# SPDX-FileCopyrightText: 2022 Richard Brežák # # SPDX-License-Identifier: LGPL-3.0-or-later { name = "bwrap-x"; overlay = {}: final: prev: { bwrap-factorio = final.bwrap-x { pkgs = with prev; [ xorg.libX11 xorg.libXext xorg.libXinerama xorg.libXrandr xorg.libXcursor pulseaudio libglvnd alsa-lib ]; }; bwrap-x = { defaultPackages ? (with prev; [ bashInteractive coreutils-full gawk gzip gnutar gnugrep glibc.bin ]) , pkgs ? [] }: with prev.lib; prev.writeShellScriptBin "bwrap-x" '' nixpkgs="${prev.path}" store_paths=() preload_libraries=() for package in ${concatStringsSep " " (pkgs ++ defaultPackages)} do for path in $(nix path-info -r $package) do store_paths+=("$path") done done for path in $(nix path-info -r $(for package in $EXTRA_PACKAGES ; do echo $nixpkgs#$package ; done)) do store_paths+=("$path") done for package in ${concatStringsSep " " (pkgs ++ defaultPackages)} do for path in $(nix build --no-link --print-out-paths $package) do if [ -e "$path/lib" ] then preload_libraries+=("$path/lib") fi done done for path in $(nix build --no-link --print-out-paths $(for package in $EXTRA_PACKAGES ; do echo $nixpkgs#$package ; done)) do if [ -e "$path/lib" ] then preload_libraries+=("$path/lib") fi done if [ "$ENABLE_XORG" == "1" ] then for package in $(readlink /run/opengl-driver /run/opengl-driver-32) do for path in $(nix path-info -r $package) do store_paths+=("$path") done done preload_libraries+=("/run/opengl-driver/lib" "/run/opengl-driver-32/lib") fi preload_libraries_new="$(echo "''${preload_libraries[@]}" | tr ' ' '\n' | sort | uniq | tr '\n' ' ')" store_paths_new="$(echo "''${store_paths[@]}" | tr ' ' '\n' | sort | uniq | tr '\n' ' ')" ${prev.bubblewrap}/bin/bwrap \ --unshare-all \ --ro-bind /bin/sh /bin/sh \ --ro-bind /usr/bin/env /usr/bin/env \ --ro-bind ${prev.glibc}/lib64/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2 \ --ro-bind /nix/store /nix/store \ `# $(for path in ''${store_paths_new[@]} ;` \ `# do` \ `# nix path-info $path -r | sed 's/\(.*\)/--ro-bind \1 \1/m' | tr '\n' ' ' ;` \ `# done)` \ --ro-bind /bin/sh /bin/sh \ --setenv PATH \ $(for path in ''${store_paths_new[@]} ; \ do \ echo $path | sed 's~\(.*\)~\1/bin~m' | tr '\n' ':' ; \ done) \ --tmpfs /tmp \ --proc /proc \ --dev /dev \ \ \ $(for path in $BIND_PATHS ; \ do \ echo "--bind $path $path" ; \ done) \ $(for path in $BIND_RO_PATHS ; \ do \ echo "--ro-bind $path $path" ; \ done) \ $([ "$CWD" = "" ] && echo "--cwd $CWD") \ \ \ $([ "$ENABLE_PULSEAUDIO" == "1" ] && echo "${concatStringsSep " " [ "--dev-bind /dev/snd /dev/snd" "--ro-bind /etc/group /etc/group" "--bind /run/user/1000/pulse/ /run/user/1000/pulse/" ]}") \ \ \ $([ "$ENABLE_XORG" == "1" ] && echo "${concatStringsSep " " [ "--bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0" "--ro-bind /home/main/.Xauthority /home/main/.Xauthority" "--bind /run/nvidia-xdriver-e0a0641b /run/nvidia-xdriver-e0a0641b" "--ro-bind /run/opengl-driver-32 /run/opengl-driver-32" "--ro-bind /run/opengl-driver /run/opengl-driver" "--ro-bind /sys/dev/char /sys/dev/char" "--dev-bind /dev/dri /dev/dri" "--ro-bind /sys/devices/pci0000:00 /sys/devices/pci0000:00" "$(for dev in /dev/nvidia* ; do echo \"--dev-bind $dev $dev\" ; done)" ]}") \ \ $([ "ENABLE_NETWORK" == "1" ] && echo "${concatStringsSep " " [ "--ro-bind /etc/ssl /etc/ssl" "--ro-bind /etc/static/ssl /etc/static/ssl" "--ro-bind /etc/resolv.conf /etc/resolv.conf" "--share-net" ]}") \ --setenv LD_LIBRARY_PATH "$(echo "''${preload_libraries_new[@]}" | tr ' ' ':')" \ "$@" ''; }; }