colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
7,534 Commits 141 Branches 1 Tag
2024-08-12-wip-flatpak
Commit Graph

7534 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Colin
7a047702d5 cross: flatpak: fix via nixpkgs patch instead of overlay 2024-08-13 06:04:43 +00:00
Colin
467283989f todo.md: fix Epiphany to persist cookies 2024-08-13 03:41:08 +00:00
Colin
db39dc209f xdg-desktop-portal-gnome: sandbox 2024-08-13 03:34:09 +00:00
Colin
7cf860a071 nixpkgs: update passt hash 2024-08-13 03:33:48 +00:00
Colin
77a753b0d6 gnome-maps: todo: better portal integration 2024-08-13 02:50:59 +00:00
Colin
e2a4f4d63e todo.md: newsflash and gnome-maps bugs to tackle 2024-08-13 02:48:08 +00:00
Colin
31fc072bce nixpkgs-overlays: try to be a little more pure 2024-08-12 21:56:30 +00:00
Colin
144afd8171 sway: fix wlroots drmSync bug via upstream patch 2024-08-12 21:52:44 +00:00
Colin
7d97355d2a overlays/cross: remove no-longer-necessary overrides 2024-08-12 21:20:16 +00:00
Colin
7827f6c584 sway: note that the activation patch is still necessary 2024-08-12 18:28:16 +00:00
Colin
e1899495a0 nixpkgs-wayland: 0-unstable-2024-08-06 -> 0-unstable-2024-08-12 2024-08-12 18:05:32 +00:00
Colin
a56ad56a4f refactor: move ~/.cache/nix persistence to hosts/common/programs/nix.nix 2024-08-12 16:06:26 +00:00
Colin
da551b8b97 geary: grant access to more files 2024-08-12 16:04:20 +00:00
Colin
ca412d08bd nautilus: grant access to more files 2024-08-12 16:04:11 +00:00
Colin
e7a1bb6ec0 nixpkgs: 2024-08-11 -> 2024-08-12 2024-08-12 10:30:04 +00:00
Colin
74acfeadd5 programs/assorted: clarify sandbox.enable = false situation 2024-08-12 10:27:41 +00:00
Colin
e7d5a61014 libcap: split into separate capsh and captree programs, and sandbox the latter 2024-08-12 10:13:50 +00:00
Colin
6f47708624 nixpkgs patches: send a few upstream; dont apply ffado patch here because my system doesnt use it 2024-08-12 10:10:06 +00:00
Colin
fc826a3503 libcap: patch in captree locally rather than via a nixpkgs patch that would force mass rebuilds 2024-08-12 09:39:43 +00:00
Colin
ccb2b7b8b6 nixpkgs: update libcap patch to grab from the PR 2024-08-12 09:18:50 +00:00
Colin
78169d50f2 overlays/cross: remove upstreamed patches; simplify rust things 2024-08-12 09:14:42 +00:00
Colin
33a7d3536d nixpkgs: update patches 2024-08-12 09:14:00 +00:00
Colin
7899c8d033 syshud: 0-unstable-2024-07-29 -> 0-unstable-2024-08-10 2024-08-12 02:37:03 +00:00
Colin
82b662a733 nixpkgs: remove dead (upstreamed) patches 2024-08-12 02:13:07 +00:00
Colin
d4290588bf rename: trust-dns -> hickory-dns 2024-08-12 01:23:39 +00:00
Colin
bd97fb9ec9 nixpkgs: 24.05-unstable-2024-08-09 -> 24.05-unstable-2024-08-11 2024-08-12 01:08:03 +00:00
Colin
4dbff9c18f scripts/deploy: shorten "--action copy" to just "--copy" 2024-08-12 01:07:50 +00:00
Colin
bfe278c17a feeds: subscribe to Weird Little Guys 2024-08-12 00:35:34 +00:00
Colin
295e07d535 sane-tag-media: fix lingering crashes around --derive behavior 2024-08-12 00:13:42 +00:00
Colin
d39459d8b5 NetworkManager: tighten the systemd sandboxing 2024-08-11 22:54:47 +00:00
Colin
4d5e60756b modemmanager: make its capabilities more obvious 2024-08-11 22:54:41 +00:00
Colin
119afcf393 firefox: remove open-in-mpv (obsoleted by firefox-xdg-open) 2024-08-11 22:37:12 +00:00
Colin
d3d970eb3e firefox: dont require approval to open xdg-open: URIs 2024-08-11 22:32:26 +00:00
Colin
c0d5004926 firefox: add a right-click context menu to open any URI with the system handler 
it still prompts the user to allow it, but i'll fix that later i guess
 2024-08-11 22:26:23 +00:00
Colin
d9a876e49a fractal: association with https://matrix.to links 2024-08-11 21:45:51 +00:00
Colin
5a9dd89475 sane-vpn: fix global up/down action 2024-08-11 21:01:11 +00:00
Colin
5e71e5a067 moby: enable bluetooth 2024-08-11 06:27:07 +00:00
Colin
f0b0d15ad7 evtest: ship 2024-08-11 06:26:58 +00:00
Colin
8aebc1fe87 feeds: subscribe to Oyez supreme court oral arguments 2024-08-10 11:16:54 +00:00
Colin
764c2a3276 Revert "nixpkgs-wayland: 0-unstable-2024-08-06 -> 0-unstable-2024-08-09" 
This reverts commit ce1c3ec804.

while the nixpkgs-wayland bump works fine on lappy/desko,
it causes moby to be stuck on the white screen after unlocking.
 2024-08-10 04:16:31 +00:00
Colin
a2f34be9d6 avahi: fix so the dbus policy files get installed system wide, again 2024-08-10 02:59:20 +00:00
Colin
bda172bc2d avahi: harden systemd service 
N.B.: i haven't tested this on moby yet (which advertizes the gps-share service) nor on servo (which maybe uses it for jellyfin, idk)
 2024-08-10 02:04:57 +00:00
Colin
a91a2d8a7f gps-share: fix sandboxing 2024-08-10 01:10:31 +00:00
Colin
875d919fa8 systemd-rfkill: harden 2024-08-10 00:34:13 +00:00
Colin
a323f321b5 snapper: disable 
it wasn't working to begin with
 2024-08-10 00:09:58 +00:00
Colin
f986936bbd wg-home-refresh: use the sandboxed wireguard-tools 2024-08-09 23:52:31 +00:00
Colin
3d773fe375 sanebox: improve the capsh stuff a bit more 2024-08-09 23:52:16 +00:00
Colin
055ad222e3 wg-home-refresh: harden systemd service 2024-08-09 23:05:58 +00:00
Colin
3aafcb0aa8 sanebox: capshonly: be more precise about preserving e/i/p capabilities 
with this, gocryptfs works AND wg works
 2024-08-09 22:55:02 +00:00
Colin
c85f02ca68 scripts/sync: dont rely on /mnt/$self existing 2024-08-09 21:41:56 +00:00