2024-08-22 22:27:39 +03:00
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
let
|
|
|
|
cfg = config.local.programs.browsers;
|
|
|
|
|
|
|
|
contPackages =
|
|
|
|
lib.optional cfg.tor-browser.enable cfg.tor-browser.package
|
|
|
|
++ lib.optional cfg.librewolf.enable cfg.librewolf.package
|
|
|
|
++ lib.optional cfg.mullvad-browser.enable cfg.mullvad-browser.package;
|
|
|
|
|
|
|
|
hostPackages = lib.flip map contPackages (p:
|
2024-08-28 18:06:29 +03:00
|
|
|
let
|
|
|
|
hostRunBrowser = pkgs.writeScript "cont-run-browser" ''
|
2024-09-27 23:13:34 +03:00
|
|
|
sudo nixos-container run browsers -- su -l kira -c $@
|
2024-08-28 18:06:29 +03:00
|
|
|
'';
|
|
|
|
|
|
|
|
hostBrowserScript = pkgs.writeScriptBin "${p.meta.mainProgram}" ''
|
|
|
|
${hostRunBrowser} ${p.meta.mainProgram} $@
|
|
|
|
'';
|
|
|
|
in
|
|
|
|
pkgs.runCommand "${p.meta.mainProgram}" { } ''
|
|
|
|
mkdir $out
|
|
|
|
cp -r ${hostBrowserScript}/bin $out/bin
|
|
|
|
cp -r ${p}/share $out/share
|
2024-08-22 22:27:39 +03:00
|
|
|
''
|
|
|
|
);
|
|
|
|
|
|
|
|
isEnable = cfg.tor-browser.enable
|
|
|
|
or cfg.librewolf.enable
|
|
|
|
or cfg.mullvad-browser.enable;
|
|
|
|
in
|
2024-04-16 02:51:46 +03:00
|
|
|
{
|
|
|
|
imports = [
|
|
|
|
./tor-browser.nix
|
|
|
|
./mullvad-browser.nix
|
|
|
|
./librewolf.nix
|
|
|
|
];
|
2024-08-22 22:27:39 +03:00
|
|
|
|
|
|
|
config = lib.mkIf isEnable {
|
2024-08-28 13:51:55 +03:00
|
|
|
environment.systemPackages = hostPackages;
|
2024-08-22 22:27:39 +03:00
|
|
|
|
2024-09-27 23:13:34 +03:00
|
|
|
local.sound.systemWide = true;
|
2024-08-22 22:27:39 +03:00
|
|
|
|
|
|
|
containers.browsers = {
|
|
|
|
autoStart = true;
|
|
|
|
ephemeral = true;
|
|
|
|
|
|
|
|
bindMounts = lib.mkMerge [
|
|
|
|
{
|
2024-09-27 23:13:34 +03:00
|
|
|
"/tmp/.X11-unix" = { };
|
2024-08-22 22:27:39 +03:00
|
|
|
"/etc/ssh/keys" = {
|
|
|
|
isReadOnly = false;
|
2024-09-06 10:41:31 +03:00
|
|
|
hostPath = "/persistent/per-machine/browsers/etc/ssh/keys";
|
2024-08-22 22:27:39 +03:00
|
|
|
};
|
|
|
|
"/home/kira/Downloads" = {
|
|
|
|
isReadOnly = false;
|
|
|
|
hostPath = "/home/jan/downloads/browser";
|
|
|
|
};
|
2024-09-08 02:36:45 +03:00
|
|
|
}
|
|
|
|
(lib.mkIf config.hardware.graphics.enable {
|
2024-09-04 00:11:57 +03:00
|
|
|
"/run/opengl-driver/lib" = { };
|
2024-09-08 02:36:45 +03:00
|
|
|
})
|
|
|
|
(lib.mkIf config.hardware.graphics.enable32Bit {
|
2024-09-04 00:11:57 +03:00
|
|
|
"/run/opengl-driver-32/lib" = { };
|
2024-09-08 02:36:45 +03:00
|
|
|
})
|
2024-08-22 22:27:39 +03:00
|
|
|
(lib.mkIf cfg.librewolf.enable {
|
|
|
|
"/home/kira/.librewolf" = {
|
|
|
|
isReadOnly = false;
|
2024-09-06 10:41:31 +03:00
|
|
|
hostPath = "/persistent/per-machine/browsers/home/kira/.librewolf";
|
2024-08-22 22:27:39 +03:00
|
|
|
};
|
|
|
|
})
|
|
|
|
];
|
|
|
|
|
|
|
|
config = { pkgs, ... }: {
|
|
|
|
system.stateVersion = "23.11";
|
|
|
|
|
2024-08-28 01:33:45 +03:00
|
|
|
fonts = {
|
|
|
|
inherit (config.fonts) enableDefaultPackages packages;
|
|
|
|
fontconfig = { inherit (config.fonts.fontconfig) defaultFonts; };
|
|
|
|
};
|
2024-08-28 00:00:55 +03:00
|
|
|
|
2024-08-22 22:27:39 +03:00
|
|
|
users.users.kira = {
|
|
|
|
isNormalUser = true;
|
|
|
|
home = "/home/kira";
|
|
|
|
password = "hello";
|
|
|
|
extraGroups = [ "pulse-access" ];
|
|
|
|
packages = contPackages;
|
|
|
|
};
|
|
|
|
|
|
|
|
environment.sessionVariables = {
|
2024-09-04 10:34:51 +03:00
|
|
|
DISPLAY = ":0";
|
2024-09-27 23:13:34 +03:00
|
|
|
PULSE_SERVER = "tcp:127.0.0.1:4713";
|
2024-08-22 22:27:39 +03:00
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2024-04-16 02:51:46 +03:00
|
|
|
}
|