colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
7,775 Commits 141 Branches 1 Tag
04eb5ed0129f96df11f3e0af85c54ee20b51ae6e
Commit Graph

2517 Commits

Author SHA1 Message Date
Colin
0279c030de loupe: sandbox with bunpen 2024-09-03 00:33:16 +00:00
Colin
f0ea3f8bf6 fractal: sandbox with bunpen 2024-09-03 00:32:03 +00:00
Colin
384472c1c4 nix: fix typo in NIXPATH introduced in a39d705ff5 2024-09-02 21:54:14 +00:00
Colin
712b2c38f0 firefox: disable Ctrl+W shortcut 
finally, i can stop accidentally killing tabs when i mean to backspace
 2024-09-02 15:43:12 +00:00
Colin
3212664f37 firefox: migrate extraPolicies to overrides.cfg 
this fixes that the bookmarks policy in extraPolicies was breaking my bookmarks import
 2024-09-02 15:15:00 +00:00
Colin
98c62f66dd firefox: add duckduckgo search bookmark 2024-09-02 14:11:13 +00:00
Colin
1677f77fd6 firefox: statically define a few bookmarks 2024-09-02 14:04:47 +00:00
Colin
c5e21546ff firefox: refactor: split addons into separate file 2024-09-02 13:57:53 +00:00
Colin
5eb597b133 programs: firefox: move to subdir 
then i'll split it into separate files fore easier management
 2024-09-02 13:41:11 +00:00
Colin
90f7953615 firefox: remove dead code 2024-09-02 13:29:11 +00:00
Colin
ab15d2a991 programs: replace gnome-disk-utility with gparted 
the latter *appears* to work better when sandboxed
 2024-09-02 12:02:32 +00:00
Colin
eba9bb3099 feeds: subscribe to Charles Stross blog 2024-09-02 11:38:47 +00:00
Colin
a39d705ff5 nix: fix NIXPATH to be free of symlinks 2024-09-02 11:29:58 +00:00
Colin
9d83f4cbf7 NetworkManager: reduce hardening options which broke IPv6 link-local addressing 
'ip -6 addr' should show an address even on networks which aren't
routable. /proc or /sys sandboxing was preventing this (with error messages logged to syslog).
 2024-09-01 23:13:30 +00:00
Colin
48fccebd1e iptables: temporarily disable sandbox 
it was overrestrictive
 2024-09-01 21:24:19 +00:00
Colin
8f4d4c97bc avahi: ensure that mDNS responses arent blocked by rpfilter 
this PROBABLY isnt necessary, but keep it here as i debug stuff at least
 2024-09-01 21:23:52 +00:00
Colin
0419e50cc3 upnp: fix rpfilter to support IPv6, too 2024-09-01 21:21:57 +00:00
Colin
cfa60ce41c common/fs: remove dead nfs code 2024-09-01 15:50:28 +00:00
Colin
942ca82445 assorted: hosts/common: remove unused module parameters 2024-09-01 15:49:15 +00:00
Colin
7d75b3c736 neovim: docs: suggest alternate mappings for nvim-cmp 2024-09-01 15:38:13 +00:00
Colin
38c6ecefa6 programs: ship camera debugging tools 2024-09-01 11:31:10 +00:00
Colin
c80aa813d9 neovim: ship GitMessenger plugin for git-blame-like functionality 2024-09-01 01:12:27 +00:00
Colin
4f6ea0938c neovim: Ctrl+Space to autocomplete 2024-09-01 01:00:37 +00:00
Colin
a4dbca48fe all: remove the UV_USE_IO_URING=0 patch (seemingly fixed by linux 6.9/6.10?) 2024-08-31 07:22:05 +00:00
Colin
b4f921ab04 programs: tangram: disable (i dont use it) 2024-08-31 07:13:39 +00:00
Colin
341b150254 feeds: unsubscribe Sam Harris 
he just kinda says the same thing over and over.
 2024-08-30 20:38:18 +00:00
Colin
1d79f3eacc papers: ship in place of Zathura as the default pdf viewer 2024-08-30 12:53:05 +00:00
Colin
73583d19d4 programs: nix: ship nixVersions.latest 
it gives better error messages, and i'm not seeing any regressions so far
 2024-08-30 09:37:56 +00:00
Colin
19e2e37105 mpv: sandbox with bunpen instead of bwrap 
it's far enough along to be actually working; though i likely give it a few more in-namespace capabilities than it really needs
 2024-08-29 20:14:30 +00:00
Colin
a2fa3727cc sane_sysvol: fix use of uninitialized volstr 
hey, that lua language server is pretty neat ^_^
 2024-08-29 11:43:19 +00:00
Colin
963a0ee56c mpv: setup profiles by which to tune youtube quality preferences and debanding 2024-08-29 10:17:53 +00:00
Colin
3417a9fd3f sanebox: remove the portal logic, and delegate it to manual handling by those few apps which truly need special casing 
it's a questionable responsibility to give to the sandbox itself (unless i also have the sandbox do things like dbus proxying, someday). and it will make the bunpen implementation simpler
 2024-08-27 11:00:15 +00:00
Colin
83ef250a34 neovim: fix lints 2024-08-26 20:47:18 +00:00
Colin
59ba9e4853 neovim: disable ltex-ls plugin 2024-08-26 20:46:32 +00:00
Colin
93159485fa neovim: integrate LSP for lua, LaTeX, html, markdown, nix, OpenSCAD, Rust, js/TypeScript :) 2024-08-26 16:49:00 +00:00
Colin
e1f5a55bca neovim: enable bash and python language servers 2024-08-26 14:06:49 +00:00
Colin
ea2739f86c neovim: enable "which-key" plugin 2024-08-26 14:06:49 +00:00
Colin
3c9ff16108 neovim: simplify plugin config schema 2024-08-26 14:06:49 +00:00
Colin
0787a3a50e neovim: split plugin configs into their own file 2024-08-26 14:06:49 +00:00
Colin
446e614e9a neovim: split vimrc into own file 2024-08-26 14:06:49 +00:00
Colin
afd0ec09a1 nixfmt-rfc-style: ship 2024-08-26 14:06:49 +00:00
Colin
ae8e9267c4 nixpkgs: 0-unstable-2024-08-21 -> 0-unstable-2024-08-25 2024-08-26 08:15:49 +00:00
Colin
5f35eaccd9 programs/host: sandbox with bunpen instead of landlock 
this just acts as a good proof-of-concept / testing it in the wild
 2024-08-23 16:00:31 +00:00
Colin
c86d893a2c modules/programs: sandbox: allow method = "bunpen" 2024-08-23 16:00:31 +00:00
Colin
c5ed1263dc feeds: subscribe to justine.lol 2024-08-23 16:00:31 +00:00
Colin
45ff21822a feeds: sub JRE (we'll see how long this lasts...) 2024-08-23 06:09:33 +00:00
Colin
9b11b64349 haredoc: ship 2024-08-22 09:00:14 +00:00
Colin
a9cc0f28e2 feeds: subscribe to linuxdevtime podcast 2024-08-22 07:19:37 +00:00
Colin
e78907b88b curlftpfs: remove -o interface... option and patch curl instead 2024-08-21 10:20:09 +00:00
Colin
04c41f6045 alsa-ucm-conf: make clear which data i last updated everything 2024-08-21 08:26:50 +00:00