Update flake

flake.lock

@@ -2,7 +2,7 @@
   "nodes": {
     "agenix": {
       "inputs": {
-        "nixpkgs": "nixpkgs_3"
+        "nixpkgs": "nixpkgs_4"
       },
       "locked": {
         "lastModified": 1640802000,
@@ -19,12 +19,16 @@
       }
     },
     "emacs": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      },
       "locked": {
-        "lastModified": 1650684053,
+        "lastModified": 1652416036,
-        "narHash": "sha256-t+EH8O3a+Aajv+uYGzUrF1R1w/6GD4retFAxb23yz90=",
+        "narHash": "sha256-cfNmuHmGwdhHB9/BT1dDxo5anYFAewuvZ/wVFDAgl8w=",
         "owner": "nix-community",
         "repo": "emacs-overlay",
-        "rev": "46041a0711e643c8911845878fa4604dc8669a66",
+        "rev": "9c90a10f7c5d4e99392090820460c1fa7486ae2c",
         "type": "github"
       },
       "original": {
@@ -56,11 +60,11 @@
     },
     "flake-utils": {
       "locked": {
-        "lastModified": 1649676176,
+        "lastModified": 1652372896,
-        "narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
+        "narHash": "sha256-lURGussfF3mGrFPQT3zgW7+RC0pBhbHzco0C7I+ilow=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "a4b154ebbdc88c8498a5c7b01589addc9e9cb678",
+        "rev": "0d347c56f6f41de822a4f4c7ff5072f3382db121",
         "type": "github"
       },
       "original": {
@@ -71,11 +75,11 @@
     },
     "flake-utils_2": {
       "locked": {
-        "lastModified": 1638122382,
+        "lastModified": 1652372896,
-        "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
+        "narHash": "sha256-lURGussfF3mGrFPQT3zgW7+RC0pBhbHzco0C7I+ilow=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
+        "rev": "0d347c56f6f41de822a4f4c7ff5072f3382db121",
         "type": "github"
       },
       "original": {
@@ -86,11 +90,11 @@
     },
     "flake-utils_3": {
       "locked": {
-        "lastModified": 1644229661,
+        "lastModified": 1638122382,
-        "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
+        "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
+        "rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
         "type": "github"
       },
       "original": {
@@ -129,16 +133,31 @@
         "type": "github"
       }
     },
+    "flake-utils_6": {
+      "locked": {
+        "lastModified": 1644229661,
+        "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1650478719,
+        "lastModified": 1652214259,
-        "narHash": "sha256-308c2cM4hW9AW6dSQ080ycXGyEJGkG/OwOINkYL9Mnw=",
+        "narHash": "sha256-kbribVik1m3SU6QNpZ3euybljqs0CEQ0lEEz7MN+u8U=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "93a69d07389311ffd6ce1f4d01836bbc2faec644",
+        "rev": "f735a8502b098962ae965c2600c7be9f7711b814",
         "type": "github"
       },
       "original": {
@@ -248,7 +267,7 @@
     },
     "naersk": {
       "inputs": {
-        "nixpkgs": "nixpkgs_5"
+        "nixpkgs": "nixpkgs_6"
       },
       "locked": {
         "lastModified": 1639947939,
@@ -266,7 +285,7 @@
     },
     "naersk_2": {
       "inputs": {
-        "nixpkgs": "nixpkgs_7"
+        "nixpkgs": "nixpkgs_8"
       },
       "locked": {
         "lastModified": 1639947939,
@@ -317,8 +336,8 @@
     "nixpkgs": {
       "locked": {
         "lastModified": 0,
-        "narHash": "sha256-kCmnDeiaMsdhfnNKjxdOzwRh2H6eQb8yWAL+nNabC/Y=",
+        "narHash": "sha256-70ZWAlOQ9nAZ08OU6WY7n4Ij2kOO199dLfNlvO/+pf8=",
-        "path": "/nix/store/dir0rn9a585sjc5aw78xs744yvd7ks7n-source",
+        "path": "/nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source",
         "type": "path"
       },
       "original": {
@@ -342,13 +361,41 @@
         "type": "github"
       }
     },
+    "nixpkgs_10": {
+      "locked": {
+        "lastModified": 1645373091,
+        "narHash": "sha256-eRbiakFKdxtjrqOtErp4BgOJlLN5VEBymldfxy+ZKzI=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "d0ae0897999e7ba4615e02ca1770df6065099daf",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable-small",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1650161686,
+        "lastModified": 0,
         "narHash": "sha256-70ZWAlOQ9nAZ08OU6WY7n4Ij2kOO199dLfNlvO/+pf8=",
+        "path": "/nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source",
+        "type": "path"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1652231724,
+        "narHash": "sha256-MjalcXFZgcgchp4QqnF05JTkFBBGad5hbksA1EKoP98=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "1ffba9f2f683063c2b14c9f4d12c55ad5f4ed887",
+        "rev": "41ff747f882914c1f8c233207ce280ac9d0c867f",
         "type": "github"
       },
       "original": {
@@ -358,7 +405,7 @@
         "type": "github"
       }
     },
-    "nixpkgs_3": {
+    "nixpkgs_4": {
       "locked": {
         "lastModified": 1618628710,
         "narHash": "sha256-9xIoU+BrCpjs5nfWcd/GlU7XCVdnNKJPffoNTxgGfhs=",
@@ -371,7 +418,7 @@
         "type": "indirect"
       }
     },
-    "nixpkgs_4": {
+    "nixpkgs_5": {
       "locked": {
         "lastModified": 1649490789,
         "narHash": "sha256-YrhVxwoofZSx/wLZ4GYET//8vS+uqWX572zvdmP/Etg=",
@@ -387,7 +434,7 @@
         "type": "github"
       }
     },
-    "nixpkgs_5": {
+    "nixpkgs_6": {
       "locked": {
         "lastModified": 1640233012,
         "narHash": "sha256-DNKMmWZ/RLoh5IVJLAa5HYOy4IW28mBBYDMgMxzzom8=",
@@ -400,7 +447,7 @@
         "type": "indirect"
       }
     },
-    "nixpkgs_6": {
+    "nixpkgs_7": {
       "locked": {
         "lastModified": 1645373091,
         "narHash": "sha256-eRbiakFKdxtjrqOtErp4BgOJlLN5VEBymldfxy+ZKzI=",
@@ -416,7 +463,7 @@
         "type": "github"
       }
     },
-    "nixpkgs_7": {
+    "nixpkgs_8": {
       "locked": {
         "lastModified": 1645010845,
         "narHash": "sha256-hO9X4PvxkSLMQnGGB7tOrKPwufhLMiNQMNXNwzLqneo=",
@@ -429,7 +476,7 @@
         "type": "indirect"
       }
     },
-    "nixpkgs_8": {
+    "nixpkgs_9": {
       "locked": {
         "lastModified": 1642190797,
         "narHash": "sha256-cxeEEAtfIACnm8sV1oz0xlNp9IVk10Fxcc09ggoEZuo=",
@@ -445,29 +492,13 @@
         "type": "github"
       }
     },
-    "nixpkgs_9": {
-      "locked": {
-        "lastModified": 1645373091,
-        "narHash": "sha256-eRbiakFKdxtjrqOtErp4BgOJlLN5VEBymldfxy+ZKzI=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "d0ae0897999e7ba4615e02ca1770df6065099daf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable-small",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "nur": {
       "locked": {
-        "lastModified": 1650681389,
+        "lastModified": 1652434939,
-        "narHash": "sha256-76az6Z4umzHZcMi2N9cdL5gJkxagsJEHveO4+l7wAdU=",
+        "narHash": "sha256-LyaBhP8pu8NZs3BTOftUR9NlNoNoOYxxfuTCw8wtTTE=",
         "owner": "nix-community",
         "repo": "nur",
-        "rev": "bd3cf2bcbd62f3bc66e90c1dd5a00fa933cb861e",
+        "rev": "01f680baba2cfd204d52b1a7f9db61a4ecf7af80",
         "type": "github"
       },
       "original": {
@@ -479,11 +510,11 @@
     "ostylk": {
       "inputs": {
         "agenix": "agenix",
-        "flake-utils": "flake-utils_2",
+        "flake-utils": "flake-utils_3",
         "home-manager": "home-manager_2",
         "impermanence": "impermanence",
         "nixos-hardware": "nixos-hardware_2",
-        "nixpkgs": "nixpkgs_4",
+        "nixpkgs": "nixpkgs_5",
         "nixpkgs-unstable": "nixpkgs-unstable",
         "rnix-lsp": "rnix-lsp",
         "tablet-mode": "tablet-mode"
@@ -505,20 +536,21 @@
     "ostylk-home": {
       "inputs": {
         "flake-helper": "flake-helper",
-        "flake-utils": "flake-utils_4",
+        "flake-utils": "flake-utils_5",
         "home-stable": "home-stable",
         "home-unstable": "home-unstable",
         "linux-surface": "linux-surface",
+        "pkg-compile": "pkg-compile",
         "pkg-stable": "pkg-stable",
         "pkg-unstable": "pkg-unstable",
         "rnix-lsp": "rnix-lsp_2"
       },
       "locked": {
-        "lastModified": 1650633525,
+        "lastModified": 1650719165,
-        "narHash": "sha256-QJSUeNn56J1PEa211GorvkTMOeNiN55DceeVIhLoVnY=",
+        "narHash": "sha256-ltv2f8JpgivJXSstwYIENB19XPwwDgG08+7m+6B7OIY=",
         "ref": "master",
-        "rev": "8620fb21d8fb74352ca289c145a8db868e087e75",
+        "rev": "13737294b4e8d4dd22d889846731a2abf5ab17e5",
-        "revCount": 61,
+        "revCount": 62,
         "type": "git",
         "url": "https://destiny.ostylk.de/gitea/NixDistro/Home.git"
       },
@@ -527,6 +559,22 @@
         "url": "https://destiny.ostylk.de/gitea/NixDistro/Home.git"
       }
     },
+    "pkg-compile": {
+      "locked": {
+        "lastModified": 1650161686,
+        "narHash": "sha256-BXzQV8p/RR440EB9qY0ULYfTH0zSW1stjUCYeP4SF+E=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "1d08ea2bd83abef174fb43cbfb8a856b8ef2ce26",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "pkg-stable": {
       "locked": {
         "lastModified": 1647992509,
@@ -586,7 +634,7 @@
     "rnix-lsp_2": {
       "inputs": {
         "naersk": "naersk_2",
-        "nixpkgs": "nixpkgs_8",
+        "nixpkgs": "nixpkgs_9",
         "utils": "utils_2"
       },
       "locked": {
@@ -607,10 +655,10 @@
     "root": {
       "inputs": {
         "emacs": "emacs",
-        "flake-utils": "flake-utils",
+        "flake-utils": "flake-utils_2",
         "home-manager": "home-manager",
         "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
         "nur": "nur",
         "ostylk": "ostylk",
         "ostylk-home": "ostylk-home",
@@ -636,8 +684,8 @@
     },
     "tablet-mode": {
       "inputs": {
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_4",
-        "nixpkgs": "nixpkgs_6"
+        "nixpkgs": "nixpkgs_7"
       },
       "locked": {
         "lastModified": 1645816436,
@@ -655,8 +703,8 @@
     },
     "tablet-mode_2": {
       "inputs": {
-        "flake-utils": "flake-utils_5",
+        "flake-utils": "flake-utils_6",
-        "nixpkgs": "nixpkgs_9"
+        "nixpkgs": "nixpkgs_10"
       },
       "locked": {
         "lastModified": 1645816436,

modules/default.nix

@@ -47,6 +47,9 @@
     ./virtualisation/default.nix
     ./virtualisation/gaming.nix
 
+    # Security
+    ./security/apparmor.nix
+    
     # Pure options
     ./base.nix
   ];

modules/programs/emacs/default.nix

@@ -16,8 +16,8 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
-    environment.systemPackages = with pkgs; [ emacsPgtkGcc ];
+    environment.systemPackages = with pkgs; [ emacs28NativeComp ];
-    services.emacs.package = pkgs.emacsPgtkGcc;
+    services.emacs.package = pkgs.emacs28NativeComp;
 
     home-manager.users."${config.ptw.system.singleUser}" = {
       home.file = {

modules/programs/gaming/default.nix

@@ -22,7 +22,7 @@ in {
       
       steam-wrapped # Custom package
       
-      nur.repos.dukzcry.gamescope
+      #nur.repos.dukzcry.gamescope
 
       corectrl
     ];

modules/programs/plasma/default.nix

@@ -40,7 +40,7 @@ in {
       libsForQt5.kdeconnect-kde
       libsForQt5.breeze-gtk
       libsForQt5.bismuth
-      #kde-rounded-corners
+      kde-rounded-corners
       index-fm
       rsibreak
       kalendar

modules/security/apparmor.nix

@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.ptw.security.apparmor;
+in {
+  options.ptw.security.apparmor = {
+    enable = lib.mkEnableOption "Enable AppArmor";
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      apparmor-bin-utils
+    ];
+
+    services.dbus.apparmor = "enabled";
+    security.apparmor = {
+      enable = true;
+      enableCache = true;
+      includes = {
+        profiles = "${pkgs.apparmor-profiles}/etc/apparmor.d";
+      };
+    };
+  };
+}

overlays/sandbox.nix

@@ -39,7 +39,11 @@ in {
     name = "steam-wrapped";
     binary = "${prev.steam}/bin/steam";
     launchScriptName = "steam";
-    mountInHome = [ ".steam" ".local/share/Steam" ];
+    mountInHome = [
+      ".steam"
+      ".local/share/Steam"
+      "Downloads/Skyrim Mods"
+    ];
     additionalBlacklist = [ "/mnt" ];
     additionalMounts = [ "/mnt/Storage/Games/SteamLibrary" ];
     chdirTo = "/home/$USER";
@@ -79,7 +83,9 @@ in {
     launchScriptName = "lutris";
     binary = "${prev.lutris-free}/bin/lutris";
     additionalBlacklist = [ "/mnt" ];
-    additionalMounts = [ "/mnt/Storage/Games/" ];
+    additionalMounts = [
+      "/mnt/Storage/Games/LeagueOfLegends"
+    ];
     mountInHome = [ ".local/share/lutris" ".config/lutris" "Games" ];
     chdirTo = "/home/$USER";
 

overlays/simple.nix

@@ -10,6 +10,10 @@ final: prev:
     extraPkgs = pkgs: with final; [ mpv ];
   });
 
+  lutris-free = prev.lutris-free.override {
+    extraPkgs = ps: with ps; [ openssl ];
+  };
+  
   retroarch = prev.retroarch.override (old: {
     cores = with prev.libretro; [
       desmume

packages/applications/networking/instant-messengers/gajim/default.nix

@@ -49,7 +49,7 @@ in python3.pkgs.buildPythonApplication rec {
 
   propagatedBuildInputs = with python3.pkgs; [
     nbxmpp pygobject3 dbus-python pillow css-parser precis-i18n keyring setuptools gsound
-    gst-python gtksourceview4
+    gst-python gtksourceview4 packaging
   ] ++ lib.optionals enableE2E [ pycrypto python-gnupg ]
     ++ lib.optional enableRST docutils
     ++ lib.optionals enableOmemoPluginDependencies [ python-axolotl qrcode ]