From 84d4ce487387acf79d882fe61b245a5b32a31173 Mon Sep 17 00:00:00 2001 From: Antoine Viallon Date: Thu, 27 Jan 2022 00:40:44 +0100 Subject: [PATCH] [HomeManager] Refactoring. Now copies a default home.nix file into user directories --- home-manager.nix | 196 ++++++----------------------------------------- 1 file changed, 23 insertions(+), 173 deletions(-) diff --git a/home-manager.nix b/home-manager.nix index 231f399..17028d8 100644 --- a/home-manager.nix +++ b/home-manager.nix @@ -2,6 +2,8 @@ with lib; let cfg = config.aviallon.home-manager; + usersCfg = config.users; + defaultUsers = attrNames (filterAttrs (name: value: value.isNormalUser) usersCfg.users); in { imports = [ @@ -16,11 +18,18 @@ in type = types.bool; }; users = mkOption { - default = [ "aviallon" ]; - example = [ ]; + default = [ ]; + example = defaultUsers; description = "Users to add the default home-manager config to."; type = types.listOf types.str; }; + + defaultHomeFile = mkOption { + default = "/etc/nixos/homes/home.nix"; + example = literalExpression "/etc/skel/home.nix"; + description = "Default home.nix to place in .config/nixpkgs/home.nix when none exists"; + type = types.either types.path types.str; + }; }; @@ -29,177 +38,18 @@ in home-manager.useGlobalPkgs = true; home-manager.backupFileExtension = "hmbackup"; - home-manager.users = genAttrs cfg.users (u: { - - home.packages = [ pkgs.home-manager ]; - home.stateVersion = config.system.stateVersion; - - #xdg.desktopEntries.firefox = { - # name = "Firefox"; - # genericName = "Web Browser"; - # exec = "firefox %u"; - # terminal = false; - # categories = [ "Application" ]; - #}; - - programs.firefox.enable = true; - programs.firefox.package = pkgs.firefox.override { - cfg = { - enablePlasmaBrowserIntegration = true; - }; - }; - programs.firefox.extensions = with pkgs.nur.repos.rycee.firefox-addons; [ - bypass-paywalls-clean - clearurls - darkreader - decentraleyes - facebook-container - french-language-pack - i-dont-care-about-cookies - https-everywhere - plasma-integration - return-youtube-dislikes - terms-of-service-didnt-read - ublock-origin - ]; - - - programs.firefox.profiles = { - default = { - isDefault = true; - settings = { - # Do not save passwords to Firefox... - #"security.ask_for_password" = 0; - - # i18n - "intl.accept_languages" = ""; - - # Don't disable silently installed extensions - "extensions.autoDisableScopes" = 0; - - # We handle this elsewhere - "browser.shell.checkDefaultBrowser" = false; - - # Don't allow websites to prevent use of right-click, or otherwise - # messing with the context menu. - "dom.event.contextmenu.enabled" = true; - - # Don't allow websites to prevent copy and paste. Disable - # notifications of copy, paste, or cut functions. Stop webpage - # knowing which part of the page had been selected. - "dom.event.clipboardevents.enabled" = true; - - # Do not track from battery status. - "dom.battery.enabled" = false; - - # Show punycode. Help protect from character 'spoofing'. - "network.IDN_show_punycode" = true; - - # Disable site reading installed plugins. - "plugins.enumerable_names" = ""; - - # Use Mozilla instead of Google here. - "geo.provider.network.url" = - "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; - - # No speculative content when searching. - "browser.urlbar.speculativeConnect.enabled" = false; - - # Sends data to servers when leaving pages. - "beacon.enabled" = false; - - # Informs servers about links that get clicked on by the user. - "browser.send_pings" = false; - - "browser.tabs.closeWindowWithLastTab" = false; - - # DuckDuckGo please - "browser.urlbar.placeholderName" = "duckduckgo"; - "browser.search.defaultenginename" = "duckduckgo"; - "browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.havePinned" = "duckduckgo"; - "browser.newtabpage.activity-stream.improvesearch.topSiteSearchShortcuts.searchEngines" = "duckduckgo"; - - # Safe browsing - "browser.safebrowsing.enabled" = false; - "browser.safebrowsing.phishing.enabled" = false; - "browser.safebrowsing.malware.enabled" = false; - "browser.safebrowsing.downloads.enabled" = false; - "browser.safebrowsing.provider.google4.updateURL" = ""; - "browser.safebrowsing.provider.google4.reportURL" = ""; - "browser.safebrowsing.provider.google4.reportPhishMistakeURL" = ""; - "browser.safebrowsing.provider.google4.reportMalwareMistakeURL" = - ""; - "browser.safebrowsing.provider.google4.lists" = ""; - "browser.safebrowsing.provider.google4.gethashURL" = ""; - "browser.safebrowsing.provider.google4.dataSharingURL" = ""; - "browser.safebrowsing.provider.google4.dataSharing.enabled" = false; - "browser.safebrowsing.provider.google4.advisoryURL" = ""; - "browser.safebrowsing.provider.google4.advisoryName" = ""; - "browser.safebrowsing.provider.google.updateURL" = ""; - "browser.safebrowsing.provider.google.reportURL" = ""; - "browser.safebrowsing.provider.google.reportPhishMistakeURL" = ""; - "browser.safebrowsing.provider.google.reportMalwareMistakeURL" = ""; - "browser.safebrowsing.provider.google.pver" = ""; - "browser.safebrowsing.provider.google.lists" = ""; - "browser.safebrowsing.provider.google.gethashURL" = ""; - "browser.safebrowsing.provider.google.advisoryURL" = ""; - "browser.safebrowsing.downloads.remote.url" = ""; - - # Don't call home on new tabs - "browser.selfsupport.url" = ""; - "browser.aboutHomeSnippets.updateUrL" = ""; - "browser.startup.homepage_override.mstone" = "ignore"; - "browser.startup.homepage_override.buildID" = ""; - "startup.homepage_welcome_url" = ""; - "startup.homepage_welcome_url.additional" = ""; - "startup.homepage_override_url" = ""; - - # Firefox experiments... - "experiments.activeExperiment" = false; - "experiments.enabled" = false; - "experiments.supported" = false; - "extensions.pocket.enabled" = false; - - # Firefox Sync - "identity.fxaccounts.enabled" = true; - - # Privacy - "privacy.donottrackheader.enabled" = true; - "privacy.donottrackheader.value" = 1; - "privacy.trackingprotection.enabled" = true; - "privacy.trackingprotection.socialtracking.enabled" = true; - "privacy.firstparty.isolate" = true; - "toolkit.legacyUserProfileCustomizations.stylesheets" = true; - "toolkit.telemetry.enabled" = false; - "toolkit.telemetry.unified" = false; - "toolkit.telemetry.archive.enabled" = false; - "browser.toolbars.bookmarks.visibility" = "never"; - - # Cookies - "network.cookie.cookieBehavior" = 1; - - # Perf - "gfx.webrender.all" = true; - "media.ffmpeg.vaapi.enabled" = true; - "media.ffvpx.enabled" = false; - "media.rdd-vpx.enabled" = false; - "gfx.webrender.compositor.force-enabled" = true; - "media.navigator.mediadatadecoder_vpx_enabled" = true; - "webgl.force-enabled" = true; - "layers.acceleration.force-enabled" = true; - "layers.offmainthreadcomposition.enabled" = true; - "layers.offmainthreadcomposition.async-animations" = true; - "layers.async-video.enabled" = true; - "html5.offmainthread" = true; - - # Remove those extra empty spaces in both sides - "browser.uiCustomization.state" = '' - {"placements":{"widget-overflow-fixed-list":[],"nav-bar":["back-button","forward-button","stop-reload-button","urlbar-container","downloads-button","fxa-toolbar-menu-button"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["import-button","personal-bookmarks"]},"seen":["developer-button"],"dirtyAreaCache":["nav-bar","PersonalToolbar"],"currentVersion":17,"newElementCount":4} - ''; - }; - }; - }; - + users.users = genAttrs cfg.users (u: { + isNormalUser = true; + group = "${u}"; + extraGroups = [ "audio" "video" "networkmanager" ]; }); + users.groups = genAttrs cfg.users (u: { } ); + + systemd.tmpfiles.rules = concatLists (forEach cfg.users (u: + [ + "d ${usersCfg.users.${u}.home}/.config/nixpkgs 0700 ${u} ${u} -" + "C ${usersCfg.users.${u}.home}/.config/nixpkgs/home.nix 0600 ${u} ${u} - ${cfg.defaultHomeFile}" + ] + )); }; }