{ pkgs, config, ... }: let passbemenu = pkgs.writeScriptBin "passbemenu" '' #!${pkgs.stdenv.shell} shopt -s nullglob globstar typeit=0 if [[ $1 == "--type" ]]; then typeit=1 shift fi export BEMENU_BACKEND=wayland prefix=''${PASSWORD_STORE_DIR-~/.password-store} password_files=( $(find -L "$prefix" -type f -name '*.gpg') ) password_files=( "''${password_files[@]#"$prefix"/}" ) password_files=( "''${password_files[@]%.gpg}" ) password=$(printf '%s\n' "''${password_files[@]}" | \ ${pkgs.bemenu}/bin/bemenu --list 20 --ignorecase --prompt 'Pass: ' "$@") [[ -n $password ]] || exit ${pkgs.pass-wayland}/bin/pass show -c "$password" 2>/dev/null ''; threema-vpn = pkgs.writeScriptBin "threema-vpn" '' #!${pkgs.stdenv.shell} set -eo pipefail SERVICE=openvpn-threema SERVICE_EXEC="${config.systemd.services.openvpn-threema.serviceConfig.ExecStart}" exec sudo ${pkgs.openvpn}/sbin/openvpn''${SERVICE_EXEC#@* openvpn} ''; threema-env = pkgs.writeScriptBin "threema-env" '' #!/usr/bin/env bash set -eo pipefail # Nix shell might fail on some PWDs, so go to home OLD_PWD=`pwd` cd $HOME ENV_NAME="$1" ENV_FILE="$HOME/shares/cloud.threema.ch/envs/''${ENV_NAME}.nix" COMMAND="''${2-bash}" if [ -z "$ENV_NAME" ]; then echo "Error: No env name provided" >&2 exit 2 fi if [ ! -f "$ENV_FILE" ]; then echo "Error: Env file does not exist" >&2 exit 3 fi echo "Starting '$COMMAND' in env '$ENV_FILE'" ${pkgs.nix}/bin/nix-shell ''${ENV_FILE} --run "(cd $OLD_PWD; $COMMAND)" ''; wsudo = with pkgs.xorg; pkgs.writeScriptBin "wsudo" '' #!/usr/bin/env bash #small script to enable root access to x-windows system ${xhost}/bin/xhost +SI:localuser:root sudo $1 #disable root access after application terminates ${xhost}/bin/xhost -SI:localuser:root #print access status to allow verification that root access was remov ed ${xhost}/bin/xhost ''; in { home-manager.users.fhauser.home.packages = [ passbemenu threema-vpn threema-env wsudo ]; }