nix-files/TODO.md

118 lines
5.5 KiB
Markdown
Raw Normal View History

2023-05-26 05:58:08 +00:00
## BUGS
- why i need to manually restart `wireguard-wg-ovpns` on servo periodically
2023-07-05 09:07:20 +00:00
- else DNS fails
2023-05-26 05:58:08 +00:00
2023-05-16 11:24:34 +00:00
## REFACTORING:
2023-06-27 21:45:30 +00:00
2023-05-13 10:04:46 +00:00
### sops/secrets
- attach secrets to the thing they're used by (sane.programs)
- rework secrets to leverage `sane.fs`
- remove sops activation script as it's covered by my systemd sane.fs impl
2023-05-13 10:04:46 +00:00
### roles
- allow any host to take the role of `uninsane.org`
- will make it easier to test new services?
2023-05-13 10:04:46 +00:00
2023-05-15 00:42:39 +00:00
### upstreaming
- split out a sxmo module usable by NUR consumers
2023-05-26 21:04:12 +00:00
- bump nodejs version in lemmy-ui
2023-05-15 00:42:39 +00:00
- add updateScripts to all my packages in nixpkgs
- fix lightdm-mobile-greeter for newer libhandy
- port zecwallet-lite to a from-source build
- REVIEW/integrate jellyfin dataDir config: <https://github.com/NixOS/nixpkgs/pull/233617>
- remove `libsForQt5.callPackage` broadly: <https://github.com/NixOS/nixpkgs/issues/180841>
2023-05-15 00:42:39 +00:00
2023-08-28 09:36:11 +00:00
#### upstreaming to non-nixpkgs repos
- gtk: build schemas even on cross compilation: <https://github.com/NixOS/nixpkgs/pull/247844>
- sxmo: add new app entries
2023-05-15 00:36:25 +00:00
2023-05-16 11:24:34 +00:00
## IMPROVEMENTS:
2023-05-14 02:08:09 +00:00
### security/resilience
2023-10-22 14:22:57 +00:00
- matrix/ntfy: automatically add the ntfy.uninsane.org push URL as part of synapse launch
- ntfy: use a more secure topic
2023-05-14 02:08:09 +00:00
- validate duplicity backups!
- encrypt more ~ dirs (~/archives, ~/records, ..?)
- best to do this after i know for sure i have good backups
2023-05-13 10:04:46 +00:00
- have `sane.programs` be wrapped such that they run in a cgroup?
- at least, only give them access to the portion of the fs they *need*.
- Android takes approach of giving each app its own user: could hack that in here.
- **systemd-run** takes a command and runs it in a temporary scope (cgroup)
- presumably uses the same options as systemd services
- see e.g. <https://github.com/NixOS/nixpkgs/issues/113903#issuecomment-857296349>
- flatpak does this, somehow
- apparmor? SElinux? (desktop) "portals"?
- see Spectrum OS; Alyssa Ross; etc
- bubblewrap-based sandboxing: <https://github.com/nixpak/nixpak>
2023-05-14 02:08:09 +00:00
- canaries for important services
- e.g. daily email checks; daily backup checks
- integrate `nix check` into Gitea actions?
2023-05-13 10:04:46 +00:00
2023-05-15 00:36:25 +00:00
### user experience
2023-09-11 01:30:29 +00:00
#### moby
- fix cpuidle (gets better power consumption): <https://xnux.eu/log/077.html>
- install apps:
- display QR codes for WiFi endpoints: <https://linuxphoneapps.org/apps/noappid.wisperwind.wifi2qr/>
- shopping list: <https://linuxphoneapps.org/apps/ro.hume.cosmin.shoppinglist/>
- offline Wikipedia
2023-09-11 01:30:29 +00:00
- SwayNC:
- don't show MPRIS if no players detected
- this is a problem of playerctld, i guess
- add option to change audio output
2023-09-13 10:14:07 +00:00
- fix colors (red alert) to match overall theme
2023-08-22 08:53:55 +00:00
- moby: tune GPS
- run only geoclue, and not gpsd, to save power?
- tune QGPS setting in eg25-control, for less jitter?
- direct mepo to prefer gpsd, with fallback to geoclue, for better accuracy?
- configure geoclue to do some smoothing?
- manually do smoothing, as some layer between mepo and geoclue/gpsd?
- moby: show battery state on ssh login
2023-05-15 00:36:25 +00:00
- moby: improve gPodder launch time
2023-09-27 22:54:04 +00:00
- sxmo: port to swaybar like i use on desktop
- users in #sxmo claim it's way better perf
2023-09-11 01:30:29 +00:00
- sxmo: fix youtube scripts (package youtube-cli)
- sxmo: don't put all deps on PATH
- maybe: use resholve to hard-code them
- this is the most "correct", but least patchable
- maybe: express each invocation as a function in sxmo_common.sh
- this will require some patching to handle `exec <foo>` style
- maybe: save original PATH and reset it before invoking user files
2023-07-02 03:00:46 +00:00
- moby: theme GTK apps (i.e. non-adwaita styles)
- combine multiple icon themes to get one which has the full icon set?
- get adwaita-icon-theme to ship everything even when cross-compiled?
2023-07-02 03:00:46 +00:00
- especially, make the menubar collapsible
2023-07-03 05:08:26 +00:00
- try Gradience tool specifically for theming adwaita? <https://linuxphoneapps.org/apps/com.github.gradienceteam.gradience/>
- phog: remove the gnome-shell runtime dependency to save hella closure size
2023-09-11 01:30:29 +00:00
#### non-moby
- neovim: set up language server (lsp; rnix-lsp; nvim-lspconfig)
- Helix: make copy-to-system clipboard be the default
- firefox/librewolf: persist history
- just not cookies or tabs
2023-05-15 00:38:32 +00:00
- package Nix/NixOS docs for Zeal
- install [doc-browser](https://github.com/qwfy/doc-browser)
- this supports both dash (zeal) *and* the datasets from <https://devdocs.io> (which includes nix!)
- install [devhelp](https://wiki.gnome.org/Apps/Devhelp) (gnome)
2023-05-17 00:26:18 +00:00
- have xdg-open parse `<repo:...> URIs (or adjust them so that it _can_ parse)
- sane-bt-search: show details like 5.1 vs stereo, h264 vs h265
- maybe just color these "keywords" in all search results?
2023-07-02 02:54:07 +00:00
- uninsane.org: make URLs relative to allow local use (and as offline homepage)
2023-07-01 00:57:36 +00:00
- email: fix so that local mail doesn't go to junk
- git sendmail flow adds the DKIM signatures, but gets delivered locally w/o having the sig checked, so goes into Junk
- could change junk filter from "no DKIM success" to explicit "DKIM failed"
2023-05-15 00:36:25 +00:00
2023-05-13 12:52:45 +00:00
### perf
2023-07-21 09:13:15 +00:00
- add `pkgs.impure-cached.<foo>` package set to build things with ccache enabled
- every package here can be auto-generated, and marked with some env var so that it doesn't pollute the pure package set
- would be super handy for package prototyping!
- get moby to build without binfmt emulation (i.e. make all emulation explicit)
- then i can distribute builds across servo + desko, and also allow servo to pull packages from desko w/o worrying about purity
2023-05-13 12:52:45 +00:00
2023-05-13 10:04:46 +00:00
2023-05-16 11:24:34 +00:00
## NEW FEATURES:
2023-05-13 10:04:46 +00:00
- migrate MAME cabinet to nix
- boot it from PXE from servo?
- deploy to new server, and use it as a remote builder
2023-05-17 08:49:06 +00:00
- enable IPv6
- package lemonade lemmy app: <https://linuxphoneapps.org/apps/ml.mdwalters.lemonade/>