mirror of
https://github.com/nix-community/home-manager.git
synced 2025-12-01 06:31:04 +01:00
09280e17bb
When `readOnly` is set to `true` the autostart entries are linked from a readonly directory in the nix store and `XDG_CONFIG_HOME/autostart` is a link to that directory, so that programs cannot install arbitrary autostart services.
49 lines
1.3 KiB
Nix
49 lines
1.3 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
inherit (builtins) baseNameOf listToAttrs map unsafeDiscardStringContext;
|
|
inherit (lib) literalExpression mkEnableOption mkIf mkOption types;
|
|
|
|
cfg = config.xdg.autostart;
|
|
|
|
linkedDesktopEntries = pkgs.runCommandNoCCLocal "xdg-autostart-entries" { } ''
|
|
mkdir -p $out
|
|
${lib.concatMapStringsSep "\n" (e: "ln -s ${e} $out") cfg.entries}
|
|
'';
|
|
|
|
in {
|
|
meta.maintainers = with lib.maintainers; [ Scrumplex ];
|
|
|
|
options.xdg.autostart = {
|
|
enable = mkEnableOption "creation of XDG autostart entries";
|
|
|
|
readOnly = mkOption {
|
|
type = lib.types.bool;
|
|
description = ''
|
|
Make `XDG_CONFIG_HOME/autostart` a symlink to a readonly directory so that
|
|
programs cannot install arbitrary autostart services.
|
|
'';
|
|
default = false;
|
|
example = true;
|
|
};
|
|
|
|
entries = mkOption {
|
|
type = with types; listOf path;
|
|
description = ''
|
|
Paths to desktop files that should be linked to `XDG_CONFIG_HOME/autostart`
|
|
'';
|
|
default = [ ];
|
|
example = literalExpression ''
|
|
[
|
|
"''${pkgs.evolution}/share/applications/org.gnome.Evolution.desktop"
|
|
]
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = mkIf (cfg.enable && cfg.entries != [ ]) {
|
|
xdg.configFile.autostart = {
|
|
source = linkedDesktopEntries;
|
|
recursive = !cfg.readOnly;
|
|
};
|
|
};
|
|
}
|