bc15a876ff
programs: place TMPDIR on ephemeral storage for select programs which demand a lot of it
2024-12-17 10:26:34 +00:00
e145a8f003
assorted: remove the mesa cache for apps which aren't using it
2024-12-16 01:30:32 +00:00
cec413720e
programs: change the default mesa persistence directory
2024-12-16 00:08:27 +00:00
08ca65c2a4
programs: persist mesa dirs for every wayland application
...
this is certainly *not* perfect (it incorrectly persists some wayland utils like wtype; it has the wrong name for e.g. grimshot), but it's a good start
2024-12-16 00:06:31 +00:00
a0ade73638
modules/programs: allow using custom mesa cache dirs, when sandboxed
2024-12-15 23:31:50 +00:00
3da9874176
bunpen: kill --bunpen-{home,run}-path in favor of shell-style expansion/parameterization
2024-12-15 23:03:52 +00:00
db4e79fde8
modules/persist: support nested persistence
...
especially, support persisting 'parent' and 'parent/child' to the same backing store
this is mechanically the same as persisting parent, and ensuring parent/child gets created, but explicit support will allow for automating the persistence of more things which *might* be subdirs of other persisted items (e.g. ~/.cache/my-program/mesa_shader_db)
2024-12-14 12:08:40 +00:00
4788170e8a
programs: ensure gnome-keyring is started before the things which need it
...
notably, this seems to ensure dissent reliably logs on at start
2024-12-14 02:06:14 +00:00
13bc81fb6a
programs: patch udev rules more effectively
2024-12-09 23:13:22 +00:00
ebb7d0b4e1
treewide: replace runCommandLocal with runCommand + preferLocalBuild
...
the former prevents all substitution; the latter is just a hint to Nix on how to prioritize available builders
2024-12-09 10:35:24 +00:00
9d32e199ea
vpn: formatting fixes
2024-12-08 23:12:50 +00:00
6af75f470c
hickory-dns: simplify further by exposing configFile in nixpkgs
2024-12-08 00:54:21 +00:00
5362fc9276
hickory-dns: simplify config, push the zonedir into nixpkgs upstream attrs
2024-12-08 00:34:42 +00:00
ec1d573ddb
ollamaPackages.athene-v2-72b-q2_K: init
...
this is a tuned version of qwen
2024-12-05 22:11:08 +00:00
b0059e74dc
ollama: add new models: qwq-32b (from the qwen team), marco-o1 (also from Alibaba)
2024-12-05 21:46:04 +00:00
2d40717d04
xdg-desktop-portal: simplify the plumbing of .portal files; no more ~/.config/xdg-desktop-portal/portals
2024-12-05 08:21:24 +00:00
2afc99bd00
xdg-desktop-portal: allow spawned processes to survive service restarts
2024-12-05 03:36:58 +00:00
532194b862
servo: speculative wg tunnel fix
2024-12-03 04:49:24 +00:00
08c5f5661f
modules/netns: make the wg port optional
2024-12-03 04:23:53 +00:00
fc239cfa34
modules/programs: support mime.priority when handling duplicated env keys
2024-12-03 02:18:48 +00:00
de182e117d
modules/programs: enable even more /dev/video devices inside the relevant sandboxes
2024-11-29 18:33:35 +00:00
02286a24ba
modules/programs: add more /dev/video devices required by pinephone-pro rear camera
2024-11-29 18:29:35 +00:00
6be6c08e7c
servo: hardcode the doof/ovpns listen ports, and forward them through the NAT
2024-11-25 18:07:37 +00:00
3ed0ff6611
netns: make it *slightly* more debuggable
2024-11-25 15:55:23 +00:00
a84cf3dd90
podcasts: subscribe to Chris Chinchilla - Tech Lounge
2024-11-25 11:10:28 +00:00
3669780afe
podcasts: Sustain OSS: subscribe
2024-11-25 10:54:26 +00:00
e1a6f09667
buffyboard: acquire from upstream nixpkgs PR
2024-11-25 10:44:56 +00:00
4405f1bed0
buffyboard: push upstream (out for PR)
2024-11-25 10:05:00 +00:00
cee29af431
buffybox: 3.2.0-unstable-2024-10-05 -> 3.2.0-unstable-2024-11-10
2024-11-25 07:15:05 +00:00
f63c8a490e
feeds: subscribe to Matt Stoller - Organized Money
2024-11-23 17:26:42 +00:00
5788edbbc5
feeds: subscribe to Innuendo Studios
2024-11-14 14:25:16 +00:00
7b88c9c644
sane.fs: dont have local-fs.target depend on any of my (persistence) bind mounts
...
otherwise it's too easy for local-fs to hang (/mnt/persist/private), or fail (/mnt/pool), and i lose critical things like *networking*
this was only working because on servo the /mnt/persist/private deps caused a cycle and systemd just _removed_ local-fs.target
2024-11-13 12:05:31 +00:00
fed25f44d5
dyn-dns: allow services to subscribe *only* to change events, and not require DNS always be available
...
also switch back exclusively to UPnP / local source of trust
2024-11-12 04:06:24 +00:00
6513d927d4
hickory-dns: allow empty DNS substitutions, and handle those by filtering out the corresponding record
2024-11-12 04:05:25 +00:00
4779ad8f41
dyn-dns: better implementation
2024-11-12 02:31:50 +00:00
2134a9c738
WIP: dyn-dns: try a smarter trigger scheme, but im getting weird "resource" errors with systemd path units
2024-11-12 01:09:23 +00:00
5aa6c9b8c7
dyn-dns: when DNS changes, restart immediately instead of blocking on another dyn-dns.service query
...
the new behavior though causes dyn-dns consumers to be started even before we've learned the IP. that sort of matches the semantics of the module though. not sure the best design yet
2024-11-11 23:41:58 +00:00
388c58f656
servo: slim dependencies so that local-fs.target can be reached even if my media drives are inaccessible
...
this means some services which need access (like sftpgo) fail to start if the drive is unavailable
2024-11-11 20:40:13 +00:00
f3ee312dad
modules/ssh: start sshd as early in the boot as possible
...
this allows more scenarios to be recoverable
2024-11-11 20:35:47 +00:00
ec5e8a3269
netns: simplify the host -> netns response tunneling
...
i don't actually need any route table that's higher priority than 'local'
2024-11-11 11:02:42 +00:00
f6369bce8d
servo: doof: dont proxy DNS inside the net namespace
2024-11-11 02:46:06 +00:00
309bd04037
modules/netns: rename options for better grouping
2024-11-11 02:37:00 +00:00
23913c9cd2
netns: configure the device in a way that should allow named endpoints to be resolved outside the netns
2024-11-11 02:19:00 +00:00
2684b3c1aa
wg-home: re-enable keepalives
...
this should fix some of the flakiness i've seen when deploying moby?
2024-11-10 16:19:07 +00:00
2ed633cfe8
wg-ovpns/doof: port from networking.wireguard -> sane.netns
2024-11-10 15:48:43 +00:00
2962f2dc21
refactor: modules/netns.nix
2024-11-10 14:00:29 +00:00
cd870e70cd
hickory-dns: use upstream package, unpatched
...
I don't need the recursive resolver patches anymore
2024-11-10 05:56:09 +00:00
c30929e1a6
servo: switch to unbound for local DNS provider
2024-11-10 05:53:17 +00:00
e2dfbfe829
kiwix-serve: fix service sandboxing typo (ReadPaths -> ReadOnlyPaths)
2024-11-10 05:07:13 +00:00
5d1549bbeb
hickory-dns: update comment about status of upstream hickory-dns
2024-11-08 08:09:13 +00:00
