2019-10-24 02:20:38 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
# todo : this needs to be cleaned up
|
|
|
|
|
|
|
|
with lib;
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
|
|
cfg = config.programs.custom.browser;
|
|
|
|
|
|
|
|
chromiumBin = "${pkgs.chromium}/bin/chromium";
|
|
|
|
chromeBin = "${pkgs.google-chrome}/bin/google-chrome-stable";
|
|
|
|
firefoxBin = "${pkgs.firefox}/bin/firefox";
|
|
|
|
tarBin = "${pkgs.gnutar}/bin/tar";
|
|
|
|
|
|
|
|
# desktop file
|
|
|
|
# ------------
|
|
|
|
# makes it possible to be used by other programs
|
2019-12-20 05:54:26 +01:00
|
|
|
desktopFile = bin:
|
|
|
|
let browserName = bin.name;
|
|
|
|
in pkgs.writeTextFile {
|
|
|
|
name = "${browserName}.desktop";
|
|
|
|
destination = "/share/applications/${browserName}.desktop";
|
|
|
|
text = ''
|
|
|
|
[Desktop Entry]
|
|
|
|
Type=Application
|
|
|
|
Exec=${bin}/bin/${browserName} %U
|
|
|
|
Icon=chromium
|
|
|
|
Comment=An open source web browser from Google
|
|
|
|
Terminal=false
|
|
|
|
Name=${browserName}
|
|
|
|
GenericName=Web browser
|
|
|
|
MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/webcal;x-scheme-handler/about
|
|
|
|
Categories=Network;WebBrowser
|
|
|
|
StartupWMClass=${browserName}
|
|
|
|
'';
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2020-10-12 23:05:15 +02:00
|
|
|
killBrowser = name:
|
|
|
|
pkgs.writeShellScriptBin "${name}-kill" "sudo killall -9 -u ${name}";
|
|
|
|
|
2019-10-24 02:20:38 +02:00
|
|
|
cleanBrowser = name: browser: home: homeBackup:
|
2019-12-20 05:54:26 +01:00
|
|
|
let
|
|
|
|
backupFile = "${homeBackup}.tar.lzma";
|
|
|
|
rolloutFile = "${home}.tar.lzma";
|
|
|
|
lockFile = "${home}-lock";
|
2021-11-01 09:20:42 +01:00
|
|
|
in
|
|
|
|
pkgs.writeShellScriptBin "${name}-clean" # sh
|
|
|
|
''
|
|
|
|
sudo killall -9 -u ${name}
|
|
|
|
sudo rm -f ${lockFile}
|
|
|
|
sudo rm -rf ${home}
|
|
|
|
'';
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
createBrowser = name: user: browser: home: homeBackup:
|
2019-12-20 05:54:26 +01:00
|
|
|
let
|
|
|
|
backupFile = "${homeBackup}.tar.lzma";
|
|
|
|
rolloutFile = "${home}.tar.lzma";
|
|
|
|
lockFile = "${home}-lock";
|
2021-11-01 09:20:42 +01:00
|
|
|
in
|
|
|
|
pkgs.writeShellScriptBin "${name}" # sh
|
|
|
|
''
|
|
|
|
# set -x
|
|
|
|
if [[ ! -e ${lockFile} ]]
|
|
|
|
then
|
|
|
|
# rollout backup
|
|
|
|
if [[ -e ${backupFile} ]]
|
|
|
|
then
|
|
|
|
if [[ ! -d ${home} ]]
|
|
|
|
then
|
|
|
|
# todo : use make user
|
|
|
|
sudo mkdir -p ${home}
|
|
|
|
sudo chown -R ${user}:users ${home}
|
|
|
|
fi
|
|
|
|
cp ${backupFile} ${rolloutFile}
|
|
|
|
sudo -u ${user} ${tarBin} xf ${rolloutFile} --directory ${home}
|
|
|
|
rm ${rolloutFile}
|
|
|
|
touch ${lockFile}
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
sudo -u ${user} ${browser}
|
|
|
|
'';
|
|
|
|
|
|
|
|
browserExecutableList =
|
|
|
|
let
|
|
|
|
allBrowser = flip mapAttrsToList cfg.configList (name: config:
|
|
|
|
let
|
|
|
|
browser =
|
|
|
|
if config.browserType == "chrome" then
|
|
|
|
''${chromiumBin} "$@"''
|
|
|
|
else if config.browserType == "google" then
|
|
|
|
''${chromeBin} "$@"''
|
|
|
|
else
|
|
|
|
''${firefoxBin} "$@"'';
|
|
|
|
in
|
|
|
|
createBrowser name config.user browser config.home config.homeBackup);
|
|
|
|
xclipBrowser = [
|
|
|
|
(pkgs.writeShellScriptBin "copy-to-xclip" # sh
|
|
|
|
''
|
|
|
|
echo "$*" | ${pkgs.xclip}/bin/xclip
|
|
|
|
'')
|
|
|
|
];
|
|
|
|
in
|
|
|
|
allBrowser ++ xclipBrowser;
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2023-11-06 10:50:00 +01:00
|
|
|
#createBackupScript = name: home: backupHome:
|
|
|
|
# pkgs.writeShellScriptBin "${name}-backup" # sh
|
|
|
|
# ''
|
|
|
|
# sudo -u ${name} \
|
|
|
|
# ${tarBin} \
|
|
|
|
# --exclude=.cache \
|
|
|
|
# --exclude=.config/chromium/Default/Service\ Worker/CacheStorage \
|
|
|
|
# --exclude=.config/chromium/Default/IndexedDB \
|
|
|
|
# --exclude=".mozilla/firefox/[a-zA-Z0-9]+.default/storage" \
|
|
|
|
# --exclude=Downloads \
|
|
|
|
# --create \
|
|
|
|
# --verbos \
|
|
|
|
# --lzma \
|
|
|
|
# --file ${home}.tar.lzma \
|
|
|
|
# --directory ${home} \
|
|
|
|
# .
|
|
|
|
# cp ${home}.tar.lzma ${backupHome}.tar.lzma
|
|
|
|
# '';
|
|
|
|
|
2019-10-24 02:20:38 +02:00
|
|
|
createBackupScript = name: home: backupHome:
|
2023-11-06 10:50:00 +01:00
|
|
|
createBackupScriptTemplate {
|
|
|
|
sudo = name;
|
|
|
|
name = name;
|
|
|
|
source = home;
|
|
|
|
target = backupHome;
|
|
|
|
arguments = [
|
|
|
|
"--exclude=Downloads"
|
|
|
|
"--exclude=.cache"
|
2023-11-06 10:57:28 +01:00
|
|
|
"--exclude=\".config/*chrom*/*cache\""
|
|
|
|
"--exclude=\".config/*chrom*/Crash Reports\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/DawnCache\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/IndexedDB\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/Local Storage\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/Service Worker/CacheStorage\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/Storage\""
|
|
|
|
"--exclude=\".config/*chrom*/Default/optimization_guide_prediction_model_downloads\""
|
2023-11-06 10:50:00 +01:00
|
|
|
"--exclude=\".mozilla/firefox/*.default/sessionstore-backups\""
|
|
|
|
"--exclude=\".mozilla/firefox/*.default/storage\""
|
2023-11-06 10:57:28 +01:00
|
|
|
"--exclude=\".mozilla/firefox/*.default/storage-sync-v2.sqlite\""
|
2023-11-06 10:50:00 +01:00
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
createBackupScriptTemplate = { sudo, name, source, target, arguments ? [ ] }:
|
|
|
|
pkgs.writers.writeBashBin "${name}-backup"
|
2021-11-01 09:20:42 +01:00
|
|
|
''
|
2023-11-06 10:50:00 +01:00
|
|
|
sudo -u ${sudo} \
|
|
|
|
${tarBin} \
|
|
|
|
${concatStringsSep " " arguments} \
|
|
|
|
--create \
|
|
|
|
--verbos \
|
|
|
|
--lzma \
|
|
|
|
--file ${source}.tar.lzma \
|
|
|
|
--directory ${source} \
|
|
|
|
.
|
|
|
|
|
|
|
|
cp ${source}.tar.lzma ${target}.tar.lzma
|
2021-11-01 09:20:42 +01:00
|
|
|
'';
|
|
|
|
|
2023-11-06 10:50:00 +01:00
|
|
|
# todo_this_is_how_I_want_to_use_tar = tar {
|
|
|
|
# sudo = "jobrad";
|
|
|
|
# # true => tar --directory ${source} .
|
|
|
|
# # false => tar $source
|
|
|
|
# strip_path = true;
|
|
|
|
# source = "/browser/jobrad";
|
|
|
|
# target = "/browser/jobrad.tar.lzma";
|
|
|
|
# lzma = true;
|
|
|
|
# # also possble this is a string
|
|
|
|
# exclude = [
|
|
|
|
# ".cache"
|
|
|
|
# ".config"
|
|
|
|
# ];
|
|
|
|
# exclude-backup = true;
|
|
|
|
# exclude-cache-all = true;
|
|
|
|
# extraArgs = {
|
|
|
|
# # key = string or key = list
|
|
|
|
# };
|
|
|
|
# };
|
|
|
|
|
|
|
|
allExcludes =
|
|
|
|
let
|
|
|
|
excludes = {
|
|
|
|
works = [
|
|
|
|
"--exclude=Downloads"
|
|
|
|
"--exclude=.cache"
|
|
|
|
"--exclude=.config/chromium/Default/IndexedDB"
|
|
|
|
"--exclude=.config/chromium/Default/Service\ Worker/CacheStorage"
|
|
|
|
"--exclude=.config/google-chrome/Crash\ Reports"
|
|
|
|
"--exclude=.config/google-chrome/Default/DawnCache"
|
|
|
|
"--exclude=.config/google-chrome/Default/Local\ Storage"
|
|
|
|
"--exclude=.config/google-chrome/Default/Storage"
|
|
|
|
"--exclude=.config/google-chrome/Default/optimization_guide_prediction_model_downloads"
|
|
|
|
"--exclude=.mozilla/firefox/*.default/sessionstore-backups"
|
|
|
|
"--exclude=.mozilla/firefox/*.default/storage"
|
|
|
|
"--exclude=.mozilla/firefox/*.default/storage-sync-v2.sqlite"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
allScripts = mapAttrs
|
|
|
|
(name: exclude:
|
|
|
|
createBackupScriptTemplate {
|
|
|
|
sudo = "jobrad";
|
|
|
|
name = name;
|
|
|
|
source = "/browsers/jobrad";
|
|
|
|
target = "/browsers/jobrad-${name}";
|
|
|
|
arguments = exclude;
|
|
|
|
})
|
|
|
|
excludes;
|
|
|
|
in
|
|
|
|
pkgs.writers.writeBashBin "test-tar"
|
|
|
|
(concatStringsSep "\n" (builtins.attrValues allScripts));
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
allBackupScripts =
|
|
|
|
let
|
|
|
|
filteredConfigs =
|
|
|
|
filterAttrs (name: browserConfig: browserConfig.homeBackup != null)
|
|
|
|
cfg.configList;
|
|
|
|
in
|
|
|
|
mapAttrsToList
|
|
|
|
(name: browserConfig:
|
|
|
|
createBackupScript name browserConfig.home browserConfig.homeBackup)
|
|
|
|
filteredConfigs;
|
|
|
|
|
|
|
|
allCleanScripts =
|
|
|
|
let
|
|
|
|
filteredConfigs =
|
|
|
|
filterAttrs (name: browserConfig: browserConfig.homeBackup != null)
|
|
|
|
cfg.configList;
|
|
|
|
in
|
|
|
|
mapAttrsToList
|
|
|
|
(name: browserConfig:
|
|
|
|
cleanBrowser name name browserConfig.home browserConfig.homeBackup)
|
|
|
|
filteredConfigs;
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2020-10-12 23:05:15 +02:00
|
|
|
allKillScripts = mapAttrsToList (name: _: killBrowser name) cfg.configList;
|
|
|
|
|
2019-10-24 02:20:38 +02:00
|
|
|
# browser chooser
|
|
|
|
# ---------------
|
2019-12-20 05:54:26 +01:00
|
|
|
browserSelect = pkgs.writeScriptBin "browser-select" ''
|
2019-10-24 02:20:38 +02:00
|
|
|
# select a browser using dmenu
|
|
|
|
# ----------------------------
|
2019-12-20 05:54:26 +01:00
|
|
|
BROWSER=$( echo -e "${
|
|
|
|
lib.concatMapStringsSep "\\n" (bin: bin.name) browserExecutableList
|
|
|
|
}" \
|
2019-10-24 02:20:38 +02:00
|
|
|
| ${pkgs.rofi}/bin/rofi -dmenu )
|
|
|
|
|
|
|
|
# start selected browser
|
|
|
|
# ----------------------
|
|
|
|
case $BROWSER in
|
2019-12-20 05:54:26 +01:00
|
|
|
${lib.concatStringsSep "\n" (flip map browserExecutableList
|
|
|
|
(bin: "${bin.name}) export BIN=${bin}/bin/${bin.name} ;;"))}
|
2022-10-21 08:38:19 +02:00
|
|
|
*) exit 0 ;;
|
2019-10-24 02:20:38 +02:00
|
|
|
esac
|
|
|
|
$BIN "$@"
|
|
|
|
'';
|
|
|
|
|
2021-11-01 09:20:42 +01:00
|
|
|
in
|
|
|
|
{
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
options.programs.custom.browser = {
|
|
|
|
enable = mkEnableOption "enable browsers";
|
2023-07-01 00:20:03 +02:00
|
|
|
# todo : it's not a list
|
2019-10-24 02:20:38 +02:00
|
|
|
configList = mkOption {
|
2023-07-01 00:20:03 +02:00
|
|
|
default = { };
|
2019-12-20 05:54:26 +01:00
|
|
|
type = with types;
|
|
|
|
attrsOf (submodule ({ name, ... }: {
|
|
|
|
options = {
|
|
|
|
browserType = mkOption {
|
|
|
|
type = with types; enum [ "firefox" "chrome" "google" ];
|
|
|
|
default = "chrome";
|
|
|
|
description = ''
|
|
|
|
the type of browser which is simulated
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
home = mkOption {
|
|
|
|
type = with types; str;
|
|
|
|
description = ''
|
|
|
|
Home of the browser.
|
|
|
|
'';
|
|
|
|
};
|
2021-05-15 11:27:05 +02:00
|
|
|
gpu = mkOption {
|
|
|
|
type = with types; bool;
|
|
|
|
default = true;
|
|
|
|
description = ''
|
|
|
|
add browser user to video group so give browser rights to use gpu.
|
|
|
|
see : chrome://gpu/
|
|
|
|
'';
|
|
|
|
};
|
2019-12-20 05:54:26 +01:00
|
|
|
user = mkOption {
|
|
|
|
default = name;
|
|
|
|
type = with types; str;
|
|
|
|
description = ''
|
|
|
|
user to run the browser as
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
sudoUsers = mkOption {
|
|
|
|
default = [ config.users.users.mainUser.name ];
|
|
|
|
type = with types; listOf str;
|
|
|
|
description = ''
|
|
|
|
user allowed to run sudo without password to start the browser
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
homeBackup = mkOption {
|
|
|
|
type = with types; nullOr str;
|
|
|
|
default = null;
|
|
|
|
example = "~/.my-browser-backup";
|
|
|
|
description = ''
|
|
|
|
backup of the home, which gets rolled out if the
|
|
|
|
home does not exists. usefull for homes in tmpfs.
|
|
|
|
dont use file endings!
|
|
|
|
'';
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
2019-12-20 05:54:26 +01:00
|
|
|
}));
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
|
|
|
|
# add sudo rights
|
2021-11-01 09:20:42 +01:00
|
|
|
security.sudo.extraConfig =
|
|
|
|
let
|
|
|
|
extraRules = flip mapAttrsToList cfg.configList (name: values:
|
|
|
|
concatStringsSep "" (map
|
|
|
|
(sudoUser: ''
|
|
|
|
# sudo configuration to control browser
|
|
|
|
${sudoUser} ALL=(${values.user}) NOPASSWD: ALL
|
|
|
|
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/mkdir -p ${values.home}
|
|
|
|
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/chown -R ${values.user}\:users ${values.home}
|
|
|
|
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/killall -9 -u ${name}
|
|
|
|
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -rf ${values.home}
|
|
|
|
${sudoUser} ALL=(root) NOPASSWD: /run/current-system/sw/bin/rm -f ${values.home}-lock
|
|
|
|
'')
|
|
|
|
values.sudoUsers));
|
|
|
|
in
|
|
|
|
lib.concatStringsSep "\n" extraRules;
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
# create users
|
2023-06-01 14:02:57 +02:00
|
|
|
users.users = flip mapAttrs cfg.configList
|
|
|
|
(name: config: {
|
|
|
|
home = config.home;
|
2023-07-02 21:25:49 +02:00
|
|
|
createHome = false;
|
2023-11-06 10:50:00 +01:00
|
|
|
initialPassword = "${name} -browser";
|
2023-06-01 14:02:57 +02:00
|
|
|
shell = pkgs.bashInteractive;
|
2023-07-02 20:56:42 +02:00
|
|
|
isNormalUser = false;
|
|
|
|
isSystemUser = true;
|
2023-06-01 14:02:57 +02:00
|
|
|
group = "users";
|
|
|
|
# enable video usage
|
|
|
|
extraGroups = [ "audio" "pipewire" ] ++ (if config.gpu then [ "video" ] else [ ]);
|
|
|
|
}) // {
|
|
|
|
# add groups to mainUser
|
|
|
|
mainUser.extraGroups = builtins.attrNames cfg.configList;
|
|
|
|
};
|
2019-10-24 02:20:38 +02:00
|
|
|
|
2023-11-06 10:50:00 +01:00
|
|
|
environment.systemPackages = [
|
|
|
|
browserSelect
|
|
|
|
(desktopFile browserSelect)
|
|
|
|
# allExcludes
|
|
|
|
]
|
|
|
|
++ browserExecutableList
|
|
|
|
++ (map (bin: desktopFile bin) browserExecutableList) ++ allBackupScripts
|
|
|
|
++ allCleanScripts ++ allKillScripts;
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
};
|
|
|
|
}
|
2023-11-06 10:50:00 +01:00
|
|
|
|