diff --git a/boot.nix b/boot.nix index ac126dc..f0c1ee7 100644 --- a/boot.nix +++ b/boot.nix @@ -209,7 +209,6 @@ in { loader.grub.enable = cfg.useGrub; loader.grub = { - version = 2; device = mkIf cfg.efi "nodev"; efiSupport = cfg.efi; configurationLimit = cfg.configurationLimit; diff --git a/desktop/games.nix b/desktop/games.nix index a96f415..16d34d3 100644 --- a/desktop/games.nix +++ b/desktop/games.nix @@ -21,7 +21,7 @@ in { description = "Ryujinx Switch emulator package"; type = myLib.types.package'; default = pkgs.unstable.ryujinx; - example = literalExample "pkgs.unstable.ryujinx"; + example = literalExpression "pkgs.unstable.ryujinx"; }; }; }; @@ -88,7 +88,6 @@ in { }; programs.steam.package = pkgs.steam.override { - withJava = true; extraPkgs = pkgs: [ pkgs.gamescope ]; diff --git a/desktop/multimedia.nix b/desktop/multimedia.nix index 7788153..24c09ad 100644 --- a/desktop/multimedia.nix +++ b/desktop/multimedia.nix @@ -56,11 +56,6 @@ in { alsa.enable = true; alsa.support32Bit = mkDefault true; wireplumber.enable = true; - config.pipewire-pulse = { - "context.exec" = [ - { path = "pactl"; args = ''load-module module-combine-sink sink_name="Sorties combinées"''; } - ]; - }; }; environment.etc = { "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' @@ -71,6 +66,16 @@ in { ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" } ''; + "pipewire/pipewire-pulse.conf.d/combined-outputs.json".text = '' + { + "context.exec": [ + { + "args": "load-module module-combine-sink sink_name=\"Sorties combinées\"", + "path": "pactl" + } + ] + } + ''; }; security.rtkit.enable = true; # Real-time support for pipewire diff --git a/desktop/plasma.nix b/desktop/plasma.nix index ed7d7cf..d0a6a8e 100644 --- a/desktop/plasma.nix +++ b/desktop/plasma.nix @@ -34,7 +34,11 @@ in { enable = true; runUsingSystemd = true; useQtScaling = true; - supportDDC = true; + + # Removed in: https://github.com/NixOS/nixpkgs/pull/172078 + # and: https://github.com/NixOS/nixpkgs/pull/221721 + # Once this (https://invent.kde.org/plasma/powerdevil/-/issues/19) is solved, make PR to add it back (prehaps by default?) + # supportDDC = true; }; systemd.tmpfiles.rules = mkAfter [ diff --git a/filesystems.nix b/filesystems.nix index a0ac713..a2275d5 100644 --- a/filesystems.nix +++ b/filesystems.nix @@ -120,8 +120,8 @@ in extraRules = concatStringsSep "\n" cfg.udevRules; }; - boot.tmpOnTmpfs = true; - boot.tmpOnTmpfsSize = + boot.tmp.useTmpfs = true; + boot.tmp.tmpfsSize = let hasSwap = length config.swapDevices > 0; in diff --git a/hardening.nix b/hardening.nix index c022c0e..72e6be5 100644 --- a/hardening.nix +++ b/hardening.nix @@ -49,7 +49,7 @@ in security.sudo.execWheelOnly = true; - services.openssh.permitRootLogin = "prohibit-password"; + services.openssh.settings.PermitRootLogin = "prohibit-password"; security.apparmor.enable = true; services.dbus.apparmor = "enabled"; diff --git a/overlays.nix b/overlays.nix index 0d90ed7..ac2e584 100644 --- a/overlays.nix +++ b/overlays.nix @@ -1,4 +1,5 @@ {config, pkgs, options, lib, ...}: +with builtins; with lib; let cfg = config.aviallon.overlays; @@ -89,21 +90,30 @@ in jetbrains = prev.jetbrains // { pycharm-professional-fhs = ( let + myIsDerivation = x: + let + tryX = tryEval x; + in + if tryX.success + then + isDerivation tryX.value + && !(tryX.value.meta.insecure || tryX.value.meta.broken) + else false + ; unwrapped = final.jetbrains.pycharm-professional; in prev.buildFHSUserEnv rec { name = "pycharm-professional"; - targetPkgs = pkgs: (with pkgs; [ - glibc + targetPkgs = pkgs: (with pkgs; + [ + glibc + bashInteractive - python3Full - python311 - python310Full - python39Full - python38Full - python37Full - - jetbrains.pycharm-professional - ]); + python3Full + + jetbrains.pycharm-professional + ] + ++ filter (x: myIsDerivation x) (attrValues pythonInterpreters) + ); # symlink shared assets, including icons and desktop entries extraInstallCommands = '' diff --git a/programs/libreoffice.nix b/programs/libreoffice.nix index af776ec..e9dd9ff 100644 --- a/programs/libreoffice.nix +++ b/programs/libreoffice.nix @@ -40,7 +40,7 @@ in { package' = mkOption { internal = true; description = "Which base (unwrapped) LibreOffice package to use"; - default = if cfg.qt then pkgs.libreoffice-qt.libreoffice else pkgs.libreoffice-unwrapped; + default = if cfg.qt then pkgs.libreoffice-qt.unwrapped else pkgs.libreoffice.unwrapped; type = myLib.types.package'; }; }; @@ -57,7 +57,7 @@ in { })) ; in pkgs.libreoffice.override { - libreoffice = applyOverrides overridesList cfg.package'; + unwrapped = applyOverrides overridesList cfg.package'; }; diff --git a/services.nix b/services.nix index 485c27f..adcc59e 100644 --- a/services.nix +++ b/services.nix @@ -48,8 +48,10 @@ in { # Enable the OpenSSH daemon. services.openssh = { enable = true; - permitRootLogin = mkDefault "prohibit-password"; - forwardX11 = mkDefault config.services.xserver.enable; + settings = { + X11Forwarding = mkDefault config.services.xserver.enable; + PermitRootLogin = mkDefault "prohibit-password"; + }; openFirewall = true; startWhenNeeded = true; };