2023-05-26 05:58:08 +00:00
|
|
|
## BUGS
|
|
|
|
- why i need to manually restart `wireguard-wg-ovpns` on servo periodically
|
2023-07-05 09:07:20 +00:00
|
|
|
- else DNS fails
|
2023-07-14 21:35:25 +00:00
|
|
|
- fix epiphany URL bar input on moby
|
2023-05-26 05:58:08 +00:00
|
|
|
|
2023-05-16 11:24:34 +00:00
|
|
|
## REFACTORING:
|
2023-06-27 21:45:30 +00:00
|
|
|
|
2023-05-13 10:04:46 +00:00
|
|
|
### sops/secrets
|
2023-05-14 09:58:49 +00:00
|
|
|
- attach secrets to the thing they're used by (sane.programs)
|
|
|
|
- rework secrets to leverage `sane.fs`
|
|
|
|
- remove sops activation script as it's covered by my systemd sane.fs impl
|
2023-05-13 10:04:46 +00:00
|
|
|
|
|
|
|
### roles
|
|
|
|
- allow any host to take the role of `uninsane.org`
|
|
|
|
- will make it easier to test new services?
|
|
|
|
|
2023-05-15 00:42:39 +00:00
|
|
|
### upstreaming
|
2023-06-29 22:45:25 +00:00
|
|
|
- split out a sxmo module usable by NUR consumers
|
2023-05-26 21:04:12 +00:00
|
|
|
- bump nodejs version in lemmy-ui
|
2023-05-15 00:42:39 +00:00
|
|
|
- add updateScripts to all my packages in nixpkgs
|
|
|
|
- fix lightdm-mobile-greeter for newer libhandy
|
2023-05-15 01:01:08 +00:00
|
|
|
- port zecwallet-lite to a from-source build
|
2023-06-08 08:27:20 +00:00
|
|
|
- REVIEW/integrate jellyfin dataDir config: <https://github.com/NixOS/nixpkgs/pull/233617>
|
|
|
|
- remove `libsForQt5.callPackage` broadly: <https://github.com/NixOS/nixpkgs/issues/180841>
|
2023-05-15 00:42:39 +00:00
|
|
|
|
2023-05-15 00:36:25 +00:00
|
|
|
|
2023-05-16 11:24:34 +00:00
|
|
|
## IMPROVEMENTS:
|
2023-05-14 02:08:09 +00:00
|
|
|
### security/resilience
|
|
|
|
- validate duplicity backups!
|
|
|
|
- encrypt more ~ dirs (~/archives, ~/records, ..?)
|
|
|
|
- best to do this after i know for sure i have good backups
|
2023-05-13 10:04:46 +00:00
|
|
|
- have `sane.programs` be wrapped such that they run in a cgroup?
|
|
|
|
- at least, only give them access to the portion of the fs they *need*.
|
|
|
|
- Android takes approach of giving each app its own user: could hack that in here.
|
2023-06-28 10:30:57 +00:00
|
|
|
- **systemd-run** takes a command and runs it in a temporary scope (cgroup)
|
|
|
|
- presumably uses the same options as systemd services
|
|
|
|
- see e.g. <https://github.com/NixOS/nixpkgs/issues/113903#issuecomment-857296349>
|
2023-06-28 01:08:53 +00:00
|
|
|
- flatpak does this, somehow
|
|
|
|
- apparmor? SElinux? (desktop) "portals"?
|
|
|
|
- see Spectrum OS; Alyssa Ross; etc
|
2023-07-11 22:26:12 +00:00
|
|
|
- bubblewrap-based sandboxing: <https://github.com/nixpak/nixpak>
|
2023-05-14 02:08:09 +00:00
|
|
|
- canaries for important services
|
|
|
|
- e.g. daily email checks; daily backup checks
|
2023-06-28 03:09:54 +00:00
|
|
|
- integrate `nix check` into Gitea actions?
|
2023-05-13 10:04:46 +00:00
|
|
|
|
2023-05-15 00:36:25 +00:00
|
|
|
### user experience
|
2023-06-26 00:30:52 +00:00
|
|
|
- neovim: set up language server (lsp; rnix-lsp; nvim-lspconfig)
|
2023-07-09 10:50:18 +00:00
|
|
|
- Helix: make copy-to-system clipboard be the default
|
|
|
|
- firefox/librewolf: persist history
|
|
|
|
- just not cookies or tabs
|
2023-05-15 00:36:25 +00:00
|
|
|
- moby: improve gPodder launch time
|
2023-07-02 03:00:46 +00:00
|
|
|
- moby: theme GTK apps (i.e. non-adwaita styles)
|
|
|
|
- especially, make the menubar collapsible
|
2023-07-03 05:08:26 +00:00
|
|
|
- try Gradience tool specifically for theming adwaita? <https://linuxphoneapps.org/apps/com.github.gradienceteam.gradience/>
|
2023-05-15 00:38:32 +00:00
|
|
|
- package Nix/NixOS docs for Zeal
|
2023-05-16 22:18:28 +00:00
|
|
|
- install [doc-browser](https://github.com/qwfy/doc-browser)
|
2023-05-16 11:24:34 +00:00
|
|
|
- this supports both dash (zeal) *and* the datasets from <https://devdocs.io> (which includes nix!)
|
2023-05-16 22:18:28 +00:00
|
|
|
- install [devhelp](https://wiki.gnome.org/Apps/Devhelp) (gnome)
|
2023-05-17 00:26:18 +00:00
|
|
|
- have xdg-open parse `<repo:...> URIs (or adjust them so that it _can_ parse)
|
2023-06-07 23:57:32 +00:00
|
|
|
- sane-bt-search: show details like 5.1 vs stereo, h264 vs h265
|
2023-07-02 02:54:07 +00:00
|
|
|
- uninsane.org: make URLs relative to allow local use (and as offline homepage)
|
2023-07-01 00:57:36 +00:00
|
|
|
- email: fix so that local mail doesn't go to junk
|
|
|
|
- git sendmail flow adds the DKIM signatures, but gets delivered locally w/o having the sig checked, so goes into Junk
|
|
|
|
- could change junk filter from "no DKIM success" to explicit "DKIM failed"
|
2023-05-15 00:36:25 +00:00
|
|
|
|
2023-05-13 12:52:45 +00:00
|
|
|
### perf
|
2023-07-21 09:13:15 +00:00
|
|
|
- add `pkgs.impure-cached.<foo>` package set to build things with ccache enabled
|
|
|
|
- every package here can be auto-generated, and marked with some env var so that it doesn't pollute the pure package set
|
|
|
|
- would be super handy for package prototyping!
|
2023-05-13 12:52:45 +00:00
|
|
|
- why does nixos-rebuild switch take 5 minutes when net is flakey?
|
2023-05-14 02:08:09 +00:00
|
|
|
- trying to auto-mount servo?
|
2023-05-13 12:52:45 +00:00
|
|
|
- something to do with systemd services restarting/stalling
|
|
|
|
- maybe wireguard & its refresh operation, specifically?
|
2023-07-08 03:03:05 +00:00
|
|
|
- get moby to build without binfmt emulation (i.e. make all emulation explicit)
|
|
|
|
- then i can distribute builds across servo + desko, and also allow servo to pull packages from desko w/o worrying about purity
|
2023-05-13 12:52:45 +00:00
|
|
|
|
2023-05-13 10:04:46 +00:00
|
|
|
|
2023-05-16 11:24:34 +00:00
|
|
|
## NEW FEATURES:
|
2023-05-13 10:04:46 +00:00
|
|
|
- migrate MAME cabinet to nix
|
|
|
|
- boot it from PXE from servo?
|
2023-05-17 08:49:06 +00:00
|
|
|
- enable IPv6
|