Xory/dots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: reintroduce firejail

Browse source
This commit is contained in:
Xory 2026-01-03 23:49:19 +02:00
parent c00ca43565
commit a67898ceab
1 changed files with 56 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

57
configuration.nix
View file

@ -88,7 +88,62 @@
];
# Firejail
# TODO: add this back
programs.firejail = {
enable = true;
wrappedBinaries = {
vesktop = {
executable = "${pkgs.vesktop}/bin/vesktop";
profile = "${pkgs.firejail}/etc/firejail/vesktop.profile";
extraArgs = [
"--ignore=dbus-system"
"--ignore=nodbus"
"--dbus-user.talk=org.freedesktop.Notifications"
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
"--dbus-user.talk=org.freedesktop.portal.Desktop"
"--dbus-user.talk=org.freedesktop.portal.ScreenCast"
"--dbus-user.talk=org.freedesktop.portal.Documents"
"--noblacklist=/run/user/[0-9]*/discord-ipc-*"
"--whitelist=/run/user/[0-9]*/discord-ipc-*"
"--env=GTK_THEME=Adwaita:dark"
"--noblacklist=~/Pictures"
"--noblacklist=~/Documents"
"--whitelist=~/Pictures"
"--whitelist=~/Documents"
];
};
firefox = {
executable = "${pkgs.firefox}/bin/firefox";
profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
];
};
signal-desktop-bin = {
executable = "${pkgs.signal-desktop-bin}/bin/signal-desktop";
profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
"--noblacklist=~/Pictures"
"--noblacklist=~/Documents"
"--whitelist=~/Pictures"
"--whitelist=~/Documents"
"--dbus-user.talk=org.freedesktop.Notifications"
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
];
};
obsidian = {
executable = "${pkgs.obsidian}/bin/obsidian";
profile = "${pkgs.firejail}/etc/firejail/obsidian.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
];
};
};
};
# Enable the KDE Plasma Desktop Environment.
# I keep this enabled even if I main Hyprland because of QT.