colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
5,308 Commits 125 Branches 1 Tag 12 MiB
88a70b41f1
Commit Graph

5308 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Colin
6760fcf1f4 snippets: remove home-manager; add repology 2024-02-18 03:43:32 +00:00
Colin
a90898491e flake: fix "preDeploy" action mishandling null 2024-02-18 01:24:05 +00:00
Colin
059940d8e7 nixpkgs: 2024-02-16 -> 2024-02-17 
```
• Updated input 'nixpkgs-next-unpatched':
    'github:nixos/nixpkgs/0ec5bef772dc12003df7a55f7be1f7b8809f8b48' (2024-02-16)
  → 'github:nixos/nixpkgs/6caa6affcc4774c81467ed08fa3ec35da40fd1d9' (2024-02-17)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/1225df86908f6f5b23553e9d77da4df4bfdd58ef' (2024-02-16)
  → 'github:nixos/nixpkgs/28d6a724f54085377102db7c3278ba82a0a5255f' (2024-02-17)
```
 2024-02-17 17:18:38 +00:00
Colin
98aafead94 programs: wob: add missing "coreutils" dep 
it *should* be acquired via user's PATH, but wob-pulse can start before sway imports PATH to systemd
 2024-02-17 16:38:22 +00:00
Colin
cef2591425 modules/programs: sane-sandboxed: capshonly/landlock: don't request capabilities we know won't be granted 2024-02-17 16:30:18 +00:00
Colin
f8663cd827 programs: monero-gui: sandbox 2024-02-17 16:06:58 +00:00
Colin
af1ee1734d programs: wireguard-tools: sandbox 2024-02-17 15:54:16 +00:00
Colin
5375cab716 programs: ntfy-sh: sandbox 2024-02-17 15:47:47 +00:00
Colin
162b3f5674 imagemagick: don't add 'ghostscript' package to path 2024-02-17 15:45:50 +00:00
Colin
a729f91d21 programs: jq: add working sandbox criteria, but don't enable yet 
i need to handle the extremely common `cat foo | jq .` without adding
`.` to the sandbox
 2024-02-17 15:36:41 +00:00
Colin
a273b559e2 programs: gnome-disk-utility: sandbox 2024-02-17 15:36:28 +00:00
Colin
785b375671 programs: smartmontools (smartctl): sandbox 2024-02-17 15:36:13 +00:00
Colin
24cba0c856 programs: xq: remove 2024-02-17 15:30:23 +00:00
Colin
df1db5d01c programs: sox: sandbox 2024-02-17 15:27:22 +00:00
Colin
6749b64bca programs: nautilus: add mounted media to the sandbox 2024-02-17 15:26:49 +00:00
Colin
d3e4bdfcd5 programs: gdisk: fix sandboxing 2024-02-17 15:26:16 +00:00
Colin
799cd4373f programs: socat: disable 2024-02-17 15:11:12 +00:00
Colin
2efa6d1e27 programs: mepo: sandbox 2024-02-17 15:08:21 +00:00
Colin
a1470956a5 programs: gdisk: sandbox 2024-02-17 14:57:33 +00:00
Colin
556c20bc04 programs: vulkan-tools: sandbox 2024-02-17 14:53:22 +00:00
Colin
cf5f58dda6 programs: nmap: sandbox 2024-02-17 14:51:26 +00:00
Colin
fd30f7abbc dev-machines: disable broken ldd-aarch64 program 2024-02-17 14:47:28 +00:00
Colin
6f8c299c69 programs: xdg-desktop-portal: log more 2024-02-17 14:40:56 +00:00
Colin
bbf7aac062 programs: gnome-frog: sandbox 2024-02-17 14:40:42 +00:00
Colin
7d1fd2f30a programs: nvme-cli: sandbox 2024-02-17 14:40:29 +00:00
Colin
472987f164 programs: gimp: fix sandboxing failure 2024-02-17 13:43:35 +00:00
Colin
784c2145f3 programs: iputils: sandbox 2024-02-17 03:33:05 +00:00
Colin
4ced02b0b2 modules/programs: make-sandboxed: fix incorrect "priority" attribute 2024-02-17 03:32:49 +00:00
Colin
0000afb315 programs: make nixosBuiltins package set more precise 2024-02-17 03:08:14 +00:00
Colin
31fa21bd20 programs: host/iproute2/iw/nettools/wirelesstools: sandbox 2024-02-17 03:05:58 +00:00
Colin
9510817604 programs: document nixosBuiltins programs 2024-02-17 02:40:28 +00:00
Colin
4a84de3ee4 programs: inetutils/iptables: sandbox 2024-02-17 02:32:57 +00:00
Colin
ab42a4cc5a programs: qemu: disable sandbox 2024-02-17 01:43:58 +00:00
Colin
f6537b083a programs: discord: add dbus to sandbox 2024-02-17 01:42:22 +00:00
Colin
5ff1d014b8 servo: transmission: fix user agent 2024-02-17 01:35:40 +00:00
Colin
fa41e6c402 nixpkgs: 2024-02-14 -> 2024-02-16; uninsane-dot-org -> 2024-02-15 
```
• Updated input 'nixpkgs-next-unpatched':
    'github:nixos/nixpkgs/52e165035c897a7b41ff26bc235f8d841e9d3850' (2024-02-14)
  → 'github:nixos/nixpkgs/0ec5bef772dc12003df7a55f7be1f7b8809f8b48' (2024-02-16)
• Updated input 'nixpkgs-unpatched':
    'github:nixos/nixpkgs/c0a130d16b170f4820c3d2ed294a7aaabf451bfd' (2024-02-14)
  → 'github:nixos/nixpkgs/1225df86908f6f5b23553e9d77da4df4bfdd58ef' (2024-02-16)
• Updated input 'uninsane-dot-org':
    'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=4a1fa488e64e6c87c6c951e3fafb2684692f64d3' (2024-01-01)
  → 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=bb10cd8853d05191e4d62947d93687c462e92c30' (2024-02-15)
```
 2024-02-16 15:34:19 +00:00
Colin
1b4306e649 programs: switch bridge-utils, btrfs-progs from landlock -> bwrap 
landlock can't isolate net yet, so bwrap gives better sandboxing
 2024-02-16 15:32:41 +00:00
Colin
af8a8358bd programs: hdparm: sandbox 2024-02-16 15:32:41 +00:00
Colin
464c6c56c5 programs: btrfs-progs: sandbox 2024-02-16 15:32:41 +00:00
Colin
8e314e8b73 programs: bridge-utils: sandbox 2024-02-16 15:32:41 +00:00
Colin
198029f95f programs: netcat: sandbox 2024-02-16 15:32:41 +00:00
Colin
1d646459ab programs: pulsemixer: sandbox 2024-02-16 15:32:41 +00:00
Colin
8f3bab3636 programs: sort 2024-02-16 15:32:41 +00:00
Colin
a909a93c29 programs: strings: fix sandboxing 2024-02-16 15:32:41 +00:00
Colin
6aaa724abf programs: strings: sandbox 2024-02-16 14:57:25 +00:00
Colin
a1c721d5b4 programs: binutils-unwrapped -> strings: distribute just the binary i care about 2024-02-16 14:57:25 +00:00
Colin
4002a57e03 servo: transmission: advertise as 3.00 to deal with old trackers 2024-02-16 12:58:08 +00:00
Colin
74a0b0d125 gitea: serve phone-case-cq/ build files as proper html/js content type 2024-02-16 12:07:28 +00:00
Colin
cd3b4dde7b programs: nix-index: sandbox 2024-02-16 11:39:05 +00:00
Colin
a9d384688a programs: alsaUtils: sandbox 2024-02-16 11:28:43 +00:00