PapaTutuWawa/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add psst

Browse Source
This commit is contained in:
PapaTutuWawa
2022-01-14 18:08:47 +01:00
parent 9b8e0c4fd7
commit ed1f4f4fc6
8 changed files with 129 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
packages/default.nix
View File

@@ -9,7 +9,6 @@ let
extraStartupArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland";
#extraStartupArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --enable-features=WebRTCPipeWireCapturer";
};
wrapInSandbox = prev.callPackage ./sandbox.nix {};
in {
key-mapper = prev.callPackage ./tools/games/key-mapper {};
vfio-isolate = prev.callPackage ./tools/virtualisation/vfio-isolate {};
@@ -31,90 +30,12 @@ key-mapper = prev.callPackage ./tools/games/key-mapper {};
pySmartDL = pySmartDL;
cfscrape = cfscrape;
};
discord-wrapped = wrapInSandbox {
name = "discord";
package = prev.discord;
#package = discord-system-electron;
binaryName = "discord";
mountInHome = [ ".config/discord" ".config/BetterDiscord" ];
additionalBlacklist = [ "/mnt" ];
chdirTo = "/home/$USER";
version = "1.0.1";
copyIntoSandbox = [ "share/pixmaps" ];
desktopFileArgs = {
name = "Discord (wrapped)";
#exec = "discord";
icon = "discord";
desktopName = "Discord (wrapped)";
genericName = "Instant Messenger";
categories = "Network;InstantMessaging;";
};
};
sddm-sugar-dark = prev.callPackage ./sddm-sugar-dark {};
surface-control = prev.callPackage ./tools/system/surface-control {};
trackma = prev.callPackage ./tools/video/trackma {};
multimc-wrapped = wrapInSandbox {
name = "multimc";
package = prev.multimc.override {
jdk = prev.jdk11;
jdk8 = prev.jdk11;
};
binaryName = "multimc";
mountInHome = [ ".local/share/multimc" ];
additionalBlacklist = [ "/mnt" ];
chdirTo = "/home/$USER";
#extraEnv = {
# DRI_PRIME = "1";
#};
};
minecraft-wrapped = wrapInSandbox {
name = "minecraft-launcher";
package = prev.minecraft;
binaryName = "minecraft-launcher";
mountInHome = [ ".local/share/minecraft" ".minecraft" ];
additionalBlacklist = [ "/mnt" ];
chdirTo = "/home/$USER";
};
steam-wrapped = wrapInSandbox {
name = "steam";
package = prev.steam;
binaryName = "steam";
mountInHome = [ ".steam" ".local/share/Steam" ];
additionalBlacklist = [ "/mnt" ];
additionalMounts = [ "/mnt/Storage/Games/SteamLibrary" ];
chdirTo = "/home/$USER";
extraEnv = {
DRI_PRIME = "1";
};
copyIntoSandbox = [ "/share" ];
};
android-studio-wrapped = wrapInSandbox {
name = "android-studio";
package = prev.android-studio;
binaryName = "android-studio";
additionalBlacklist = [ "/mnt" ];
mountInHome = [ "Development/Personal/Android" ".android" ];
chdirTo = "/home/$USER";
};
xournalpp-git = prev.xournalpp.overrideAttrs (old: {
version = "1.1.1";
src = prev.fetchFromGitHub {
owner = "bhennion";
repo = "xournalpp";
rev = "5d1545b0c4303e45b4ddf4ef8a1565eba822a9af";
sha256 = "1d17lvydlny9pvaxa9xy53wxs7i6d563lp5r9g3r1xpgnb7zli8v";
};
});
gajim-mainwindow = prev.callPackage ./applications/networking/instant-messengers/gajim {
nbxmpp = prev.python3Packages.nbxmpp.overrideAttrs (old: {
@@ -133,20 +54,10 @@ key-mapper = prev.callPackage ./tools/games/key-mapper {};
# TODO: Remove once NixOS has version 0.11.16 in their repos
sublime-music-no-test = prev.callPackage ./applications/audio/sublime-music {};
# TODO: Remove once upstream has a new version tagged
kasts-git = prev.libsForQt5.kasts.overrideAttrs (old: {
src = let
commit = "b39be0118ef6ff587b433af185c584f3d5bcec30";
in builtins.fetchTarball {
url = "https://invent.kde.org/plasma-mobile/kasts/-/archive/${commit}/kasts-${commit}.tar.gz";
sha256 = "06myymbwj89357cpg7phha1x8q84mlhcy4f44pdkqmg7lkd5a6df";
};
buildInputs = old.buildInputs ++ [ prev.taglib prev.libsForQt5.qtkeychain ];
});
sound-gambit = prev.callPackage tools/audio/sound-gambit {};
ebu-norm = prev.callPackage tools/audio/ebu-norm {};
payload-dumper = prev.callPackage tools/system/payload-dumper {};
psst = prev.callPackage tools/audio/psst {};
}

184
packages/sandbox.nix
View File

@@ -1,184 +0,0 @@
{
stdenv, lib
, runCommandLocal, writeShellScriptBin, makeDesktopItem
, bubblewrap, coreutils, glibc, pkgsi686Linux
}:
{
name
, package
, binaryName
, version ? "1.0.0"
, desktopFileArgs ? null
, copyIntoSandbox ? null
, unshareUser ? true
, unshareIpc ? true
, unsharePid ? true
, unshareNet ? false
, unshareUts ? true
, unshareCgroup ? true
, dieWithParent ? true
, mountInHome ? []
, chdirTo ? "\"$(pwd)\""
, additionalBlacklist ? []
, additionalMounts ? []
, extraEnv ? {}
}:
let
etcBindFlags = let
files = [
# NixOS Compatibility
"static"
"nix" # mainly for nixUnstable users, but also for access to nix/netrc
# Shells
"bashrc"
"zshenv"
"zshrc"
"zinputrc"
"zprofile"
# Users, Groups, NSS
"passwd"
"group"
"shadow"
"hosts"
"resolv.conf"
"nsswitch.conf"
# User profiles
"profiles"
# Sudo & Su
"login.defs"
"sudoers"
"sudoers.d"
# Time
"localtime"
"zoneinfo"
# Other Core Stuff
"machine-id"
"os-release"
# PAM
"pam.d"
# Fonts
"fonts"
# ALSA
"alsa"
"asound.conf"
# SSL
"ssl/certs"
"pki"
];
in builtins.concatStringsSep "\n "
(map (file: "--ro-bind-try /etc/${file} /etc/${file}") files);
# Create this on the fly instead of linking from /nix
# The container might have to modify it and re-run ldconfig if there are
# issues running some binary with LD_LIBRARY_PATH
createLdConfCache = ''
cat > /etc/ld.so.conf <<EOF
/lib
/lib/x86_64-linux-gnu
/lib64
/usr/lib
/usr/lib/x86_64-linux-gnu
/usr/lib64
/lib/i386-linux-gnu
/lib32
/usr/lib/i386-linux-gnu
/usr/lib32
EOF
ldconfig &> /dev/null
'';
init = run: writeShellScriptBin "${binaryName}-init" ''
source /etc/profile
${createLdConfCache}
exec ${run} "$@"
'';
extraEnvString = lib.foldl (acc: val: acc + val + "\n") "" (lib.mapAttrsToList (name: value: "--setenv ${name} \"${value}\"") extraEnv);
mountHome = mountInHome == [];
initStr = init "${package}/bin/${binaryName}";
bwrapCmd = { initArgs ? "" }: ''
blacklist=(/nix /dev /proc /etc ${lib.optionalString (!mountHome) "/home"} ${builtins.toString additionalBlacklist})
ro_mounts=()
symlinks=()
declare -a auto_mounts
# loop through all directories in the root
for dir in /*; do
# if it is a directory and it is not in the blacklist
if [[ -d "$dir" ]] && [[ ! "''${blacklist[@]}" =~ "$dir" ]]; then
# add it to the mount list
auto_mounts+=(--bind "$dir" "$dir")
fi
done
if [[ "${lib.optionalString (!mountHome) "1"}" = "1" ]]; then
for entry in ${builtins.toString mountInHome}; do
auto_mounts+=(--bind "/home/$USER/$entry" "/home/$USER/$entry")
done
fi
if [[ ! -z "${builtins.toString additionalMounts}" ]]; then
for entry in ${builtins.toString additionalMounts}; do
auto_mounts+=(--bind "$entry" "$entry")
done
fi
cmd=(
${bubblewrap}/bin/bwrap
--dev-bind /dev /dev
--proc /proc
--chdir ${chdirTo}
${lib.optionalString unshareUser "--unshare-user"}
${lib.optionalString unshareIpc "--unshare-ipc"}
${lib.optionalString unsharePid "--unshare-pid"}
${lib.optionalString unshareNet "--unshare-net"}
${lib.optionalString unshareUts "--unshare-uts"}
${lib.optionalString unshareCgroup "--unshare-cgroup"}
${lib.optionalString dieWithParent "--die-with-parent"}
--ro-bind /nix /nix
# Our glibc will look for the cache in its own path in `/nix/store`.
# As such, we need a cache to exist there, because pressure-vessel
# depends on the existence of an ld cache. However, adding one
# globally proved to be a bad idea (see #100655), the solution we
# settled on being mounting one via bwrap.
# Also, the cache needs to go to both 32 and 64 bit glibcs, for games
# of both architectures to work.
--tmpfs ${glibc}/etc \
--symlink /etc/ld.so.conf ${glibc}/etc/ld.so.conf \
--symlink /etc/ld.so.cache ${glibc}/etc/ld.so.cache \
--ro-bind ${glibc}/etc/rpc ${glibc}/etc/rpc \
--remount-ro ${glibc}/etc \
--tmpfs ${pkgsi686Linux.glibc}/etc \
--symlink /etc/ld.so.conf ${pkgsi686Linux.glibc}/etc/ld.so.conf \
--symlink /etc/ld.so.cache ${pkgsi686Linux.glibc}/etc/ld.so.cache \
--ro-bind ${pkgsi686Linux.glibc}/etc/rpc ${pkgsi686Linux.glibc}/etc/rpc \
--remount-ro ${pkgsi686Linux.glibc}/etc \
${etcBindFlags}
"''${ro_mounts[@]}"
"''${symlinks[@]}"
"''${auto_mounts[@]}"
${extraEnvString}
${initStr}/bin/${name}-init ${initArgs}
)
exec "''${cmd[@]}"
'';
bin = writeShellScriptBin name (bwrapCmd { initArgs = ''"$@"''; });
desktopItem = makeDesktopItem (desktopFileArgs // {
exec = "${bin}/bin/${name}";
});
copyIntoSandboxString = lib.concatStrings (map (x: "cp -Lr ${package}/${x} $out/${x}\n") copyIntoSandbox);
in stdenv.mkDerivation {
pname = "${name}-sandboxed";
version = version;
unpackPhase = ":";
dontBuild = true;
installPhase = ''
mkdir -p $out/bin
ln -s ${bin}/bin/${name} $out/bin/${name}
'' + lib.strings.optionalString (!(builtins.isNull desktopFileArgs)) ''
mkdir -p $out/share/
cp -r ${desktopItem}/share/applications $out/share
'' + lib.strings.optionalString (!(builtins.isNull copyIntoSandbox)) copyIntoSandboxString;
}

42
packages/tools/audio/psst/default.nix Normal file
View File

@@ -0,0 +1,42 @@
{ lib
, rustPlatform
, fetchFromGitHub
, pkg-config
, cairo
, openssl
, alsa-lib
, dbus
, gtk3
}:
rustPlatform.buildRustPackage rec {
pname = "psst";
version = "1.2.1";
src = fetchFromGitHub {
owner = "jpochyla";
repo = "psst";
rev = "8f142a3232a706537c8477bff43d2e52309f6b78";
sha256 = "00pdijd70rq98lrrfgh6pzqa6w3pp49lmpzaviw7nrgfl7l6j3v0";
};
cargoSha256 = "sha256-/nbYi7n58D8V3qa9rStg7JfGh4sAhTxC2niFFW5Ta34=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ cairo openssl gtk3 alsa-lib dbus ];
postInstall = ''
# Install the desktop file
mkdir -p $out/share
cp .pkg/psst.desktop $out/share/
'';
meta = with lib; {
description = "A modern Volume Mixer for PulseAudio";
homepage = "https://github.com/Aurailus/Myxer";
license = licenses.gpl3Only;
maintainers = with maintainers; [ erin ];
platforms = platforms.linux;
};
}