diff options
Diffstat (limited to '')
| -rw-r--r-- | modules/by-name/au/ausweisapp/module.nix | 18 | ||||
| -rw-r--r-- | modules/by-name/bo/boot/module.nix | 48 | ||||
| -rw-r--r-- | modules/by-name/lf/lf/keybindings/default.nix | 10 | ||||
| -rw-r--r-- | pkgs/by-name/ta/tails-iso/package.nix (renamed from modules/by-name/bo/boot/tails_iso.nix) | 42 |
4 files changed, 87 insertions, 31 deletions
diff --git a/modules/by-name/au/ausweisapp/module.nix b/modules/by-name/au/ausweisapp/module.nix new file mode 100644 index 00000000..3a89db9d --- /dev/null +++ b/modules/by-name/au/ausweisapp/module.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + libraries, + ... +}: let + cfg = config.soispha.programs.ausweisapp; +in { + options.soispha.programs.ausweisapp = { + enable = libraries.base.options.mkEnable "AusweisApp"; + }; + + config = lib.mkIf cfg.enable { + soispha.impermanence.userDirectories = [ + ".config/AusweisApp" + ]; + }; +} diff --git a/modules/by-name/bo/boot/module.nix b/modules/by-name/bo/boot/module.nix index 6a0c0cf7..b8c90d89 100644 --- a/modules/by-name/bo/boot/module.nix +++ b/modules/by-name/bo/boot/module.nix @@ -20,6 +20,36 @@ cfg = config.soispha.boot; tailsPrefix = "EFI/tails"; + iso = pkgs.tails-iso; + + iso_options = [ + "initrd=/${tailsPrefix}/initrd.img" + "boot=live" + "config" + "live-media=removable" + "nopersistence" + "noprompt" + "timezone=Etc/UTC" + "splash" + "noautologin" + "module=Tails" + "slab_nomerge" + "slub_debug=FZ" + "mce=0" + "vsyscall=none" + "init_on_free=1" + "mds=full,nosmt" + "page_alloc.shuffle=1" + "randomize_kstack_offset=on" + "efi_pstore.pstore_disable=1" + "erst_disable" + "spec_store_bypass_disable=on" + "systemd.condition_needs_update=no" + "quiet" + + "rootflags=loop" + "root=/${tailsPrefix}/filesystem.squashfs" + ]; in { options.soispha.boot = { enable = lib.mkEnableOption "Bootloader configuration"; @@ -133,19 +163,17 @@ in { extraEntries = { "live.conf" = '' - title Tails Live ISO - linux /${tailsPrefix}/vmlinuz-linux - initrd /${tailsPrefix}/initramfs-linux.img - options root=/${tailsPrefix}/tails.iso + title Tails ${iso.passthru.version} Live ISO + linux /${tailsPrefix}/vmlinuz + initrd /${tailsPrefix}/initrd.img + options ${builtins.concatStringsSep " " iso_options} ''; }; - extraFiles = let - iso = import ./tails_iso.nix {inherit pkgs;}; - in { - "/${tailsPrefix}/tails.iso" = "${iso}/tails.iso"; - "/${tailsPrefix}/vmlinuz-linux" = "${iso}/live/vmlinuz-linux"; - "/${tailsPrefix}/initramfs-linux.img" = "${iso}/live/initramfs-linux.img"; + extraFiles = { + "/${tailsPrefix}/filesystem.squashfs" = "${iso}/live/filesystem.squashfs"; + "/${tailsPrefix}/vmlinuz" = "${iso}/live/vmlinuz"; + "/${tailsPrefix}/initrd.img" = "${iso}/live/initrd.img"; }; }; diff --git a/modules/by-name/lf/lf/keybindings/default.nix b/modules/by-name/lf/lf/keybindings/default.nix index 5d8ad78f..b6b7a548 100644 --- a/modules/by-name/lf/lf/keybindings/default.nix +++ b/modules/by-name/lf/lf/keybindings/default.nix @@ -87,11 +87,11 @@ U = "unselect"; # Movement - Gu = "cd /run/user/${builtins.toString uid}"; - Ge = "cd /etc"; - Gd = "cd ${downloadDir}"; - Gt = "cd /tmp"; - Gh = "cd_project_root"; + nu = "cd /run/user/${builtins.toString uid}"; + ne = "cd /etc"; + nd = "cd ${downloadDir}"; + nt = "cd /tmp"; + nh = "cd_project_root"; g = "cd_lf_make_map"; } diff --git a/modules/by-name/bo/boot/tails_iso.nix b/pkgs/by-name/ta/tails-iso/package.nix index ec2b740b..d790befd 100644 --- a/modules/by-name/bo/boot/tails_iso.nix +++ b/pkgs/by-name/ta/tails-iso/package.nix @@ -7,21 +7,28 @@ # # You should have received a copy of the License along with this program. # If not, see <https://www.gnu.org/licenses/gpl-3.0.txt>. -{pkgs ? (builtins.getFlake "nixpkgs").legacyPackages."x86_64-linux"}: let - checked_iso = pkgs.stdenv.mkDerivation (finalAttrs: { +{ + stdenv, + fetchurl, + sequoia-sq, + libarchive, # for bsdtar +}: let + version = "7.8.1"; + + checked_iso = stdenv.mkDerivation (finalAttrs: { pname = "tails-iso"; - version = "amd64-7.8"; + version = "amd64-${version}"; srcs = [ - (pkgs.fetchurl { + (fetchurl { url = "https://tails.net/torrents/files/tails-${finalAttrs.version}.iso.sig"; - hash = "sha256-58vDQdXQYYqeVUHzupmDPtVVpSrxtT25+gwHe2OfvkA="; + hash = "sha256-DQm+EHe0KllmzLQzGU61cqaRDNjhU3KUCtDzHKDwWck="; }) - (pkgs.fetchurl { + (fetchurl { url = "https://download.tails.net/tails/stable/tails-${finalAttrs.version}/tails-${finalAttrs.version}.iso"; - hash = "sha256-ewLHQ+3iI3aHgvKdBgysQ9QAudQ7AM83WP+VdYFmxt0="; + hash = "sha256-Y4Sch1ZgWUODi9rxcXimVrFvicXPCN6SgLvINvJGcvw="; }) - (pkgs.fetchurl { + (fetchurl { url = "https://tails.net/tails-signing.key"; hash = "sha256-OwdqyM7o7K6F5Km0U1RU3hzsnaT+Yw0sjQk/thMeq1k="; }) @@ -30,7 +37,7 @@ dontUnpack = true; nativeBuildInputs = [ - pkgs.sequoia-sq + sequoia-sq ]; buildPhase = @@ -53,15 +60,15 @@ ''; }); in - pkgs.stdenv.mkDerivation { + stdenv.mkDerivation { name = "live_iso_boot_entry"; src = checked_iso; dontUnpack = true; - nativeBuildInputs = with pkgs; [ - libarchive # for bsdtar + nativeBuildInputs = [ + libarchive ]; buildPhase = '' @@ -69,10 +76,13 @@ in bsdtar -xf "$src" -C iso ''; - installPhase = '' - install -D ./iso/live/initrd.img "$out/live/initramfs-linux.img" - install -D ./iso/live/vmlinuz "$out/live/vmlinuz-linux" + passthru = { + inherit version; + }; - install -D "$src" "$out/tails.iso" + installPhase = '' + install -D ./iso/live/initrd.img "$out/live/initrd.img" + install -D ./iso/live/vmlinuz "$out/live/vmlinuz" + install -D ./iso/live/filesystem.squashfs "$out/live/filesystem.squashfs" ''; } |