mirror of
https://github.com/js0ny/dotfiles.git
synced 2026-03-22 18:52:43 +00:00
pkg(termius): nixpak sandboxed
This commit is contained in:
parent
ef66bb76c4
commit
fc0f5a83e1
3 changed files with 97 additions and 7 deletions
|
|
@ -2,19 +2,22 @@
|
|||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
}: let
|
||||
mkNixPak = inputs.nixpak.lib.nixpak {
|
||||
inherit (pkgs) lib;
|
||||
inherit pkgs;
|
||||
};
|
||||
in
|
||||
{
|
||||
# Expose sandboxed app(s) through nixpkgs overlay.
|
||||
|
||||
callNixPak = path:
|
||||
pkgs.callPackage path {
|
||||
inherit mkNixPak;
|
||||
};
|
||||
in {
|
||||
nixpkgs.overlays = [
|
||||
(_: prev: {
|
||||
nixpaks.qq = prev.callPackage ./qq.nix {
|
||||
inherit mkNixPak;
|
||||
nixpaks = {
|
||||
qq = callNixPak ./qq.nix;
|
||||
termius = callNixPak ./termius.nix;
|
||||
};
|
||||
})
|
||||
];
|
||||
|
|
|
|||
86
nixcfgs/hardening/nixpaks/termius.nix
Normal file
86
nixcfgs/hardening/nixpaks/termius.nix
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
mkNixPak,
|
||||
buildEnv,
|
||||
makeDesktopItem,
|
||||
...
|
||||
}: let
|
||||
appId = "com.terminus.Termius";
|
||||
|
||||
wrapped = mkNixPak {
|
||||
config = {sloth, ...}: {
|
||||
app = {
|
||||
package = buildEnv {
|
||||
name = "nixpak-termius";
|
||||
paths = with pkgs; [
|
||||
termius
|
||||
libglvnd
|
||||
mesa.drivers
|
||||
stdenv.cc.cc.lib
|
||||
];
|
||||
};
|
||||
binPath = "bin/termius-app";
|
||||
};
|
||||
flatpak.appId = appId;
|
||||
|
||||
imports = [
|
||||
./modules/gui-base.nix
|
||||
./modules/network.nix
|
||||
./modules/common.nix
|
||||
];
|
||||
|
||||
bubblewrap = {
|
||||
bind.rw = [
|
||||
sloth.xdgDocumentsDir
|
||||
sloth.xdgDownloadDir
|
||||
sloth.xdgMusicDir
|
||||
sloth.xdgVideosDir
|
||||
sloth.xdgPicturesDir
|
||||
];
|
||||
bind.ro = [
|
||||
"${pkgs.libglvnd}/lib"
|
||||
"${pkgs.mesa.drivers}/lib"
|
||||
"${pkgs.stdenv.cc.cc.lib}/lib"
|
||||
"/etc/passwd"
|
||||
"/etc/group"
|
||||
"/etc/nsswitch.conf"
|
||||
];
|
||||
sockets = {
|
||||
x11 = false;
|
||||
wayland = true;
|
||||
pipewire = true;
|
||||
};
|
||||
env = {
|
||||
LD_LIBRARY_PATH = "${pkgs.libglvnd}/lib:${pkgs.mesa.drivers}/lib:${pkgs.stdenv.cc.cc.lib}/lib";
|
||||
LIBGL_DRIVERS_PATH = "${pkgs.mesa.drivers}/lib/dri";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
exePath = lib.getExe wrapped.config.script;
|
||||
in
|
||||
buildEnv {
|
||||
inherit (wrapped.config.script) name meta passthru;
|
||||
paths = [
|
||||
wrapped.config.script
|
||||
(makeDesktopItem {
|
||||
name = appId;
|
||||
desktopName = "Termius";
|
||||
genericName = "Cross-platform SSH client";
|
||||
comment = "The SSH client that works on Desktop and Mobile";
|
||||
exec = "${exePath} --ozone-platform-hint=auto %U";
|
||||
terminal = false;
|
||||
icon = "${pkgs.termius}/share/icons/hicolor/1024x1024/termius-app.png";
|
||||
startupNotify = true;
|
||||
startupWMClass = "Termius";
|
||||
type = "Application";
|
||||
categories = [
|
||||
"Network"
|
||||
];
|
||||
extraConfig = {
|
||||
X-Flatpak = appId;
|
||||
};
|
||||
})
|
||||
];
|
||||
}
|
||||
|
|
@ -85,6 +85,7 @@ in {
|
|||
|
||||
pcloud
|
||||
nixpaks.qq
|
||||
nixpaks.termius
|
||||
signal-desktop
|
||||
siyuan
|
||||
localsend
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue