system/desktop
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
desktop/packages.nix
root 120dbdbc64
initial commit
2025-12-22 16:46:52 -03:00

210 lines
4.2 KiB
Nix
Raw Blame History

{ pkgs, lib, ... }:
{
environment.systemPackages = with pkgs; [
bat
black
blade-formatter
cmake
cifs-utils
coreutils
bluetuith
bluez
bluez-tools
cargo
claude-code
clevis
cliphist
dunst
eza
fd
ffmpeg
fira-code-symbols
fish
freetube
fuzzel
fzf
git
gh
ghostty
gopass
gopass-jsonapi
gopls
hyprpicker
htmx-lsp
imagemagick
inkscape
pavucontrol
pciutils
poppler
jetbrains.datagrip
jq
lazygit
lf
libreoffice
libvirt
linux-firmware
lua-language-server
luarocks
lutris
mpv
nerd-fonts.monaspace
neovim
niri
nixd
nixfmt-rfc-style
(wrapOBS {
plugins = with obs-studio-plugins; [
wlrobs
obs-pipewire-audio-capture
];
})
php
php84Packages.composer
php84Packages.php-cs-fixer
phpactor
podman-compose
podman-tui
prettierd
playerctl
qemu_full
qmk
resvg
ripgrep
rust-analyzer
sshfs
starship
stow
stylua
sops
superhtml
swayimg
texlab
texlive.combined.scheme-full
tmux
thunderbird
tor-browser
unzip
virt-manager
virt-viewer
vscode-langservers-extracted
wineWow64Packages.waylandFull
winetricks
wl-clipboard
xdg-user-dirs
xwayland-satellite
yazi
zathura
zig_0_15
zls_0_15
zoxide
];
hardware.keyboard.qmk.enable = true;
programs = {
fish.enable = true;
virt-manager.enable = true;
direnv.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
nix-ld.enable = true;
niri.enable = true;
dconf.enable = true;
};
virtualisation.containers.enable = true;
virtualisation.podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
virtualisation.spiceUSBRedirection.enable = true;
virtualisation.libvirtd = {
enable = true;
extraConfig = ''
user="user"
'';
onBoot = "ignore";
onShutdown = "shutdown";
qemu = {
package = pkgs.qemu_full;
verbatimConfig = ''
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom", "/dev/ptmx",
"/dev/kvm", "/dev/kvmfr0"
]
'';
runAsRoot = false;
};
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
};
programs.firejail = {
enable = true;
wrappedBinaries = {
chromium = {
executable = "${pkgs.chromium}/bin/chromium";
profile = "${pkgs.firejail}/etc/firejail/chromium.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
"--netns=wg0ns"
"--dns=1.1.1.1"
];
};
mpv = {
executable = "${lib.getBin pkgs.mpv}/bin/mpv";
profile = "${pkgs.firejail}/etc/firejail/mpv.profile";
};
claude = {
executable = "${pkgs.claude-code}/bin/claude";
# profile = "${pkgs.firejail}/etc/firejail/nodejs-common.profile";
extraArgs = [
"--netns=wg0ns"
"--dns=1.1.1.1"
"--whitelist=~/.cargo"
"--whitelist=$${HOME}/.claude"
"--whitelist=$${HOME}/.config/claude-code"
"--whitelist=$${HOME}/dev"
"--whitelist=$${HOME}/work"
"--whitelist=/tmp"
"--read-only=/nix"
"--caps.drop=all"
"--ipc-namespace"
"--seccomp"
"--seccomp.block-secondary"
"--nodvd"
"--nogroups"
"--notv"
"--nou2f"
"--protocol=unix,inet,inet6,netlink"
];
};
tor-browser = {
executable = "${pkgs.tor-browser}/bin/tor-browser";
profile = "${pkgs.firejail}/etc/firejail/tor-browser-en-us.profile";
extraArgs = [
"--netns=wg0ns"
"--dns=1.1.1.1"
];
};
freetube = {
executable = "${pkgs.freetube}/bin/freetube";
profile = "${pkgs.firejail}/etc/firejail/freetube.profile";
extraArgs = [
"--netns=wg0ns"
"--dns=1.1.1.1"
];
};
};
};
}
Reference in a new issue View git blame Copy permalink