sadorowo/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add NordVPN module instead of not working external flake

Browse Source
This commit is contained in:
Franek 2025-04-14 10:29:00 +02:00
parent fec6e4eb0f
commit d670e245e4
10 changed files with 158 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
flake.lock generated
View File

@ -829,22 +829,6 @@
} }
}, },
"nixpkgs_6": { "nixpkgs_6": {
"locked": {
"lastModified": 1742422364,
"narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1741513245, "lastModified": 1741513245,
"narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
@ -860,24 +844,6 @@
"type": "github" "type": "github"
} }
}, },
"nordvpn": {
"inputs": {
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1742098294,
"narHash": "sha256-kszMKykXU1oZIn8RSDuBwIa5hY5om2wdy32KYgYKzs8=",
"owner": "m-lourenco0",
"repo": "nordvpn-flake",
"rev": "72594cb60df19951ee726dcad24ef0a9c5d29fbc",
"type": "github"
},
"original": {
"owner": "m-lourenco0",
"repo": "nordvpn-flake",
"type": "github"
}
},
"nur": { "nur": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
@ -946,7 +912,6 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"hyprspace": "hyprspace", "hyprspace": "hyprspace",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_5",
"nordvpn": "nordvpn",
"stylix": "stylix" "stylix": "stylix"
} }
}, },
@ -1046,7 +1011,7 @@
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_6",
"nur": "nur", "nur": "nur",
"systems": "systems_2", "systems": "systems_2",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",

3
flake.nix
View File

@ -1,15 +1,14 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
stylix.url = "github:danth/stylix";
home-manager.url = "github:nix-community/home-manager/release-24.11"; home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
stylix.url = "github:danth/stylix";
apple-fonts.url = "github:Lyndeno/apple-fonts.nix"; apple-fonts.url = "github:Lyndeno/apple-fonts.nix";
apple-emoji.url = "github:oxcl/apple-emoji-nix"; apple-emoji.url = "github:oxcl/apple-emoji-nix";
nordvpn.url = "github:m-lourenco0/nordvpn-flake";
ags.url = "github:Aylur/ags"; ags.url = "github:Aylur/ags";
fingerprint-sensor.url = "github:ahbnr/nixos-06cb-009a-fingerprint-sensor/24.11"; fingerprint-sensor.url = "github:ahbnr/nixos-06cb-009a-fingerprint-sensor/24.11";

7
hosts/default.nix
View File

@ -16,10 +16,9 @@ let
./${hostname} ./${hostname}
homeDir homeDir
] ++ ( ] ++ (
if useHomeManager then if useHomeManager then [
[ inputs.home-manager.nixosModules.home-manager ] inputs.home-manager.nixosModules.home-manager
else ] else [ ]
[ ]
) ++ modules; ) ++ modules;
}; };
in { in {

6
hosts/hulk/modules.nix
View File

@ -10,13 +10,14 @@
../../modules/nixos/greetd.nix ../../modules/nixos/greetd.nix
../../modules/nixos/audio.nix ../../modules/nixos/audio.nix
# Apps # Apps/services
inputs.nordvpn.nixosModules.nordvpn ../../modules/nixos/nordvpn.nix
]; ];
modules.apple-style.enable = true; modules.apple-style.enable = true;
modules.bluetooth.enable = true; modules.bluetooth.enable = true;
modules.nvidia.enable = true; modules.nvidia.enable = true;
modules.nordvpn.enable = true;
modules.audio.enable = true; modules.audio.enable = true;
modules.fingerprint-fix = { modules.fingerprint-fix = {
enable = true; enable = true;
@ -25,7 +26,6 @@
services = { services = {
tlp.enable = false; tlp.enable = false;
nordvpn.enable = true;
gvfs.enable = true; gvfs.enable = true;
upower.enable = true; upower.enable = true;
power-profiles-daemon.enable = true; power-profiles-daemon.enable = true;

2
hosts/hulk/users.nix
View File

@ -9,7 +9,7 @@ in {
isNormalUser = true; isNormalUser = true;
description = fullname; description = fullname;
home = "/home/${username}"; home = "/home/${username}";
extraGroups = [ "wheel" "networkmanager" "plugdev" "adbusers" "video" ]; extraGroups = [ "wheel" "networkmanager" "plugdev" "adbusers" "nordvpn" ];
shell = preferredShell; shell = preferredShell;
ignoreShellProgramCheck = true; # Will do it later in profile configuration ignoreShellProgramCheck = true; # Will do it later in profile configuration
}; };

91
modules/derivations/nordvpn.nix Normal file
View File

@ -0,0 +1,91 @@
{ lib, pkgs, ... }:
let
pname = "nordvpn";
version = "3.20.1";
nordVPNBase = pkgs.stdenv.mkDerivation rec {
inherit pname version;
src = pkgs.fetchurl {
url = "https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/n/nordvpn/nordvpn_${version}_amd64.deb";
hash = "sha256-RJoI3G4Tr3272CZ/lI9HEfKXdwuwPzWlrOKm9taIjuU=";
};
buildInputs = with pkgs; [ libxml2 libidn2 ];
nativeBuildInputs = with pkgs; [
dpkg
autoPatchelfHook
stdenv.cc.cc.lib
libnl
libcap_ng
];
dontConfigure = true;
dontBuild = true;
unpackPhase = ''
runHook preUnpack
dpkg --extract $src .
runHook postUnpack
'';
installPhase = ''
runHook preInstall
mkdir -p $out
mv usr/* $out/
mv var/ $out/
mv etc/ $out/
runHook postInstall
'';
};
nordVPNfhs = pkgs.buildFHSEnvChroot {
name = "nordvpnd";
runScript = "nordvpnd";
targetPkgs = pkgs: with pkgs; [
nordVPNBase
sysctl
iptables
iproute2
procps
cacert
libxml2
libidn2
zlib
wireguard-tools
];
};
preScript = pkgs.writeShellScript "nordvpn-start" ''
mkdir -m 700 -p /var/lib/nordvpn;
if [ -z "$(ls -A /var/lib/nordvpn)" ]; then
cp -r ${nordVPNBase}/var/lib/nordvpn/* /var/lib/nordvpn;
fi
'';
in pkgs.stdenv.mkDerivation rec {
inherit pname version;
dontUnpack = true;
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/bin $out/share
ln -s ${nordVPNBase}/bin/nordvpn $out/bin
ln -s ${nordVPNfhs}/bin/nordvpnd $out/bin
ln -s ${nordVPNBase}/share/* $out/share/
ln -s ${nordVPNBase}/var $out/
runHook postInstall
'';
meta = with lib; {
description = "CLI client for NordVPN";
homepage = "https://www.nordvpn.com";
license = licenses.unfreeRedistributable;
maintainers = with maintainers; [dr460nf1r3];
platforms = ["x86_64-linux"];
};
}

40
modules/nixos/nordvpn.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
{
options.modules.nordvpn.enable = lib.mkEnableOption "Whether to enable the NordVPN daemon";
config = lib.mkIf config.modules.nordvpn.enable (let
nordVPN = pkgs.callPackage ../derivations/nordvpn.nix { inherit pkgs lib; };
preScript = pkgs.writeShellScript "nordvpn-start" ''
mkdir -m 700 -p /var/lib/nordvpn;
if [ -z "$(ls -A /var/lib/nordvpn)" ]; then
cp -r ${nordVPN}/var/lib/nordvpn/* /var/lib/nordvpn;
fi
'';
in {
networking.firewall.checkReversePath = false;
networking.firewall.allowedUDPPorts = [ 1194 ];
networking.firewall.allowedTCPPorts = [ 443 ];
environment.systemPackages = [ nordVPN ];
users.groups.nordvpn = {};
systemd.services.nordvpn = {
description = "NordVPN daemon.";
serviceConfig = {
ExecStart = "${nordVPN}/bin/nordvpnd";
ExecStartPre = preScript;
NonBlocking = true;
KillMode = "process";
Restart = "on-failure";
RestartSec = 5;
RuntimeDirectory = "nordvpn";
RuntimeDirectoryMode = "0750";
Group = "nordvpn";
};
wantedBy = ["multi-user.target"];
after = ["network-online.target"];
wants = ["network-online.target"];
};
});
}

4
profiles/hulk/default.nix
View File

@ -5,8 +5,8 @@ let
homeDirectory = "/home/${username}"; homeDirectory = "/home/${username}";
in { in {
imports = [ imports = [
./packages.nix ./packages.nix
./programs.nix ./programs.nix
./theme.nix ./theme.nix
]; ];

2
profiles/hulk/packages.nix
View File

@ -8,8 +8,6 @@
pywayland pywayland
])) ]))
inputs.nordvpn.packages.${system}.nordvpn
(birdtray.overrideAttrs (_: { (birdtray.overrideAttrs (_: {
cmakeFlags = [ "-DOPT_THUNDERBIRD_CMDLINE=${thunderbird}/bin/thunderbird" ]; cmakeFlags = [ "-DOPT_THUNDERBIRD_CMDLINE=${thunderbird}/bin/thunderbird" ];
})) }))

29
shells/ddt4all.nix
View File

@ -8,12 +8,20 @@ let
ps.crcmod ps.crcmod
ps.pyserial ps.pyserial
]); ]);
src = pkgs.fetchFromGitHub {
owner = "cedricp";
repo = "ddt4all";
rev = "v3.0.4";
sha256 = "sha256-SswaqV2UabVjuNeMTd7K3Vxa77LZKCb/qkgidkaE0R8=";
};
in pkgs.mkShell { in pkgs.mkShell {
name = "ddt4all-env"; name = "ddt4all-env";
buildInputs = [ buildInputs = [
pythonWithPkgs pythonWithPkgs
pkgs.qt5.qtbase src
pkgs.qt5.qtbase
pkgs.qt5.qttools pkgs.qt5.qttools
pkgs.git pkgs.git
pkgs.freetype pkgs.freetype
@ -32,20 +40,15 @@ in pkgs.mkShell {
]; ];
nativeBuildInputs = [ pkgs.libsForQt5.qt5.wrapQtAppsHook ]; nativeBuildInputs = [ pkgs.libsForQt5.qt5.wrapQtAppsHook ];
shellHook = ''wrapQtAppsHook'';
runScript = '' shellHook = ''
mkdir -p $HOME/DDT4ALL
cp -r $src/bin/* $HOME/DDT4ALL
cd $HOME/DDT4ALL cd $HOME/DDT4ALL
wrapQtAppsHook
if [ ! -d ".venv" ]; then python main.py
python3 -m venv .venv #exit
source .venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt
else
source .venv/bin/activate
fi
python3 main.py
''; '';
} }