From 131d0cc1a54e0c52f2f0abcec7f05b45b0e50555 Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Sun, 3 Jan 2021 16:28:35 +0100 Subject: [PATCH] Add options for unfree software and assets --- machines/nunotaba/configuration.nix | 1 + machines/sayuri/configuration.nix | 1 + modules/default.nix | 10 +-------- modules/unfree.nix | 33 +++++++++++++++++++++++++++++ users/simon/default.nix | 13 ++++++++++++ 5 files changed, 49 insertions(+), 9 deletions(-) create mode 100644 modules/unfree.nix diff --git a/machines/nunotaba/configuration.nix b/machines/nunotaba/configuration.nix index f6c309d..f658fac 100644 --- a/machines/nunotaba/configuration.nix +++ b/machines/nunotaba/configuration.nix @@ -15,6 +15,7 @@ media-proxy.enable = true; restic.enable = true; ssd.enable = true; + unfree.allowSoftware = true; wireguard.home = { enable = true; address = "10.80.0.4"; diff --git a/machines/sayuri/configuration.nix b/machines/sayuri/configuration.nix index 17a57a9..237c146 100644 --- a/machines/sayuri/configuration.nix +++ b/machines/sayuri/configuration.nix @@ -20,6 +20,7 @@ ]; }; ssd.enable = true; + unfree.allowSoftware = true; wireguard.home = { enable = true; address = "10.80.0.5"; diff --git a/modules/default.nix b/modules/default.nix index b6476f0..875be04 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -30,6 +30,7 @@ ./ssh.nix ./tools.nix ./udev.nix + ./unfree.nix ./wireguard ]; @@ -97,15 +98,6 @@ systemd.services.nix-daemon.serviceConfig.CPUSchedulingPolicy = "batch"; nixpkgs.config = { - # Explicitly allow unfree packages (rule of thumb: assets ok, code not ok) - allowUnfreePredicate = ( - pkg: builtins.elem (lib.getName pkg) [ - "corefonts" - "vista-fonts" - "wallpaper-unfree" # defined in users/simon/modules/sway.nix - "p7zip" # exception: rar source code is not free, but available; p7zip with `enableUnfree` includes it - ] - ); # Add unstable channel packageOverrides = pkgs: { unstable = import (import ../nix/sources.nix).nixpkgs-unstable { diff --git a/modules/unfree.nix b/modules/unfree.nix new file mode 100644 index 0000000..3a80290 --- /dev/null +++ b/modules/unfree.nix @@ -0,0 +1,33 @@ +{ config, lib, ... }: +let + cfg = config.sbruder.unfree; +in +{ + # Options that affect multiple modules + options.sbruder = { + unfree = { + allowAssets = lib.mkOption { + default = true; + type = lib.types.bool; + description = "Allow restricted selection of unfree assets to be installed."; + }; + allowSoftware = lib.mkOption { + default = false; + type = lib.types.bool; + description = "Allow restricted selection of unfree software to be installed."; + }; + }; + }; + + config = { + nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (lib.getName pkg) ( + lib.optionals cfg.allowAssets [ + "corefonts" + "vista-fonts" + "wallpaper-unfree" # defined in users/simon/modules/sway.nix + ] ++ lib.optionals cfg.allowSoftware [ + "p7zip" # exception: rar source code is not free, but available; p7zip with `enableUnfree` includes it + ] + )); + }; +} diff --git a/users/simon/default.nix b/users/simon/default.nix index 9f9769f..309eed7 100644 --- a/users/simon/default.nix +++ b/users/simon/default.nix @@ -24,12 +24,25 @@ home-manager.useGlobalPkgs = true; home-manager.users.simon = { lib, pkgs, ... }: { + # FIXME: those options are duplicates from the system configuration options.sbruder = { gui.enable = lib.mkOption { type = lib.types.bool; default = config.sbruder.gui.enable; description = "Whether to enable gui"; }; + unfree = { + allowAssets = lib.mkOption { + default = config.sbruder.unfree.allowAssets; + type = lib.types.bool; + description = "Allow restricted selection of unfree assets to be installed."; + }; + allowSoftware = lib.mkOption { + default = config.sbruder.unfree.allowSoftware; + type = lib.types.bool; + description = "Allow restricted selection of unfree software to be installed."; + }; + }; }; imports = [ ./modules ];