colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
9,342 Commits 141 Branches 1 Tag
713e7247b35e6544a3b154c80454716bee6b7363
Commit Graph

9342 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Colin
713e7247b3 bunpen: add prototype xdg-dbus-proxy to git 2025-01-02 14:05:23 +00:00
Colin
ee57b94658 bunpen: pasta: better isolate 
it still runs in the same user namespace as the main sandboxer.

it's technically possible to also unshare the user ns, but would appear to require an additional process
 2025-01-02 11:49:02 +00:00
Colin
3fc6571294 programs: don't persist mesaCacheDir by default 
and explicitly add it to every program that uses mesa.

wow, that's a *lot*
 2025-01-02 05:36:19 +00:00
Colin
863468e402 programs: remove old fontconfig persistence/references 2025-01-02 03:09:17 +00:00
Colin
1c87ef5625 feeds: fix rephonic link 2025-01-02 02:28:05 +00:00
Colin
cfc2a2fc80 feeds: podcasts: add name comments where previously missing 2025-01-02 02:16:02 +00:00
Colin
3a09943a19 feeds: unsubscribe from Last Week in AI: each individual ep is not nearly info-dense enough 2025-01-02 02:12:59 +00:00
Colin
4cf3889d7a feeds: unsubscribe from Atlast Obscura; low signal/noise 2025-01-02 02:11:52 +00:00
Colin
63cc309cfd feeds: podcasts: subscribe to This Wont Last 2025-01-02 02:07:48 +00:00
Colin
a02be29c02 feeds: podcasts: subscribe to History 102 2025-01-02 02:06:32 +00:00
Colin
332c2b3493 feeds: podcasts: subscribe to Econ 102 w/ Noah Smith 2025-01-02 02:05:12 +00:00
Colin
737ac7329b feeds: subscribe to ChinaTalk podcast 2025-01-02 01:58:17 +00:00
Colin
54e6b62778 feeds: unsubscribe from Sustain OSS 2025-01-02 01:58:16 +00:00
Colin
002286e1ea feeds: subscribe to Ben+Marc podcast 2025-01-02 01:58:16 +00:00
Colin
5a487c18db xdg-terminal-exec: add a TODO for removing an override 2025-01-02 00:14:52 +00:00
Colin
0de134e208 nixpkgs: 0-unstable-2024-12-30 -> 0-unstable-2025-01-01 2025-01-02 00:14:39 +00:00
Colin
05a7bad26c uassets: 2024-12-21 -> 2024-12-30 2025-01-01 22:19:34 +00:00
Colin
c47f4179a0 python3-repl: enable numpy/scipy 2025-01-01 00:55:17 +00:00
Colin
6b0a78bee0 pipewire: remove upstreamed libcamera patch 2024-12-31 07:32:31 +00:00
Colin
7093385f98 programs: integrate nvimpager into man to make text reflow correctly 
also get marginally better syntax highlighting! the cursor movements are a little strange, but overall net improvement
 2024-12-30 20:25:45 +00:00
Colin
fee5c7042b firefox: add aur search shortcut 2024-12-30 17:42:21 +00:00
Colin
4d54877776 sops-nix: assets-unstable-2024-12-18 -> assets-unstable-2024-12-29 2024-12-30 17:09:09 +00:00
Colin
fdf038bf90 uassets: 0-unstable-2024-12-24 -> 0-unstable-2024-12-30 2024-12-30 17:09:09 +00:00
Colin
3ed002ea88 programs: less: enable color highlighting 2024-12-30 17:09:09 +00:00
Colin
0a9e5b9f68 bunpen: pasta: share /proc/self/ns/net with pasta in a way that will be friendlier to sandboxing 2024-12-30 16:58:26 +00:00
Colin
2d989327f7 todo.md: sync 2024-12-30 16:40:33 +00:00
Colin
ce447cf674 gpodder-adaptive: 3.11.4+1 -> 3.11.5+1 2024-12-30 14:35:13 +00:00
Colin
2b1637652a megapixels-next: 2.0.0-alpha1-unstable-2024-12-24 -> 2.0.0-alpha1-unstable-2024-12-27 2024-12-30 14:35:13 +00:00
Colin
64b7a75664 rofi-snippets: remove dependency on non-wayland rofi 2024-12-30 14:35:13 +00:00
Colin
d18cd69536 nixpkgs-bootstrap: 0-unstable-2024-12-29 -> 0-unstable-2024-12-30 2024-12-30 14:35:13 +00:00
Colin
da27a0e857 bunpen: pasta: fix to send the full 4bytes of the netns fd across the pipe 2024-12-30 13:46:40 +00:00
Colin
93782cd71c bunpen: pasta: share the netns via fd instead of path 
this *should* allow for operation even when the sandboxed program wants access to all of / and we therefore can't make files like /bunpen-private/netns

however it may complicate future sandboxing efforts, as it requiires the child to read fd's from the parent
 2024-12-30 13:35:31 +00:00
Colin
42ac5353f1 bunpen: use /proc/self/fd in place of /dev/fd 
/dev/fd just symlinks to /proc/self/fd, hence using /proc/self requires strictly fewer resources (e.g., it's safe to unmount /dev now)
 2024-12-30 09:22:25 +00:00
Colin
5c0418ac6a sane-vpn: find vpn configs, even when running under sudo 2024-12-30 08:18:58 +00:00
Colin
fc8a6a2144 BIND: disable IPv6 
this makes it work (more reliably, at least) inside sane-vpn
 2024-12-30 08:17:07 +00:00
Colin
acd20e23d9 common: net: switch DNS resolver from unbound to BIND 2024-12-30 07:29:01 +00:00
Colin
424f61f782 WIP: enable BIND DNS recursive resolver 2024-12-30 03:15:42 +00:00
Colin
d2540f97ee matrix-synapse: fix build 2024-12-29 16:14:56 +00:00
Colin
d7be319067 coturn: fix build 2024-12-29 16:14:42 +00:00
Colin
43df4e1574 mesa cross fix: push patch upstream 2024-12-29 16:14:27 +00:00
Colin
2a6ed9adb9 nixpkgs-bootstrap: 0-unstable-2024-12-28 -> 0-unstable-2024-12-29 2024-12-29 16:14:09 +00:00
Colin
925d49efcc curlftpfs-sane: fix version 0 -> 0.9.2 2024-12-29 16:13:19 +00:00
Colin
3fe4831f89 common/quirks: remove dead UV_USE_IO_URING=0 libuv/neovim patch 2024-12-29 16:12:38 +00:00
Colin
38372c60a1 stepmania: replace with itgmania, since the former no longer builds 2024-12-29 15:25:07 +00:00
Colin
3815f069fa nixpkgs-bootstrap: patch to fix mesa cross compilation 2024-12-29 12:56:47 +00:00
Colin
bd647bd62b cross: disable hyprland-qtutils, to fix the system build 2024-12-29 12:56:21 +00:00
Colin
4606b00b73 nixpkgs-bootstrap: 0-unstable-2024-12-26 -> 0-unstable-2024-12-29 2024-12-29 10:30:33 +00:00
Colin
f7ee19042e nixpkgs-bootstrap.staging: fix hash 2024-12-28 23:56:08 +00:00
Colin
4ad470469f scripts/update: pass through nix flags like --show-trace 2024-12-28 14:13:48 +00:00
Colin
8585c7ce4b overlays/preferences: prefer binary electron (for element-desktop) over from-source electron 2024-12-27 10:17:05 +00:00