byteio/nixos-config
1
0
Fork 0
mirror of https://github.com/librephoenix/nixos-config synced 2025-11-30 14:43:59 +05:30
Code Issues Projects Releases Packages Wiki Activity
nixos-config/modules/system/security/firejail/default.nix
Emmet 2cd733ffd3 More messaging + firejail reactivation
2025-11-02 06:26:11 -06:00

38 lines
1.1 KiB
Nix
Raw Blame History

{ lib, config, pkgs, ... }:
let
cfg = config.systemSettings.security.firejail;
in {
options = {
systemSettings.security.firejail = {
enable = lib.mkEnableOption "Use firejail on some apps for extra security";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ firejail ];
programs.firejail.enable = true;
programs.firejail.wrappedBinaries = {
brave = {
executable = "${pkgs.brave}/bin/brave";
profile = "${pkgs.firejail}/etc/firejail/brave.profile";
};
discord = {
executable = "${pkgs.discord}/bin/discord";
profile = "${pkgs.firejail}/etc/firejail/discord.profile";
};
prismlauncher = {
executable = "${pkgs.prismlauncher}/bin/prismlauncher";
profile = ./firejail-profiles/prismlauncher.profile;
};
steam = {
executable = "${pkgs.steam}/bin/steam";
profile = "${pkgs.firejail}/etc/firejail/steam.profile";
};
steam-run = {
executable = "${pkgs.steam}/bin/steam-run";
profile = "${pkgs.firejail}/etc/firejail/steam.profile";
};
};
};
}
Reference in a new issue View git blame Copy permalink