34 lines
1.2 KiB
Nix
34 lines
1.2 KiB
Nix
{ lib, nixosConfig, pkgs, ... }:
|
|
let
|
|
# TODO: Do not hardcode /dev/{sr0,sg2} (right paths on sayuri)
|
|
makemkv-sandbox = pkgs.writeShellScriptBin "makemkv-sandbox" /* bash */ ''
|
|
set -euo pipefail
|
|
mkdir -p $HOME/.MakeMKV
|
|
${pkgs.bubblewrap}/bin/bwrap \
|
|
--tmpfs /tmp \
|
|
--proc /proc \
|
|
--dev /dev \
|
|
--unshare-all \
|
|
--die-with-parent \
|
|
--ro-bind /nix/store /nix/store \
|
|
--dev-bind /dev/dri /dev/dri \
|
|
--ro-bind /sys/dev/char /sys/dev/char \
|
|
--ro-bind /sys/devices/pci0000:00 /sys/devices/pci0000:00 \
|
|
--ro-bind $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY \
|
|
--ro-bind /run/opengl-driver /run/opengl-driver \
|
|
--ro-bind /etc/fonts /etc/fonts \
|
|
--new-session \
|
|
--bind $HOME/.MakeMKV $HOME/.MakeMKV \
|
|
--dev-bind-try /dev/sr0 /dev/sr0 \
|
|
--dev-bind-try /dev/sg2 /dev/sg2 \
|
|
--dev-bind-try /sys/bus/scsi /sys/bus/scsi \
|
|
--bind ''${PWD_TARGET:-$PWD} ''${PWD_TARGET:-$PWD} \
|
|
${pkgs.unstable.makemkv}/bin/makemkv
|
|
'';
|
|
in
|
|
lib.mkIf (nixosConfig.sbruder.gui.enable && nixosConfig.sbruder.unfree.allowSoftware) {
|
|
home.packages = [
|
|
makemkv-sandbox
|
|
];
|
|
}
|