e4bcbab224
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
2024-06-02 11:22:03 +00:00
8657cf1fcf
ship ausyscall
binary
2024-06-01 12:17:08 +00:00
05986d363d
brightnessctl: fix udev rules so i can run it again
2024-06-01 12:02:24 +00:00
539d9e45a2
networkmanager/modemmanager: ship separate packages for the daemon and CLI tools
...
they require fundamentally different sandboxing approaches. the daemon *can't* always use bwrap if it wants to run as non-root. meanwhile the CLI tools would mostly *prefer* to run under bwrap.
in the long term i'll maybe upstream the systemd sandboxing into nixpkgs, where there looks to be desire for it
2024-05-31 23:26:16 +00:00
2789868703
seatd: split out of sway conf
2024-05-29 16:22:52 +00:00
c570b7bf5d
dbus: manage it ourselves instead of having systemd do it
2024-05-29 11:30:33 +00:00
95dc395925
hosts/modules/gui/theme: lift my sway background up into its own package
2024-05-28 15:48:37 +00:00
2ee39ca0cc
poly_unfill: remove /run/wrappers/bin/unix_chkpwd
...
non-privileged users don't need to check passwords
well, maybe they do (for desktop unlockers), but i've already solved that :)
2024-05-26 06:37:59 +00:00
b035d312aa
firejail: purge
2024-05-25 10:21:31 +00:00
5619bb3334
pkgs: ship gst-device-monitor binary
2024-05-19 10:40:15 +00:00
1b24bd50f9
errno: ship
2024-05-19 00:21:30 +00:00
c987f13ef0
calls: split callaudiod out and run it manually
2024-05-18 07:14:42 +00:00
adfaa7f9c1
sane-sandboxed -> sanebox
2024-05-15 01:41:40 +00:00
3557994cbb
gnome-clocks: fix sound an sandboxing artifacts
2024-05-14 01:21:37 +00:00
eadf85f66d
sane-open: associate as the default launcher for .desktop files
2024-05-12 17:41:00 +00:00
a1625ea41d
programs: ship zulip
2024-05-04 08:28:48 +00:00
4ce951bbed
wpa_supplicant: re-enable
2024-04-27 10:34:25 +00:00
f784550b9b
networkmanager: migrate from nixpkgs service to my own
2024-04-27 09:51:55 +00:00
1f2bbd4aec
refactor: split modemmanager stuff into own file
2024-04-27 08:32:15 +00:00
19115dfb65
eg25-control: port to s6 (hopefully)
2024-04-26 21:44:13 +00:00
9481131daf
pipewire: sandbox with landlock (so that rtkit integration works) and split rtkit into own file
2024-04-23 09:08:05 +00:00
a59a7b5346
feeds: podcasts: add Tech Tales
2024-04-19 21:46:03 +00:00
de2c3a30ff
programs: ship lftp ftp client
2024-04-18 04:17:10 +00:00
0385c09f23
sane-sandboxed: split out into an actual package
2024-04-15 18:57:22 +00:00
feb36d19ac
programs: ship cups
2024-04-14 03:33:55 +00:00
dd58ba8b00
gvfs: enable as part of nautilus, not sway
2024-04-13 20:29:24 +00:00
0a888e205e
programs: ship objdump
2024-04-13 20:29:24 +00:00
907933612d
htop: statically populate config
2024-04-06 23:41:59 +00:00
1c2a375b6d
common/fs: split curlftpfs into sane.programs
...
this makes it easier to build outside of /etc/fstab context, and opens a future path to sandboxing
2024-04-01 00:50:14 +00:00
f680a4a25c
engrampa: patch the package via sane.programs, not nixpkgs overlay
2024-03-24 07:44:30 +00:00
5b83d4d944
s6-rc: patch to use /run/user/$id/s6 as the default live dir
2024-03-23 20:52:42 +00:00
d199e9df99
programs: wob (and wob-audio): remove
...
i don't use it, and its service file was no longer compatible with s6 (it used 'environment')
2024-03-21 17:16:11 +00:00
0a6b0cbec7
gtkcord4: rename to dissent
2024-03-21 17:16:01 +00:00
23b87a283a
swaync: move to own directory
2024-03-13 08:17:14 +00:00
bf953fbdb5
mpv: move to own dir
2024-03-12 03:27:20 +00:00
c1edf96ce0
blast-ugjka: introduce a helper blast-to-default
program
2024-03-11 11:43:29 +00:00
9f8e42ef92
fcitx5: enable
2024-03-11 07:44:21 +00:00
180a217744
cleanup: remove unnecessary config = { ... }
scope
2024-03-11 04:31:11 +00:00
f8797a77ff
blast: ship it!
...
TODO: integrate into mpv :)
2024-03-10 04:09:34 +00:00
df98ef30e0
sysvol: integrate as a service (sane.programs)
2024-03-08 11:53:13 +00:00
7281b94e23
deadd-notification-center: add to sane.programs
...
this is the bare, nearly-default config. i may come back to this,
or explore fixing swaync up into shape. deadd looks possibly a bit more
limited; needs much more effort to style.
2024-03-08 04:06:18 +00:00
1d0458ab10
schlock: ship as sane.programs
2024-03-07 10:10:39 +00:00
bd27f3a015
swayidle: enable; pair with swaylock
2024-03-06 20:55:01 +00:00
a7567dfbe6
ship celeste64
2024-03-06 04:56:39 +00:00
bc0660b623
PDF viewer: evince -> zathura
2024-03-06 04:51:01 +00:00
d43cc6c61c
alsa-ucm-conf: fold the Pinephone patches into sane.programs.alsa-ucm-conf & distribute to all hosts
2024-03-05 00:28:07 +00:00
6b45589e54
wireplumber: ensure ALSA_UCM_CONF2 env var is on PATH
...
this is critical for pipewire/wireplumber to work on moby
2024-03-03 04:43:11 +00:00
a7bd831ad8
sane-screenshot: port to sane.programs
2024-03-02 06:14:05 +00:00
083f743c1f
remove nixpkgs less
defaults and manage PAGER myself
...
this lets me avoid the lesspipe cross failures, notably
2024-02-29 15:18:51 +00:00
6253d1799a
port sxmo_hook_inputhandler.sh -> sane-input-handler
...
this one can run outside the SXMO environment.
major thing missing at the moment is that rofi doesn't get volume
control inputs because bonsai out-competes it for exclusive control.
2024-02-29 01:26:38 +00:00