zed sandbox wip

Author: functora

nix/configuration.nix

@@ -735,13 +735,6 @@ in {
       // fj.mkFirejailOffline {
         pkg = "hoogle-w3m";
         exe = "${import ./hoogle-w3m.nix}/bin/hoogle-w3m";
-      }
-      // fj.mkFirejailCustom {
-        pkg = "ze";
-        dir = "ze";
-        exe = "${pkgs.zed-editor}/bin/zeditor";
-        net = true;
-        dbus = true;
       };
     #
     # Home
@@ -847,15 +840,13 @@ in {
       programs.bash.enable = true;
       programs.direnv.enable = true;
       programs.direnv.nix-direnv.enable = true;
-      home.file =
-        {
-          ".config/qutebrowser/config.py".source = ../cfg/qutebrowser.py;
-          ".config/qutebrowser/blocked-hosts".text = blocked-hosts;
-          ".config/mps-youtube/config.json".source = ../cfg/yewtube.json;
-          ".config/warpd/config".source = ../cfg/warpd.txt;
-          ".config/nvim/coc-settings.json".source = ../cfg/coc-settings.json;
-        }
-        // import ./ze.nix {inherit pkgs;};
+      home.file = {
+        ".config/qutebrowser/config.py".source = ../cfg/qutebrowser.py;
+        ".config/qutebrowser/blocked-hosts".text = blocked-hosts;
+        ".config/mps-youtube/config.json".source = ../cfg/yewtube.json;
+        ".config/warpd/config".source = ../cfg/warpd.txt;
+        ".config/nvim/coc-settings.json".source = ../cfg/coc-settings.json;
+      };
       programs.i3status-rust = {
         enable = true;
         bars.bottom.blocks = [
@@ -1123,8 +1114,7 @@ in {
     services.llama-cpp.enable = true;
     services.llama-cpp.port = 11434;
     services.llama-cpp.package = pkgs.llama-cpp.override {vulkanSupport = true;};
-    services.llama-cpp.model =
-      ../../Downloads/microsoft_Phi-4-reasoning-plus-Q5_K_M.gguf;
+    services.llama-cpp.model = ../../llms/microsoft_Phi-4-reasoning-plus-Q5_K_M.gguf;
     #
     # Fonts
     #

nix/doom.nix

@@ -32,13 +32,14 @@ in
           -file "${duhd}/27 marcelus_hd_sprites.pk3" \
           -file ${../bak/doom/space-cats-saga-1-41.wad} \
           -file "${duhd}/1 lights2.wad" "${duhd}/8 DHTP Textures.pk3" "${duhd}/10 HD_SFX.wad" "${duhd}/12 Flashlight++.pk3" "${duhd}/13 Tilt++.pk3" "${duhd}/14 brightmaps2.wad" "${duhd}/16 d3snds.wad" "${duhd}/17 brutaldoom_stuff.wad" "${duhd}/19 SpriteShadow.wad" "${duhd}/20 WorldGamma.wad" "${duhd}/21 BloomBoost.wad" "${duhd}/22 MotionBlur.pk3" "${duhd}/23 hires_decals.wad" "${duhd}/24 Terrains.wad" "${duhd}/25 HD HUD.pk3" "${duhd}/26 Liquids.pk3" "${duhd}/29 Universal Rain and Snow v3.pk3" "${duhd}/30 OST Remake.pk3" "${duhd}/31 texture_lights.wad" "${duhd}/0 Parallax PBR.pk3" \
-          -file ${../bak/doom/CodeFX-1.1.pk3} \
+          -file ${../bak/doom/CodeFX255NoFatsoNoArchvile.pk3} \
+          -file ${../bak/doom/CodeFXFireNoLostSoul.pk3} \
+          -file ${../bak/doom/CodeFXBlood.pk3} \
           -file "${../bak/doom/liquid}/Liquid Texture Pack/(GZDoom) Liquid Texture Pack V4.0.pk3" \
           -file "${../bak/doom/liquid}/Glowing Toxic Texture Pack/LTP V4.0 Glowing Toxic Texture Addon.pk3" \
           -file "${../bak/doom/liquid}/Shader Pack/LTP V4.0 Shader pack.pk3" \
           -file "${../bak/doom/liquid}/Shader Pack/LTP V4.0 Sky shader addon.pk3" \
           -file ${../bak/doom/SimpleSlots.1.1.pk7} \
-          -file ${../bak/doom/relite_0.6.7a.pk3} \
           -file ${../bak/doom/nashgore.pk3} \
           -file ${../bak/doom/cblood.pk3}
       '';

nix/sources.json

@@ -65,10 +65,10 @@
         "homepage": "",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b32441ec0fae600e647cf4e6d6c245286a583106",
-        "sha256": "0jgdrq44r2rqq80n0js3312l1fhxhy2g03z8348sq083zrvqr48f",
+        "rev": "cab778239e705082fe97bb4990e0d24c50924c04",
+        "sha256": "119yw3dqvq6c9kvvk8x1829a3symy6g0cbzjpskx9xhbak4r82cn",
         "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/b32441ec0fae600e647cf4e6d6c245286a583106.tar.gz",
+        "url": "https://github.com/NixOS/nixpkgs/archive/cab778239e705082fe97bb4990e0d24c50924c04.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     }
 }

nix/ze.nix

@@ -0,0 +1,48 @@
+{pkgs}:
+(pkgs.formats.json {}).generate "zed-user-settings" {
+  auto_install_extensions = {
+    nix = true;
+    haskell = true;
+  };
+  features = {
+    copilot = false;
+  };
+  telemetry = {
+    metrics = false;
+    diagnostics = false;
+  };
+
+  vim_mode = true;
+  ui_font_size = 18;
+  buffer_font_size = 18;
+  soft_wrap = "editor_width";
+  # buffer_font_family = "JetBrains Mono";
+  # base_keymap = "JetBrains";
+  autosave = "off";
+
+  lsp = {
+    nil = {
+      binary = {
+        path = pkgs.lib.getExe pkgs.nil;
+        path_lookup = true;
+      };
+      initialization_options = {
+        formatting.command = ["alejandra"];
+      };
+    };
+    haskell-language-server = {
+      binary.path_lookup = true;
+    };
+  };
+
+  languages = {
+    Nix = {
+      language_servers = ["nil"];
+      format_on_save = "on";
+    };
+    Haskell = {
+      language_servers = ["haskell-language-server"];
+      format_on_save = "on";
+    };
+  };
+}

nix/zed-config.nix

@@ -1,65 +1,52 @@
-let
-  pkgs = import ./nixpkgs.nix;
+{pkgs ? import <nixpkgs> {}}: let
   nixpak = import ./nixpak.nix;
   mkNixPak = nixpak.lib.nixpak {
     inherit (pkgs) lib;
     inherit pkgs;
   };
+  app = pkgs.writeShellApplication {
+    name = "zed";
+    text = "${pkgs.zed-editor}/bin/zeditor";
+  };
   sandbox = mkNixPak {
     config = {sloth, ...}: {
-      # the application to isolate
-      app.package = pkgs.hello;
-
-      # path to the executable to be wrapped
-      # this is usually autodetected but
-      # can be set explicitly nonetheless
-      app.binPath = "bin/hello";
-
-      # enabled by default, flip to disable
-      # and to remove dependency on xdg-dbus-proxy
-      dbus.enable = true;
-
-      # same usage as --see, --talk, --own
-      dbus.policies = {
-        "org.freedesktop.DBus" = "talk";
-        "ca.desrt.dconf" = "talk";
-      };
-
-      # needs to be set for Flatpak emulation
-      # defaults to com.nixpak.${name}
-      # where ${name} is generated from the drv name like:
-      # hello -> Hello
-      # my-app -> MyApp
-      flatpak.appId = "org.myself.HelloApp";
+      app.package = app;
+      gpu.enable = true;
+      gpu.provider = "bundle";
+      fonts.enable = true;
+      locale.enable = true;
+      etc.sslCertificates.enable = true;
 
       bubblewrap = {
-        # disable all network access
-        network = false;
-
-        # lists of paths to be mounted inside the sandbox
-        # supports runtime resolution of environment variables
-        # see "Sloth values" below
-
-        # bind.rw = [
-        #   (sloth.concat' sloth.homeDir "/Documents")
-        #   (sloth.env "XDG_RUNTIME_DIR")
-        #   # a nested list represents a src -> dest mapping
-        #   # where src != dest
-        #   [
-        #     (sloth.concat' sloth.homeDir "/.local/state/nixpak/hello/config")
-        #     (sloth.concat' sloth.homeDir "/.config")
-        #   ]
-        # ];
+        network = true;
+        sockets.pulse = true;
+        sockets.wayland = true;
+        env.RUST_BACKTRACE = "full";
+        bindEntireStore = true;
+
+        bind.rw = [
+          [
+            (sloth.mkdir (sloth.concat' sloth.homeDir "/zed"))
+            sloth.homeDir
+          ]
+        ];
 
         bind.ro = [
-          (sloth.concat' sloth.homeDir "/Downloads")
+          "/etc/group"
+          "/etc/passwd"
+          "/run/current-system/sw/bin/bash"
+          (sloth.concat' sloth.homeDir "/.nix-profile")
+          [
+            (toString (import ./zed-config.nix {inherit pkgs;}))
+            (sloth.concat' sloth.homeDir "/.config/zed/settings.json")
+          ]
         ];
 
-        bind.dev = [
-          "/dev/dri"
+        tmpfs = [
+          "/tmp"
         ];
       };
     };
   };
 in
-  sandbox.config.script
+  sandbox.config.env