93 lines
3.9 KiB
Nix
93 lines
3.9 KiB
Nix
{ pkgs, lib, config, ... }:
|
|
let
|
|
ensureNixPath = "${config.xdg.configHome}/dotfiles/ensure_nix.sh";
|
|
# TODO Can we maybe use a lighter version of this?
|
|
in
|
|
{
|
|
config = lib.mkIf config.frogeye.userNix {
|
|
dconf.enable = lib.mkForce false;
|
|
# Otherwise standalone home-manager complains it can't find /etc/dbus-1/session.conf.
|
|
# Symlinking it to /usr/share/dbus-1/session.conf goes further but not much.
|
|
|
|
home.activation = {
|
|
# When Nix is installed in the user directory via a proot, systemd --user
|
|
# is started outside of it, so it cannot access /nix. So we need to:
|
|
# - Ensure files systemd access aren't via /nix.
|
|
# Sometimes there's multiple layers of redirection, so easiest way is
|
|
# to copy the file outside the store.
|
|
# - Wrap services entrypoints into a proot wrapper
|
|
prootSystemd = lib.hm.dag.entryBetween [ "reloadSystemd" ] [ "linkGeneration" ] ''
|
|
cd ${config.xdg.configHome}/systemd/user
|
|
${pkgs.findutils}/bin/find . -maxdepth 1 -type l | while read path
|
|
do
|
|
temp="$(mktemp -p "$PWD")"
|
|
${pkgs.gnused}/bin/sed 's|^Exec\S\+=|\0${ensureNixPath} |' "$path" > "$temp"
|
|
$DRY_RUN_CMD mv $VERBOSE_ARG "$temp" "$path"
|
|
rm -f "$temp"
|
|
done
|
|
# Targets (need to be symlinks to original)
|
|
${pkgs.findutils}/bin/find . -mindepth 2 -maxdepth 2 -type l | while read path
|
|
do
|
|
$DRY_RUN_CMD rm $VERBOSE_ARG "$path"
|
|
$DRY_RUN_CMD ln $VERBOSE_ARG -s "../$(basename "$path")" "$path"
|
|
done
|
|
'';
|
|
# Unless files were created by HM, it will complain that something is in the way, so we delete them.
|
|
# This is very ugly, as you're not supposed to write things before writeBoundary, but hey
|
|
prootSystemdClean = lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
|
|
$DRY_RUN_CMD rm $VERBOSE_ARG -rf ${config.xdg.configHome}/systemd/user
|
|
'';
|
|
# I wonder if it's possible to do this in a slightly more Nix way, without causing infinite recursion
|
|
|
|
# Create a graphical entrypoint by overriding one of the OS programs
|
|
graphicalEntrypoints =
|
|
let
|
|
graphicalBin = "${config.home.homeDirectory}/.local/bin";
|
|
graphicalProfile = pkgs.writeTextFile {
|
|
name = "graphical-profile";
|
|
text = ''
|
|
export PATH="${graphicalBin}:$PATH"
|
|
'';
|
|
};
|
|
graphicalEntrypoint = pkgs.writeTextFile {
|
|
name = "graphical-entrypoint";
|
|
text = ''
|
|
#!/bin/sh
|
|
exec ${ensureNixPath} ${config.xsession.scriptPath}
|
|
'';
|
|
executable = true;
|
|
};
|
|
in
|
|
# lib.mkIf config.frogeye.desktop.xorg # TODO Removed because wrong ordering or something?
|
|
lib.hm.dag.entryAfter [ "writeBoundary" ] ''
|
|
$DRY_RUN_CMD cp $VERBOSE_ARG -L -f ${graphicalProfile} ${config.home.homeDirectory}/.xprofile
|
|
$DRY_RUN_CMD cp $VERBOSE_ARG -L -f ${graphicalEntrypoint} ${graphicalBin}/cinnamon-session-cinnamon
|
|
'';
|
|
};
|
|
|
|
# Ubuntu gives you this for some reason, but it just makes warnings
|
|
xsession.initExtra = ''
|
|
unset LD_PRELOAD
|
|
'';
|
|
|
|
# Some systemd options don't work if you're running a proot inside, so they need to be relaxed
|
|
systemd.user = {
|
|
services = {
|
|
mpd.Service = {
|
|
# This tries to override PATH for some reason, which makes ensure_nix not work
|
|
Environment = lib.mkForce [ ];
|
|
# Since we're wrapping in ensure_nix, notifications for Type=notify
|
|
# will come from a process lower
|
|
NotifyAccess = "all";
|
|
};
|
|
# Below might be applicable on all services that use those options, but none is to test right now
|
|
syncthing.Service = {
|
|
PrivateUsers = lib.mkForce [ ];
|
|
RestrictNamespaces = lib.mkForce [ ];
|
|
SystemCallFilter = lib.mkForce [ ];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|