6da85f6d8f
flake: add a preDeploy target
2024-02-03 02:04:41 +00:00
2dc6da476b
flake: deploy app: remove the last call to nixos-rebuild
2024-02-03 01:42:54 +00:00
453f40d0a8
flake: sync photos from moby with "nix run .#sync.moby"
2024-02-03 00:54:04 +00:00
14b20fd9c2
programs: komikku: fix sandboxing
2024-02-03 00:52:17 +00:00
2df1b20f02
programs: epiphany: simplify the sandboxing
2024-02-03 00:44:23 +00:00
56e7e9a7cc
remove unused "default.nix.cmp" file
...
should have never been checked in
2024-02-03 00:18:33 +00:00
2f9fad503c
programs: fix sandboxing errors for programs which create files (notably: ffmpeg)
2024-02-03 00:17:54 +00:00
3439ca34b8
sane-sandboxed: add more autodetect options, and a "withEmbeddedSandboxer" package output (for dev)
2024-02-03 00:17:24 +00:00
24e6e6cacc
firefox-extensions.sidebery: downgrade 5.1.1 -> 5.0.0
...
release format is inconsistent; would need to build from-source to reliably use the latest version(s)
2024-02-02 23:26:14 +00:00
0ee9f2026c
sane-sandboxed: hopefully fix a problem with path normalization for paths with spaces
2024-02-02 22:56:43 +00:00
5e3c2636db
programs: make-sandboxed: handle packages which use relative links in bin (like spotify)
2024-02-02 22:38:36 +00:00
cd0a046776
dovecot: remove dead code
2024-02-02 20:47:55 +00:00
27edee0bbf
dovecot2: fix sieves
2024-02-02 20:47:20 +00:00
56734fe5da
mpv: add /dev/dri to the sandbox
2024-02-02 19:18:30 +00:00
832a572d56
firefox-extensions: bump to latest
2024-02-02 19:17:04 +00:00
3c96f6d418
programs: koreader: enable DRI in the sandbox, and use wrappedDerivation
2024-02-02 17:22:57 +00:00
86b23e8183
programs: fractal: enable DRI in sandbox
2024-02-02 17:19:35 +00:00
2bb9115f35
modules/programs: sandboxing: add "whitelistDri" option for gfx-intensive apps
2024-02-02 17:18:51 +00:00
065d045640
fix so sway inherits program env vars
2024-02-02 15:36:06 +00:00
d3eaa69261
lappy/desko: auto-start signal-desktop
2024-02-02 14:22:08 +00:00
6151eee8d5
programs (assorted): fix wantedBy = "default.target" to be more specific
...
now GUI apps aren't stuck in a restart loop until sway starts
in particular, signal-desktop can actually be autostarted
2024-02-02 14:21:57 +00:00
483a1d1780
sway: signal on launch to systemd that the graphical-session.target is ready
...
this allows auto-launching of other services which require a compositor (i.e. messaging apps)
2024-02-02 14:20:30 +00:00
567c7993b6
modules/programs: sandbox: allow mimeo config in any sandbox
2024-02-02 12:52:36 +00:00
f6eeab5650
nixpkgs: 2024-02-01 -> 2024-02-02
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/06002f375e1d20f1481abcb696a50f232202e7ac' (2024-02-01)
→ 'github:nixos/nixpkgs/1bfd22b6448ac4d407510bd37fe16d87a9dcb41b' (2024-02-02)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/fbba9b8f0b6364928f60ef1b97e686b569cdb64e' (2024-02-01)
→ 'github:nixos/nixpkgs/eef63ea04722d812a09a5974ed18c9761088a6e1' (2024-02-02)
```
2024-02-02 01:07:32 +00:00
2824671bde
tune nix deploy parameters (specifically for moby)
...
this is experimental; hard to understand immediately how significant are the effects
2024-02-02 00:50:25 +00:00
efcaef2c35
lappy/desko/servo: downgrade kernel 6.7 -> 6.6 (latest supported by zfs)
2024-02-01 16:21:46 +00:00
25707eb79e
servo: address deprecation warning: dovecot2.sieveScripts -> sieve.scripts
2024-02-01 15:47:56 +00:00
18679cd8c3
fix deprecation warnings: overrideScope' -> overrideScope
2024-02-01 15:44:46 +00:00
09923b60ea
moby: disable desko as nixcache
2024-02-01 15:41:43 +00:00
3100189172
purge supercap
...
i no longer have access to dispatch build jobs to it :((((
2024-02-01 15:36:37 +00:00
715ac42f13
remove samba from closure
...
current samba hangs during configurePhase. this is not the first time samba has failed to build. nor the third. purge it.
2024-02-01 15:28:40 +00:00
a9810e7343
re-ship linux 6.7 to lappy/desko/servo
...
now that landlock-sandboxer builds against the correct linux headers,
this can actually work.
2024-02-01 13:54:44 +00:00
4f352c5725
landlock-sandboxer: build against headers which match the sandboxer source
2024-02-01 13:53:39 +00:00
17f35a3619
linux-megous: 6.6.0 -> 6.7.2
2024-02-01 12:51:53 +00:00
89d4f3eec3
nixpkgs: 2024-01-29 -> 2024-02-01
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/aa476d3e0de89aeb67950a1bc76b4fd576c24505' (2024-01-29)
→ 'github:nixos/nixpkgs/06002f375e1d20f1481abcb696a50f232202e7ac' (2024-02-01)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a31b9bd76009c73a2f932fbdaa7145ac4a79544f' (2024-01-29)
→ 'github:nixos/nixpkgs/fbba9b8f0b6364928f60ef1b97e686b569cdb64e' (2024-02-01)
```
2024-02-01 11:32:36 +00:00
44419d71a5
lemmy-lemonade: init at 2023.10.29
2024-02-01 11:32:07 +00:00
02e597a862
fractal-nixified: 5 -> 6
2024-02-01 10:57:01 +00:00
00f995aec9
fixup landlock-sandboxer to work well for all systems
...
downgrade lappy/desko/servo back to default linux; zfs doesn't support latest
build landlock-sandboxer against the specific kernel being deployed; it's less noisy that way
2024-01-31 21:19:10 +00:00
368eb2c29b
programs: git: whitelist more repo roots
2024-01-31 21:17:48 +00:00
5f793523d1
ship linux 6.7 to lappy/desko/servo
2024-01-31 20:33:15 +00:00
33bee7ac2e
unl0kr: be a little more robust against bad password entry
2024-01-31 20:32:26 +00:00
84af8aca3c
unl0kr: remove debugging code
2024-01-31 20:10:57 +00:00
a0f00313a7
moby: disable signal-desktop autostart
2024-01-31 20:09:03 +00:00
6603115192
moby: disable getty auto-login
...
i think this interacts badly with unl0kr style logins, though
honestly kinda hard to tell if that was a fluke or real.
2024-01-31 19:47:24 +00:00
ac968e1589
sxmo: allow the option to disable greeter entirely
2024-01-31 19:46:37 +00:00
2d4fc4f274
landlock-sandboxer: build against latest compatible linux
2024-01-31 17:45:46 +00:00
1d72e13a98
sxmo: launch via unl0kr by default
2024-01-31 17:40:36 +00:00
d9667653e7
docs: sway: point out that one can launch sway directly from a TTY
2024-01-31 16:29:27 +00:00
8c6bf07102
todo.md: sync
2024-01-31 16:28:56 +00:00
634520a1e9
unl0kr: fix cross compilation
2024-01-31 16:23:55 +00:00