{ config, pkgs, ... }: { xdg.portal.enable = true; services.flatpak.enable = true; services.flatpak.packages = [ "org.mozilla.firefox" ]; services.flatpak.overrides = { "com.visualstudio.code".Context = { filesystems = [ "xdg-config/git:ro" # Expose user Git config "/run/current-system/sw/bin:ro" # Expose NixOS managed software ]; sockets = [ "gpg-agent" # Expose GPG agent "pcsc" # Expose smart cards (i.e. YubiKey) ]; }; "org.onlyoffice.desktopeditors".Context.sockets = ["x11"]; # No Wayland support }; fonts.fontDir.enable = true; system.fsPackages = [ pkgs.bindfs ]; fileSystems = let mkRoSymBind = path: { device = path; fsType = "fuse.bindfs"; options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; }; aggregatedFonts = pkgs.buildEnv { name = "system-fonts"; paths = config.fonts.packages; pathsToLink = [ "/share/fonts" ]; }; in { # Create an FHS mount to support flatpak host icons/fonts "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); }; }