHosts = old.nativeMessagingHosts or [] ++ cfg.nativeMessagingHosts.packages; + cfg = (old.cfg or {}) // cfg.wrapperConfig; + })) ]; environment.etc = diff --git a/nixos/modules/programs/fish.nix b/nixos/modules/programs/fish.nix index b500b8f24b2c..e6ac6e9957ba 100644 --- a/nixos/modules/programs/fish.nix +++ b/nixos/modules/programs/fish.nix @@ -208,7 +208,7 @@ in end # if we haven't sourced the login config, do it - status --is-login; and not set -q __fish_nixos_login_config_sourced + status is-login; and not set -q __fish_nixos_login_config_sourced and begin ${sourceEnv "loginShellInit"} @@ -220,7 +220,7 @@ in end # if we haven't sourced the interactive config, do it - status --is-interactive; and not set -q __fish_nixos_interactive_config_sourced + status is-interactive; and not set -q __fish_nixos_interactive_config_sourced and begin ${fishAbbrs} ${fishAliases} diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix index 12ef8671b740..aa1a536247ce 100644 --- a/nixos/modules/programs/gnupg.nix +++ b/nixos/modules/programs/gnupg.nix @@ -6,6 +6,10 @@ let cfg = config.programs.gnupg; + agentSettingsFormat = pkgs.formats.keyValue { + mkKeyValue = lib.generators.mkKeyValueDefault { } " "; + }; + xserverCfg = config.services.xserver; defaultPinentryFlavor = @@ -82,6 +86,18 @@ in ''; }; + agent.settings = mkOption { + type = agentSettingsFormat.type; + default = { }; + example = { + default-cache-ttl = 600; + }; + description = lib.mdDoc '' + Configuration for /etc/gnupg/gpg-agent.conf. + See {manpage}`gpg-agent(1)` for supported options. + ''; + }; + dirmngr.enable = mkOption { type = types.bool; default = false; @@ -92,10 +108,13 @@ in }; config = mkIf cfg.agent.enable { - environment.etc."gnupg/gpg-agent.conf".text = - lib.optionalString (cfg.agent.pinentryFlavor != null) '' - pinentry-program ${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry - ''; + programs.gnupg.agent.settings = { + pinentry-program = lib.mkIf (cfg.agent.pinentryFlavor != null) + "${pkgs.pinentry.${cfg.agent.pinentryFlavor}}/bin/pinentry"; + }; + + environment.etc."gnupg/gpg-agent.conf".source = + agentSettingsFormat.generate "gpg-agent.conf" cfg.agent.settings; # This overrides the systemd user unit shipped with the gnupg package systemd.user.services.gpg-agent = { diff --git a/nixos/modules/programs/kdeconnect.nix b/nixos/modules/programs/kdeconnect.nix index 4978c428ce34..4ba156f2db8d 100644 --- a/nixos/modules/programs/kdeconnect.nix +++ b/nixos/modules/programs/kdeconnect.nix @@ -9,7 +9,7 @@ with lib; 1714 to 1764 as they are needed for it to function properly. You can use the {option}`package` to use `gnomeExtensions.gsconnect` as an alternative - implementation if you use Gnome. + implementation if you use Gnome ''); package = mkOption { default = pkgs.plasma5Packages.kdeconnect-kde; diff --git a/nixos/modules/programs/nano.nix b/nixos/modules/programs/nano.nix index 28ddb4aaf66f..88404f3557c6 100644 --- a/nixos/modules/programs/nano.nix +++ b/nixos/modules/programs/nano.nix @@ -29,7 +29,7 @@ in syntaxHighlight = lib.mkOption { type = lib.types.bool; - default = false; + default = true; description = lib.mdDoc "Whether to enable syntax highlight for various languages."; }; }; @@ -40,6 +40,7 @@ in etc.nanorc.text = (lib.optionalString cfg.syntaxHighlight '' # load syntax highlighting files include "${cfg.package}/share/nano/*.nanorc" + include "${cfg.package}/share/nano/extra/*.nanorc" '') + cfg.nanorc; systemPackages = [ cfg.package ]; }; diff --git a/nixos/modules/programs/openvpn3.nix b/nixos/modules/programs/openvpn3.nix index df7e9ef22c10..37a1bfeb0c3e 100644 --- a/nixos/modules/programs/openvpn3.nix +++ b/nixos/modules/programs/openvpn3.nix @@ -8,11 +8,23 @@ in { options.programs.openvpn3 = { enable = mkEnableOption (lib.mdDoc "the openvpn3 client"); + package = mkOption { + type = types.package; + default = pkgs.openvpn3.override { + enableSystemdResolved = config.services.resolved.enable; + }; + defaultText = literalExpression ''pkgs.openvpn3.override { + enableSystemdResolved = config.services.resolved.enable; + }''; + description = lib.mdDoc '' + Which package to use for `openvpn3`. + ''; + }; }; config = mkIf cfg.enable { - services.dbus.packages = with pkgs; [ - openvpn3 + services.dbus.packages = [ + cfg.package ]; users.users.openvpn = { @@ -25,8 +37,8 @@ in gid = config.ids.gids.openvpn; }; - environment.systemPackages = with pkgs; [ - openvpn3 + environment.systemPackages = [ + cfg.package ]; }; diff --git a/nixos/modules/programs/projecteur.nix b/nixos/modules/programs/projecteur.nix new file mode 100644 index 000000000000..9fcd357d3b23 --- /dev/null +++ b/nixos/modules/programs/projecteur.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.programs.projecteur; +in +{ + options.programs.projecteur = { + enable = lib.mkEnableOption (lib.mdDoc "projecteur"); + package = lib.mkPackageOptionMD pkgs "projecteur" { }; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + services.udev.packages = [ cfg.package ]; + }; + + meta = { + maintainers = with lib.maintainers; [ benneti drupol ]; + }; +} diff --git a/nixos/modules/programs/regreet.nix b/nixos/modules/programs/regreet.nix index 640bc259573d..0fd9cf232981 100644 --- a/nixos/modules/programs/regreet.nix +++ b/nixos/modules/programs/regreet.nix @@ -36,6 +36,19 @@ in ''; }; + cageArgs = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ "-s" ]; + example = lib.literalExpression + '' + [ "-s" "-m" "last" ] + ''; + description = lib.mdDoc '' + Additional arguments to be passed to + [cage](https://github.com/cage-kiosk/cage). + ''; + }; + extraCss = lib.mkOption { type = lib.types.either lib.types.path lib.types.lines; default = ""; @@ -50,7 +63,7 @@ in config = lib.mkIf cfg.enable { services.greetd = { enable = lib.mkDefault true; - settings.default_session.command = lib.mkDefault "${pkgs.dbus}/bin/dbus-run-session ${lib.getExe pkgs.cage} -s -- ${lib.getExe cfg.package}"; + settings.default_session.command = lib.mkDefault "${pkgs.dbus}/bin/dbus-run-session ${lib.getExe pkgs.cage} ${lib.escapeShellArgs cfg.cageArgs} -- ${lib.getExe cfg.package}"; }; environment.etc = { diff --git a/nixos/modules/programs/virt-manager.nix b/nixos/modules/programs/virt-manager.nix new file mode 100644 index 000000000000..095db7586a03 --- /dev/null +++ b/nixos/modules/programs/virt-manager.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.programs.virt-manager; +in { + options.programs.virt-manager = { + enable = lib.mkEnableOption "virt-manager, an UI for managing virtual machines in libvirt"; + + package = lib.mkPackageOption pkgs "virt-manager" {}; + }; + + config = lib.mkIf cfg.enable { + environment.systemPackages = [ cfg.package ]; + programs.dconf.enable = true; + }; +} diff --git a/nixos/modules/programs/wayland/cardboard.nix b/nixos/modules/programs/wayland/cardboard.nix new file mode 100644 index 000000000000..262c698c74ba --- /dev/null +++ b/nixos/modules/programs/wayland/cardboard.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.programs.cardboard; +in +{ + meta.maintainers = with lib.maintainers; [ AndersonTorres ]; + + options.programs.cardboard = { + enable = lib.mkEnableOption (lib.mdDoc "cardboard"); + + package = lib.mkPackageOptionMD pkgs "cardboard" { }; + }; + + config = lib.mkIf cfg.enable (lib.mkMerge [ + { + environment.systemPackages = [ cfg.package ]; + + # To make a cardboard session available for certain DMs like SDDM + services.xserver.displayManager.sessionPackages = [ cfg.package ]; + } + (import ./wayland-session.nix { inherit lib pkgs; }) + ]); +} diff --git a/nixos/modules/programs/wayland/sway.nix b/nixos/modules/programs/wayland/sway.nix index 698d9c2b46c4..de739faabee9 100644 --- a/nixos/modules/programs/wayland/sway.nix +++ b/nixos/modules/programs/wayland/sway.nix @@ -42,6 +42,11 @@ in { <https://github.com/swaywm/sway/wiki> and "man 5 sway" for more information''); + enableRealtime = mkEnableOption (lib.mdDoc '' + add CAP_SYS_NICE capability on `sway` binary for realtime scheduling + privileges. This may improve latency and reduce stuttering, specially in + high load scenarios'') // { default = true; }; + package = mkOption { type = with types; nullOr package; default = defaultSwayPackage; @@ -149,6 +154,14 @@ in { "sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config"; }; }; + security.wrappers = mkIf (cfg.enableRealtime && cfg.package != null) { + sway = { + owner = "root"; + group = "root"; + source = "${cfg.package}/bin/sway"; + capabilities = "cap_sys_nice+ep"; + }; + }; # To make a Sway session available if a display manager like SDDM is enabled: services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ]; } (import ./wayland-session.nix { inherit lib pkgs; }) diff --git a/nixos/modules/programs/wayland/wayfire.nix b/nixos/modules/programs/wayland/wayfire.nix index d0b280e3940f..9ea2010cf59c 100644 --- a/nixos/modules/programs/wayland/wayfire.nix +++ b/nixos/modules/programs/wayland/wayfire.nix @@ -6,7 +6,7 @@ in meta.maintainers = with lib.maintainers; [ rewine ]; options.programs.wayfire = { - enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots."); + enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots"); package = lib.mkPackageOptionMD pkgs "wayfire" { }; |