88f1d63b6e
firefox: properly integrate xdg-desktop-portal for opening media
2024-02-15 11:36:50 +00:00
d36e269edd
programs: loupe: remove the dbus services to make it work with Firefox
2024-02-15 11:36:24 +00:00
40af8b95fd
pkgs.rmDbusServices: also remove dbus properties from .desktop files
2024-02-15 11:35:52 +00:00
582a003739
programs: waybar: fix battery indicator within sandbox
2024-02-15 10:35:24 +00:00
df60be8c61
open-in-mpv: sandbox with bwrap
2024-02-15 09:49:03 +00:00
e8b4c36442
programs: nautilus: specify inode/directory mime association
2024-02-15 09:48:26 +00:00
2f699737f5
firefox: fix open-in-mpv integration
...
two parts: add open-in-mpv's config to firefox's sandbox; patch open-in-mpv to forward to xdg-open
2024-02-15 09:14:57 +00:00
4a3d24be3f
waybar: migrate all config to "sane.programs"
2024-02-15 07:18:12 +00:00
10feb319fe
sway: lift waybar to own file and sandbox it
2024-02-15 02:33:40 +00:00
fde1e5d872
README: add a graphic
2024-02-15 01:01:31 +00:00
b2fcf6fdfd
programs: messengers (fractal, signal, dino, tuba): add media libraries to the sandbox
2024-02-15 00:49:24 +00:00
dcc2eb265d
programs: re-enable sandbox for tumiki-fighters and losslesscut (X applications)
2024-02-15 00:09:40 +00:00
5f1036118f
modules/programs: sandboxing: add a "whitelistX" option
2024-02-15 00:09:16 +00:00
8ac4869f10
gpodder-adaptive: fix meta.position and thereby fix NUR eval
...
idk why it broke. seems that attrset members (passthru.*) don't preserve their position anymore
2024-02-14 23:39:18 +00:00
226425bbef
nixpkgs: 2024-02-13 -> 2024-02-14; sops-nix -> 2024-02-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/013603a52da98fe4abf15a5700479a58fa5899a5' (2024-02-13)
→ 'github:nixos/nixpkgs/52e165035c897a7b41ff26bc235f8d841e9d3850' (2024-02-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c' (2024-02-13)
→ 'github:nixos/nixpkgs/c0a130d16b170f4820c3d2ed294a7aaabf451bfd' (2024-02-14)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/695275c349bb27f91b2b06cb742510899c887b81' (2024-02-12)
→ 'github:Mic92/sops-nix/48afd3264ec52bee85231a7122612e2c5202fa74' (2024-02-13)
```
2024-02-14 22:50:47 +00:00
518c3afd07
programs: sandbox: disable losslesscut/tumiki-fighters sandbox until i can figure out Xwayland
2024-02-14 14:37:59 +00:00
90dee85664
programs: sort alphabetically
2024-02-14 14:28:22 +00:00
26fc283fd9
programs: losslesscut: sandbox
2024-02-14 14:26:56 +00:00
d0430ce1e9
programs: pavucontrol/pwvucontrol: enable audio devices inside the sandbox
2024-02-14 14:26:56 +00:00
368a52b91e
programs: speedtest-cli: sandbox with bwrap
2024-02-14 14:26:56 +00:00
d90dacee1f
programs: grimshot: sandbox with bwrap
2024-02-14 14:17:41 +00:00
a6e2b3bc5c
programs: xdg-terminal-exec: disable sandbox
2024-02-14 14:11:35 +00:00
8863a3c674
programs: wob: sandbox with bwrap
2024-02-14 14:10:20 +00:00
fa8d6dbb9f
programs: wob: fix config substitution
2024-02-14 14:04:54 +00:00
e5e79a6b60
programs: FileMimeInfo: disable sandbox
2024-02-14 13:54:21 +00:00
95f7eeeb5c
programs: libnotify: sandbox with bwrap
2024-02-14 13:49:48 +00:00
29d638c68b
programs: dig: sandbox with bwrap
2024-02-14 13:47:44 +00:00
7d22a5466f
programs: zsh: fix "switch" function to be friendly to sandboxing
2024-02-14 13:45:56 +00:00
b747742e23
flake: implement "deploy.self" app as replacement for nixos-rebuild switch
2024-02-14 13:45:15 +00:00
5907d9fa42
Revert "xdg-desktop-portal-gtk: build without support for notifications"
...
This reverts commit c9e02bfd8a
.
disable notifications at this level did not cause fractal (gtk app) to
send its notifications to swaync. instead, it still tried to deliver to
the Portal, where the Portal wasn't expecting anything and just returned
an error to fractal.
setting `GNOTIFICATION_BACKEND = "freedesktop"` seems to be the correct
way to get gtk apps to behave as desired with their notifications.
2024-02-14 11:09:37 +00:00
67fe8d4666
swaync: propagate GNOTIFICATION_BACKEND = "freedesktop"
to all users
2024-02-14 11:09:20 +00:00
22ca253ae0
modules/programs: better document the env
option
2024-02-14 11:08:43 +00:00
c9e02bfd8a
xdg-desktop-portal-gtk: build without support for notifications
2024-02-14 10:51:18 +00:00
03b58b3cab
programs: vim: support system copy/paste inside of sandbox
2024-02-14 09:11:31 +00:00
ae01c17c05
programs: splatmoji: fix to work inside a sandbox again
2024-02-14 09:11:12 +00:00
677e6e679b
programs: sandbox {s,}waylock lockscreen
2024-02-14 08:48:03 +00:00
3eb47a9a8d
programs: swaylock: *partially* sandbox with capsh
2024-02-14 05:46:36 +00:00
f11e443678
programs: waylock: *partially* sandbox with capsh
2024-02-14 05:46:28 +00:00
9faf1bb52c
README: document the sandboxing feature of my "programs" module
2024-02-14 05:24:48 +00:00
e599724811
README: use consistent tab width (2 spaces)
2024-02-14 05:18:43 +00:00
c0b03950dc
README: format links to local files in a way that markdown will render them
2024-02-14 05:16:59 +00:00
8f8ec090c4
programs: add "waylock"
2024-02-14 05:01:33 +00:00
e174eaeff0
programs: loupe: fix sandboxing
2024-02-14 04:32:10 +00:00
8b32f2f231
modules/programs: add support for 'autodetectCliPaths = parent'
2024-02-14 04:31:59 +00:00
f12b7afa1e
programs: mimeo: dont sandbox
2024-02-14 01:51:26 +00:00
080bd856ec
programs: sandboxing: only permit wayland socket access to those specific apps which require it
2024-02-14 01:49:49 +00:00
548a95a7e1
modules/programs: sandboxing: unshare ipc/cgroup/uts by default
2024-02-14 01:48:59 +00:00
2d7c5b9fa5
programs: mpv: explicitly add Videos/servo, Books/servo to sandbox
2024-02-13 15:38:57 +00:00
e696cb96b6
nixpkgs: 2024-02-12 -> 2024-02-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f176844192a0b4ab719dffd91fcf356fc24ccbff' (2024-02-12)
→ 'github:nixos/nixpkgs/013603a52da98fe4abf15a5700479a58fa5899a5' (2024-02-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/b05b56d24858cfbc2064bda18d00a242bed5ddfb' (2024-02-12)
→ 'github:nixos/nixpkgs/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c' (2024-02-13)
```
2024-02-13 12:54:00 +00:00
83cb29aeeb
xdg-utils: re-add mimetype
package
2024-02-13 12:31:04 +00:00