32 lines
1.1 KiB
Nix
32 lines
1.1 KiB
Nix
{ lib, nixosConfig, pkgs, ... }:
|
|
let
|
|
# TODO: Do not hardcode /dev/{sr0,sg3} (right paths on fuuko)
|
|
makemkv-sandbox = pkgs.writeShellScriptBin "makemkv-sandbox" /* bash */ ''
|
|
set -euo pipefail
|
|
mkdir -p $HOME/.MakeMKV
|
|
${pkgs.bubblewrap}/bin/bwrap \
|
|
--tmpfs /tmp \
|
|
--proc /proc \
|
|
--dev /dev \
|
|
--unshare-all \
|
|
--share-net \
|
|
--die-with-parent \
|
|
--ro-bind /nix/store /nix/store \
|
|
--ro-bind /sys/devices/pci0000:00 /sys/devices/pci0000:00 \
|
|
--ro-bind $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY $XDG_RUNTIME_DIR/$WAYLAND_DISPLAY \
|
|
--new-session \
|
|
--bind $HOME/.MakeMKV $HOME/.MakeMKV \
|
|
--dev-bind-try /dev/sr0 /dev/sr0 \
|
|
--dev-bind-try /dev/sg3 /dev/sg3 \
|
|
--dev-bind-try /sys/bus/scsi /sys/bus/scsi \
|
|
--bind ''${PWD_TARGET:-$PWD} ''${PWD_TARGET:-$PWD} \
|
|
${pkgs.unstable.makemkv}/bin/makemkv
|
|
'';
|
|
in
|
|
lib.mkIf ((nixosConfig.sbruder.gui.enable || nixosConfig.networking.hostName == "fuuko") && nixosConfig.sbruder.unfree.allowSoftware) {
|
|
home.packages = with pkgs; [
|
|
makemkv-sandbox
|
|
waypipe
|
|
];
|
|
}
|