colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
4,655 Commits 125 Branches 1 Tag 12 MiB
3d763a0021
Commit Graph

4655 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Colin
3d763a0021 tor-browser-bundle-bin -> tor-browser 
upstream nixpgs just has tor-browser-bundle-bin as an alias for tor-browser
 2024-01-22 08:13:37 +00:00
Colin
ad474873e2 dovecot: fix unparseable config 
upstream/nixpkgs is doing some shit, ugh
 2024-01-22 08:09:37 +00:00
Colin
dd35136ac0 firejail: fix so /run/wrappers are available inside a jail 2024-01-22 07:18:50 +00:00
Colin
cfe6e9c20a nixpkgs: 2024-01-19 -> 2024-01-22 
```
• Updated input 'nixpkgs-next-unpatched':
    'github:nixos/nixpkgs/331c78971299375240001d946861951b6cc98176' (2024-01-19)
  → 'github:nixos/nixpkgs/dceddd03df4f840ea28c65887c199495793fb322' (2024-01-22)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/bbec4099302591a41304d360e3bab805e5ccc0be' (2024-01-19)
  → 'github:nixos/nixpkgs/8cccce637e19577815de54c5ecc3132dff965aee' (2024-01-22)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/87755331580fdf23df7e39b46d63ac88236bf42c' (2024-01-15)
  → 'github:Mic92/sops-nix/ae171b54e76ced88d506245249609f8c87305752' (2024-01-21)
```
 2024-01-22 04:05:59 +00:00
Colin
0f3f0933b1 mpv: sandbox with firejail 2024-01-22 03:50:28 +00:00
Colin
f8440e3811 go2tv: allow more ports through the firewall 2024-01-22 03:50:04 +00:00
Colin
829460a076 todo: update firejail/sandboxing tasks 2024-01-22 02:04:32 +00:00
Colin
9ecd0adcbe firefox: sandbox with firejail 
TODO: get it so open-in-mpv launches an mpv that has access to ~/.config/mpv

i guess this is the 'firejail url problem'
 2024-01-21 23:59:15 +00:00
Colin
ad92a2e158 programs: abort when no firejail profile is found for a program. 
in the future, i can whitelist specific binaries to omit their firejail
profiles.
 2024-01-21 04:32:49 +00:00
Colin
5f5891d241 programs: apply firejail profile to programs which are net isolated 2024-01-21 04:28:48 +00:00
Colin
cf475c4696 nicotine-plus: remove distro-specific symlink 2024-01-21 03:56:33 +00:00
Colin
992194a1f0 programs: achieve network sandboxing without "sane-vpn do" 2024-01-21 03:51:12 +00:00
Colin
bad6a7bfee programs: implement "default vpn" with native nix code instead of sane-vpn 2024-01-21 01:04:31 +00:00
Colin
66d5e204be vpn: enforce "id" restrictions 2024-01-21 00:57:46 +00:00
Colin
ce35330923 vpn.nix: factor into a proper module 
this will allow for better integration with 'sane.programs'
 2024-01-21 00:49:34 +00:00
Colin
bdab1aa7e3 firefox-extensions: update to latest 2024-01-20 21:30:15 +00:00
Colin
080c8dbe3d sane-bt-search: try to install some logging for a sporadic error 2024-01-20 21:19:18 +00:00
Colin
a31fe44624 sane-bt-add: handle https:// URIs which forward to magnet: 2024-01-20 21:18:58 +00:00
Colin
59187a0ec0 programs: allow running binaries in a netns-style firejail 2024-01-20 11:11:12 +00:00
Colin
03fbf42680 servo: lemmy: pict-rs: fix broken CLI argument 2024-01-20 03:15:06 +00:00
Colin
f3b2a98874 firejail: fix cross compilation 2024-01-20 03:14:32 +00:00
Colin
2e9084c9ef nixpkgs: 2024-01-14 -> 2024-01-19; sops-nix -> 2024-01-15 
```
• Updated input 'nixpkgs-next-unpatched':
    'github:nixos/nixpkgs/724e39ebb9b8eda97f17d423f66fbc5a991f4f8d' (2024-01-14)
  → 'github:nixos/nixpkgs/331c78971299375240001d946861951b6cc98176' (2024-01-19)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/6c08fe3ccf437d8b26bec010fd925ddd6bb0d0d5' (2024-01-14)
  → 'github:nixos/nixpkgs/bbec4099302591a41304d360e3bab805e5ccc0be' (2024-01-19)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/70dd0d521f7849338e487a219c1a07c429a66d77' (2024-01-14)
  → 'github:Mic92/sops-nix/87755331580fdf23df7e39b46d63ac88236bf42c' (2024-01-15)
```
 2024-01-20 03:14:32 +00:00
Colin
0907240fda sane-vpn: implement the "do" command, to run a program in a netns 2024-01-19 22:55:26 +00:00
Colin
7d670facd4 feeds: sort 2024-01-19 21:38:45 +00:00
Colin
61e5704fd6 feeds: unsub LW 
too verbose, and too many of y'all turned into authoritarians
 2024-01-19 21:38:14 +00:00
Colin
fd0723169f nix-serve: fix coredump loop 2024-01-19 21:34:45 +00:00
Colin
a725d42bf5 ip_forward: consolidate the options to fix servo build 2024-01-19 21:34:18 +00:00
Colin
c03cea2d4e net/vpn.nix: cleanup dead code 2024-01-19 09:58:13 +00:00
Colin
f43d6bff92 route VPN traffic such that i can configure any app to selectively use the VPN 
e.g. firejail --net=br-ovpnd-us-mi --noprofile --dns=46.227.67.134 getent ahostsv4 uninsane.org
 2024-01-19 09:54:01 +00:00
Colin
43a8ca90a7 feeds: add Cat and Girl 2024-01-16 19:12:25 +00:00
Colin
dac6046828 firefox-extensions: update to latest 2024-01-16 19:10:32 +00:00
Colin
e2a6ae22dc sxmo-utils: 2024-12-28 -> 2024-01-01 2024-01-16 19:10:08 +00:00
Colin
f2ee43d1ef delfin: 0.2.1 -> 0.3.0 2024-01-16 19:09:50 +00:00
Colin
3d80b46570 lemoa: 0.5.0 -> 0.5.1 2024-01-16 19:09:38 +00:00
Colin
e7d383604a signal-desktop-from-src: 6.42.0 -> 6.44.0 2024-01-16 19:09:25 +00:00
Colin
7d504892be servo: dovecot: fix broken sieve 2024-01-16 06:28:25 +00:00
Colin
d7a2bf9d26 servo: remove networking.useDHCP=false override 
seems likely that the change to systemd-networkd renamed the ethernet interface, and so eth0.useDHCP wasn't right. this change seems to restore networking
 2024-01-16 06:09:19 +00:00
Colin
d6184a7b6d sane-vpn: update to be compatible with newer systemd-network vpn implementation 2024-01-16 03:36:37 +00:00
Colin
851c15aa6d vpn: port ovpnd connections to use systemd-network 
this should allow better integration with e.g. systemd-run, in future
 2024-01-16 03:20:40 +00:00
Colin
c45898f903 WIP: wg-dev 2024-01-15 04:15:17 +00:00
Colin
0efec20904 hosts/common/net/vpn: remove unused "extraOptions" argument 2024-01-15 03:52:31 +00:00
Colin
2f04b563d1 nixpkgs: 2024-01-11 -> 2024-01-14 
```
• Updated input 'nixpkgs-next-unpatched':
    'github:nixos/nixpkgs/06797d4df4baaa51b229081083a88b92dac3ff7c' (2024-01-11)
  → 'github:nixos/nixpkgs/724e39ebb9b8eda97f17d423f66fbc5a991f4f8d' (2024-01-14)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/51f399ec47c082d678261883095bb8ad552e6500' (2024-01-11)
  → 'github:nixos/nixpkgs/6c08fe3ccf437d8b26bec010fd925ddd6bb0d0d5' (2024-01-14)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/c0b3a5af90fae3ba95645bbf85d2b64880addd76' (2024-01-10)
  → 'github:Mic92/sops-nix/70dd0d521f7849338e487a219c1a07c429a66d77' (2024-01-14)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/70bdadeb94ffc8806c0570eb5c2695ad29f0e421' (2024-01-03)
  → 'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)
```
 2024-01-15 01:32:07 +00:00
Colin
5b9c58dbc6 hosts/common: use servo-style dns on all machines 
it'll be handy as i want to place individual applications inside VPNs/namespaces
 2024-01-15 01:16:22 +00:00
Colin
a7964c4f0c hosts/common: net: split upnp config into own file 2024-01-15 01:12:09 +00:00
Colin
006a7e9f72 consolidate net-related stuff into hosts/common/net/ directory 2024-01-15 01:11:13 +00:00
Colin
3856710faf net: annotate the UPNP rule 2024-01-15 01:08:10 +00:00
Colin
6cbc0bedf3 ddns-he (HurricaneElectric): remove 
it's unused for a year
 2024-01-15 00:55:10 +00:00
Colin
fbc0c7615a ddns-afraid (afraid.org): remove 
it's unused for a year
 2024-01-15 00:54:41 +00:00
Colin
34bcdb5128 firefox: disable kinetic scrolling 2024-01-14 20:34:14 +00:00
Colin
a5c6e41622 feeds: subscribe to POD OF JAKE 2024-01-14 05:20:28 +00:00