emmet/nixos-config
0
1
Fork 0
Code Issues Pull Requests Projects Wiki Activity

Major config overhaul: use custom modules, setup for multi-host config, and less boilerplate

Browse Source
This commit is contained in:
Emmet K
2025-02-09 16:50:26 -06:00
parent 1fa8b17b07
commit 0453901d17
303 changed files with 3560 additions and 5566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
modules/system/security/firejail/default.nix Normal file
View File

@@ -0,0 +1,30 @@
{ lib, config, pkgs, ... }:
let
cfg = config.systemSettings.security.firejail;
in {
options = {
systemSettings.security.firejail = {
enable = lib.mkEnableOption "Use firejail on some apps for extra security";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ firejail ];
programs.firejail.enable = true;
programs.firejail.wrappedBinaries = {
#prismlauncher = {
# executable = "${pkgs.prismlauncher}/bin/prismlauncher";
# profile = ./firejail-profiles/prismlauncher.profile;
#};
#steam = {
# executable = "${pkgs.steam}/bin/steam";
# profile = "${pkgs.firejail}/etc/firejail/steam.profile";
#};
#steam-run = {
# executable = "${pkgs.steam}/bin/steam-run";
# profile = "${pkgs.firejail}/etc/firejail/steam.profile";
#};
};
};
}