Andromeda/conf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

split out phoenix overlay

Browse Source
This commit is contained in:
andromeda
2026-01-25 15:44:32 +01:00
parent e1c510fc64
commit 2386fea0eb
5 changed files with 64 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
flake.lock generated
View File

@@ -737,26 +737,6 @@
"type": "github"
}
},
"phoenix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1769035606,
"narHash": "sha256-I9pKhfhAz3JsGBLIqr9MNycTEQn0Bc3jzf0mKeWLlsE=",
"owner": "celenityy",
"repo": "Phoenix",
"rev": "07d9be8cbf938962f9847b0970274b885ff48792",
"type": "github"
},
"original": {
"owner": "celenityy",
"repo": "Phoenix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
@@ -770,7 +750,6 @@
"noshell": "noshell",
"nur": "nur",
"nvf": "nvf",
"phoenix": "phoenix",
"stylix": "stylix"
}
},

7
flake.nix
View File

@@ -38,10 +38,6 @@
url = "github:notashelf/nvf";
inputs.nixpkgs.follows = "nixpkgs";
};
phoenix = {
url = "github:celenityy/Phoenix";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix = {
url = "github:nix-community/stylix";
inputs.nixpkgs.follows = "nixpkgs";
@@ -59,11 +55,9 @@
noshell,
nur,
nvf,
phoenix,
stylix,
...
}: let
phoenix' = (import ./modules/nixos/phoenix.nix) {inherit phoenix;};
nix-zulip' = (import "${nix-zulip}/nix/default.nix" {}).output;
machines = import ./machines.nix;
configuration = machine: modules:
@@ -81,7 +75,6 @@
impermanence.nixosModules.impermanence
nixos-mailserver.nixosModule
noshell.nixosModules.default
phoenix'.phoenixModule
nix-zulip'.nixosModules.zulip
{
nixpkgs.overlays = [

1
machines.nix
View File

@@ -30,6 +30,7 @@
# apps
./modules/nixos/steam.nix
./modules/nixos/phoenix.nix
# substitutors
./substitutors.nix

100
modules/nixos/phoenix.nix
View File

@@ -1,61 +1,45 @@
{phoenix, ...}: rec {
phoenixOverlay = final: prev: {
phoenix = (final.callPackage (import "${phoenix}/nix/package.nix")
{
}).overrideAttrs {
patches = [
../../patches/0001-autoDisableScopes-unlocked.patch
{
pkgs,
config,
lib,
...
}: {
options.programs.firefox.phoenix = {
enable =
lib.mkEnableOption "Enable privacy & security hardening of Firefox using the Phoenix configs"
// {
default = true;
};
firefoxPackages = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["firefox"];
description = "The name of Firefox packages of current pkgs to patch with phoenix config and policy.";
};
};
config = let
cfg = config.programs.firefox.phoenix;
in
lib.mkIf cfg.enable {
assertions = [
{
assertion = !pkgs.stdenv.isDarwin;
message = "Phoenix module has not been ported to nix-darwin yet. Contributions welcomed.";
}
];
environment.etc."firefox/defaults/pref/phoenix-desktop.js".source = "${pkgs.phoenix}/pref/phoenix-desktop.js";
environment.etc."firefox/phoenix/userjs".source = "${pkgs.phoenix}/userjs";
environment.etc."firefox/phoenix/configs".source = "${pkgs.phoenix}/configs";
environment.etc."firefox/phoenix/assets".source = "${pkgs.phoenix}/assets";
programs.firefox.policies =
(builtins.fromJSON (builtins.readFile "${pkgs.phoenix}/policies.json")).policies;
nixpkgs.overlays = [
(import ../../overlays/phoenix.nix)
(
final: prev:
builtins.listToAttrs (
map (p: lib.nameValuePair p (final.withPhoenix prev.${p})) cfg.firefoxPackages
)
)
];
};
withPhoenix = firefoxPackage:
firefoxPackage.override {
extraPoliciesFiles = ["${final.phoenix}/policies.json"];
extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"];
};
};
phoenixModule = {
pkgs,
config,
lib,
...
}: {
options.programs.firefox.phoenix = {
enable =
lib.mkEnableOption "Enable privacy & security hardening of Firefox using the Phoenix configs"
// {
default = true;
};
firefoxPackages = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["firefox"];
description = "The name of Firefox packages of current pkgs to patch with phoenix config and policy.";
};
};
config = let
cfg = config.programs.firefox.phoenix;
in
lib.mkIf cfg.enable {
assertions = [
{
assertion = !pkgs.stdenv.isDarwin;
message = "Phoenix module has not been ported to nix-darwin yet. Contributions welcomed.";
}
];
environment.etc."firefox/defaults/pref/phoenix-desktop.js".source = "${pkgs.phoenix}/pref/phoenix-desktop.js";
environment.etc."firefox/phoenix/userjs".source = "${pkgs.phoenix}/userjs";
environment.etc."firefox/phoenix/configs".source = "${pkgs.phoenix}/configs";
environment.etc."firefox/phoenix/assets".source = "${pkgs.phoenix}/assets";
programs.firefox.policies =
(builtins.fromJSON (builtins.readFile "${pkgs.phoenix}/policies.json")).policies;
nixpkgs.overlays = [
phoenixOverlay
(
final: prev:
builtins.listToAttrs (
map (p: lib.nameValuePair p (final.withPhoenix prev.${p})) cfg.firefoxPackages
)
)
];
};
};
}

21
overlays/phoenix.nix Normal file
View File

@@ -0,0 +1,21 @@
final: prev: let
phoenix-src = prev.fetchFromGitHub {
owner = "celenityy";
repo = "Phoenix";
rev = "07d9be8cbf938962f9847b0970274b885ff48792";
hash = "sha256-I9pKhfhAz3JsGBLIqr9MNycTEQn0Bc3jzf0mKeWLlsE=";
};
in {
phoenix = (final.callPackage (import "${phoenix-src}/nix/package.nix")
{
}).overrideAttrs {
patches = [
../patches/0001-autoDisableScopes-unlocked.patch
];
};
withPhoenix = firefoxPackage:
firefoxPackage.override {
extraPoliciesFiles = ["${final.phoenix}/policies.json"];
extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"];
};
}