summaryrefslogtreecommitdiffstats
path: root/lass/2configs/browsers.nix
diff options
context:
space:
mode:
authornin <nin@c-base.org>2018-05-02 15:13:40 +0200
committernin <nin@c-base.org>2018-05-02 15:13:40 +0200
commit689fb1a77ad53722086da922de2de533460205b3 (patch)
tree408667e6aa15e1e0fa031e99c003c3968ba1578d /lass/2configs/browsers.nix
parent702136442c5f8c4f7f1bb911bd21d238a164218a (diff)
parent37fa7bff9339799984554b8ccbacf1f07281d6ce (diff)
Merge branch 'master' of prism:stockholm
Diffstat (limited to 'lass/2configs/browsers.nix')
-rw-r--r--lass/2configs/browsers.nix77
1 files changed, 28 insertions, 49 deletions
diff --git a/lass/2configs/browsers.nix b/lass/2configs/browsers.nix
index cbbd54b6b..3030d8faf 100644
--- a/lass/2configs/browsers.nix
+++ b/lass/2configs/browsers.nix
@@ -21,59 +21,37 @@ let
$BIN "$@"
'';
- createChromiumUser = name: extraGroups: precedence:
- let
- bin = pkgs.writeScriptBin name ''
- /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.chromium}/bin/chromium $@
- '';
- in {
- users.extraUsers.${name} = {
- inherit name;
- inherit extraGroups;
- home = "/home/${name}";
- uid = genid name;
- useDefaultShell = true;
- createHome = true;
- };
- lass.browser.paths.${name} = {
- path = bin;
- inherit precedence;
+ createUser = script: name: groups: precedence: dpi:
+ {
+ lass.xjail.${name} = {
+ inherit script groups dpi;
};
- security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(${name}) NOPASSWD: ALL
- '';
environment.systemPackages = [
- bin
+ config.lass.xjail-bins.${name}
+ (pkgs.writeDashBin "cx-${name}" ''
+ DISPLAY=:${toString (genid_signed name)} ${pkgs.xclip}/bin/xclip -o | DISPLAY=:0 ${pkgs.xclip}/bin/xclip
+ '')
];
- };
-
- createFirefoxUser = name: extraGroups: precedence:
- let
- bin = pkgs.writeScriptBin name ''
- /var/run/wrappers/bin/sudo -u ${name} -i ${pkgs.firefox-devedition-bin}/bin/firefox-devedition $@
- '';
- in {
- users.extraUsers.${name} = {
- inherit name;
- inherit extraGroups;
- home = "/home/${name}";
- uid = genid name;
- useDefaultShell = true;
- createHome = true;
- };
lass.browser.paths.${name} = {
- path = bin;
+ path = config.lass.xjail-bins.${name};
inherit precedence;
};
- security.sudo.extraConfig = ''
- ${mainUser.name} ALL=(${name}) NOPASSWD: ALL
- '';
- environment.systemPackages = [
- bin
- ];
};
- #TODO: abstract this
+ createChromiumUser = name: groups: precedence:
+ createUser (pkgs.writeDash name ''
+ ${pkgs.chromium}/bin/chromium "$@"
+ '') name groups precedence 80;
+
+ createFirefoxUser = name: groups: precedence:
+ createUser (pkgs.writeDash name ''
+ ${pkgs.firefox-devedition-bin}/bin/firefox-devedition "$@"
+ '') name groups precedence 80;
+
+ createQuteUser = name: groups: precedence:
+ createUser (pkgs.writeDash name ''
+ ${pkgs.qutebrowser}/bin/qutebrowser "$@"
+ '') name groups precedence 60;
in {
@@ -110,12 +88,13 @@ in {
}));
};
}
+ ( createQuteUser "qb" [ "audio" ] 20 )
( createFirefoxUser "ff" [ "audio" ] 10 )
- ( createChromiumUser "cr" [ "video" "audio" ] 9 )
+ ( createChromiumUser "cr" [ "audio" ] 9 )
( createChromiumUser "gm" [ "video" "audio" ] 8 )
- ( createChromiumUser "wk" [ "video" "audio" ] 0 )
- ( createChromiumUser "fb" [ "video" "audio" ] 0 )
- ( createChromiumUser "com" [ "video" "audio" ] 0 )
+ ( createChromiumUser "wk" [ "audio" ] 0 )
+ ( createChromiumUser "fb" [ "audio" ] 0 )
+ ( createChromiumUser "com" [ "audio" ] 0 )
( createChromiumUser "fin" [] (-1) )
];
}