colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
6,208 Commits 125 Branches 1 Tag 12 MiB
41bc4ac7b4
Commit Graph

290 Commits

Author SHA1 Message Date
Colin
adfaa7f9c1 sane-sandboxed -> sanebox 2024-05-15 01:41:40 +00:00
Colin
3557994cbb gnome-clocks: fix sound an sandboxing artifacts 2024-05-14 01:21:37 +00:00
Colin
be84ab1f45 programs: set buildCost=1 for assorted low-priority programs 2024-05-13 22:45:33 +00:00
Colin
43d32641f3 programs: buildCost: introduce a new level between min and light 2024-05-13 22:45:33 +00:00
Colin
eadf85f66d sane-open: associate as the default launcher for .desktop files 2024-05-12 17:41:00 +00:00
Colin
32e06ce998 programs: gnome-disk-utility: grant sandbox access to ~/tmp 2024-05-06 05:15:28 +00:00
Colin
b7dd40e558 sane-open-desktop -> sane-open and have it auto-open/close the keyboard based on what an app wants 2024-04-30 19:22:37 +00:00
Colin
46d1a49f0f servo: enable sane-cast program 2024-04-29 21:50:03 +00:00
Colin
ae418fb2d1 valgrind: mark as not sandboxable 2024-04-23 09:08:05 +00:00
Colin
152a5d4c92 sane-cast: integrate with mpv 2024-04-23 07:52:48 +00:00
Colin
a000a722ba mpv: fix so sane-sysvol doesnt hang exit 2024-04-21 10:08:46 +00:00
Colin
4dfee58d09 sops: fix sandbox path 2024-04-20 21:43:13 +00:00
Colin
a59a7b5346 feeds: podcasts: add Tech Tales 2024-04-19 21:46:03 +00:00
Colin
de2c3a30ff programs: ship lftp ftp client 2024-04-18 04:17:10 +00:00
Colin
c08280589d lsof: fix sandboxing 2024-04-17 23:43:42 +00:00
Colin
62f5b9276f pwvucontrol: whitelist DRI inside the sandbox, for better perf 2024-04-16 20:49:33 +00:00
Colin
2587c27f89 font-manager: fix sandboxing 2024-04-14 21:55:52 +00:00
Colin
0a888e205e programs: ship objdump 2024-04-13 20:29:24 +00:00
Colin
4b22fd95bf introduce 'moby-min' host variant for the quickest deployment (no webkitgtk) 2024-04-13 20:29:24 +00:00
Colin
907933612d htop: statically populate config 2024-04-06 23:41:59 +00:00
Colin
b4877a488e discord: add media into sandbox 2024-04-06 09:36:55 +00:00
Colin
1c2a375b6d common/fs: split curlftpfs into sane.programs 
this makes it easier to build outside of /etc/fstab context, and opens a future path to sandboxing
 2024-04-01 00:50:14 +00:00
Colin
fb79ca4c8e programs: iproute: use a less restrictive sandbox 2024-03-26 10:54:29 +00:00
Colin
f680a4a25c engrampa: patch the package via sane.programs, not nixpkgs overlay 2024-03-24 07:44:30 +00:00
Colin
5b83d4d944 s6-rc: patch to use /run/user/$id/s6 as the default live dir 2024-03-23 20:52:42 +00:00
Colin
5205251f6f programs: xwayland: sandbox it without exposing net access 2024-03-23 15:33:23 +00:00
Colin
6c6e10e470 s6: install manpages 2024-03-21 17:16:11 +00:00
Colin
2336767059 port service manager to s6 
still a lot of cleanup to do (e.g. support dbus service types), but it boots to a usable desktop
 2024-03-21 17:16:11 +00:00
Colin
6595d177be gimp: fix sandboxing 2024-03-13 11:36:57 +00:00
Colin
f8797a77ff blast: ship it! 
TODO: integrate into mpv :)
 2024-03-10 04:09:34 +00:00
Colin
ed87792f9b sed: sandbox 2024-03-03 07:06:00 +00:00
Colin
8821b3ca7d procps: sandbox 2024-03-03 06:55:17 +00:00
Colin
3b603519ff fuzzel: sandbox (well, i probably dont even have it on my system anymore :P) 2024-03-02 07:43:42 +00:00
Colin
28cb705bd4 grim: sandbox 2024-03-02 07:11:45 +00:00
Colin
7fa1dbc5d5 slurp: sandbox 2024-03-02 07:11:45 +00:00
Colin
8b7575c205 swappy: sandbox 2024-03-02 07:11:45 +00:00
Colin
a7bd831ad8 sane-screenshot: port to sane.programs 2024-03-02 06:14:05 +00:00
Colin
2324d75165 switch psmisc -> killall 
otherwise a really shitty `pstree` makes its way onto my PATH
 2024-03-01 18:50:20 +00:00
Colin
daab5939e7 rofi: split sane-open-desktop out as a helper 2024-03-01 04:19:19 +00:00
Colin
083f743c1f remove nixpkgs less defaults and manage PAGER myself 
this lets me avoid the lesspipe cross failures, notably
 2024-02-29 15:18:51 +00:00
Colin
6253d1799a port sxmo_hook_inputhandler.sh -> sane-input-handler 
this one can run outside the SXMO environment.
major thing missing at the moment is that rofi doesn't get volume
control inputs because bonsai out-competes it for exclusive control.
 2024-02-29 01:26:38 +00:00
Colin
d8a8038cae xdg-terminal-exec: define a .desktop file 2024-02-29 00:17:26 +00:00
Colin
40e30cf2f8 programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that 2024-02-28 17:39:00 +00:00
Colin
812c0c8029 packages: reduce the number of packages which are using inplace sandbox wrapping 2024-02-28 17:35:40 +00:00
Colin
b302113fc0 modules/programs: require manual definition; don't auto-populate attrset 
this greatly decreases nix eval time
 2024-02-28 13:35:09 +00:00
Colin
8f424dcd5a programs: sandboxing: link /etc into sandboxed programs 
this is crucial for e.g. swaync, to find its resource files.
maybe a good idea to link *every* package directory which i also link
into /run/current-system.
 2024-02-27 22:25:17 +00:00
Colin
67536e3c1f programs: assorted: correct sandbox paths now that Pictures/Videos/Books are categorized 
i don't like this Pictures/ approach though. i may reconsolidate some of those
 2024-02-27 21:37:20 +00:00
Colin
5c7eceeb55 grimshot: move to own file 2024-02-27 14:54:53 +00:00
Colin
f2e1bb6b86 programs: python3-repl: sandbox 2024-02-25 18:52:55 +00:00
Colin
ca36fe1b96 programs: gnome.seahorse: sandbox 2024-02-25 12:03:42 +00:00