colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
5,214 Commits 125 Branches 1 Tag 12 MiB
902e351085
Commit Graph

2273 Commits

Author SHA1 Message Date
Colin
902e351085 hack: silence the warning about using hashedPasswordFile *and* initialPassword 
see: <https://github.com/NixOS/nixpkgs/pull/287506>

i'll factor this into something more general, later
 2024-02-20 11:11:07 +00:00
Colin
a05184f956 programs: neovim: fix nvim-treesitter typo 2024-02-20 10:23:52 +00:00
Colin
36ad2d5421 programs: unl0kr: auto-derive the user option 2024-02-20 07:21:22 +00:00
Colin
b0f62830a5 unl0kr: port to sane.programs 2024-02-20 07:14:30 +00:00
Colin
f970679266 sxmo: remove symlinks for legacy sxmo_hook_{poweroff,reboot}.sh 2024-02-20 06:49:42 +00:00
Colin
c7f4661c1c programs: htop: persist config 2024-02-20 05:38:45 +00:00
Colin
e8306831c5 programs: qemu: mark as slowToBuild 2024-02-20 05:34:47 +00:00
Colin
41b1a013d7 programs: sane-sudo-redirect: disable sandbox 2024-02-19 17:09:27 +00:00
Colin
f785ccd351 programs: sane-reclaim-disk-space: sandbox 2024-02-19 17:06:22 +00:00
Colin
48744dcaaa programs: sane-ip-reconnect: remove (unused) 2024-02-19 17:05:27 +00:00
Colin
9373864b60 programs: sane-git-init: remove (unused) 2024-02-19 16:53:59 +00:00
Colin
c16c9dfe0b programs: sandbox a bunch of sane scripts 2024-02-19 16:51:53 +00:00
Colin
2d17826731 programs: eza: sandbox with bwrap instead of landlock 2024-02-19 15:32:40 +00:00
Colin
de297f22be programs: split sane-scripts out of assorted.nix 2024-02-19 14:19:10 +00:00
Colin
4b47b76461 programs: sfeed: sandbox 2024-02-19 14:14:59 +00:00
Colin
3effd59c9b xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us 
that gets more reliable environment importing, etc
 2024-02-19 13:44:23 +00:00
Colin
44647e0d36 programs: forkstat: sandbox 2024-02-19 13:15:15 +00:00
Colin
da1053d635 programs: configure auto-launching programs to only start *after* graphical-session.target 
this ensures they really have their environment
 2024-02-19 12:58:08 +00:00
Colin
273b1b84e3 systemd: reduce the stop job timeout 2024-02-19 12:58:08 +00:00
Colin
0b6b98bba6 sway: add a safeguard to catch if the systemd environ race condition is re-introduced 2024-02-19 12:58:08 +00:00
Colin
8886177c23 xdg-desktop-portal: fix it to find all the portal configs again 
maybe i broke this when i simplified XDG_CONFIG_DIRS? not sure
 2024-02-19 12:58:08 +00:00
Colin
7e343bfc05 sway: fix race condition around dbus/systemd environment importing 2024-02-19 10:52:51 +00:00
Colin
f72bdb6f3a activationScripts: notify on deploy: fix to work with new SWAYSOCK name 2024-02-19 08:21:23 +00:00
Colin
5666a05ef0 strip out a bunch of unused nixpkgs defaults 2024-02-19 06:20:13 +00:00
Colin
35b4cc779f megapixels: switch to bwrap, to support Loupe image viewer 2024-02-18 18:46:37 +00:00
Colin
c7d111a318 megapixels: 1.7.0 -> 1.8.0 2024-02-18 18:27:47 +00:00
Colin
7e5eb6324d megapixels: sandbox 
it's iffy... 1.8.0 is released, which can be sandboxed w/o sys/dev/char or ~/.local/share/applications, but seems to be even flakier
 2024-02-18 17:44:49 +00:00
Colin
55c305812d WIP: megapixels: sandbox 2024-02-18 13:53:18 +00:00
Colin
67395bdcd3 programs: ship forkstat 2024-02-18 11:58:30 +00:00
Colin
90ceeede74 programs: flare-signal: disable (unused) 2024-02-18 07:07:29 +00:00
Colin
32a704b1b8 moby: disable unused "calls" program 
i may have future use for it, but as-is currently it's not worth the difficulty of sandboxing
 2024-02-18 07:07:29 +00:00
Colin
a591be98d4 programs: portfolio-filemanager: sandbox 2024-02-18 07:07:29 +00:00
Colin
82e028e37d programs: nautilus: assign a mime priority 2024-02-18 07:07:29 +00:00
Colin
a531676d0d mime: include an error message when two file associations have identical mime priority 2024-02-18 07:07:29 +00:00
Colin
7f7543ee78 programs: planify: sandbox 2024-02-18 07:07:29 +00:00
Colin
8d0e3e0db3 programs: notejot: sandbox 2024-02-18 07:07:29 +00:00
Colin
bf352d184c programs: tangram: sandbox 2024-02-18 07:07:29 +00:00
Colin
81a6600f54 programs: xarchiver: sandbox 2024-02-18 07:07:29 +00:00
Colin
536f0aedc3 open-in-mpv: remove my patch which has been upstreamed, previously required to use xdg-open 2024-02-18 04:52:27 +00:00
Colin
408059420d snippets: prefer the repology link which specifically shows my outdated packages 2024-02-18 04:15:05 +00:00
Colin
6760fcf1f4 snippets: remove home-manager; add repology 2024-02-18 03:43:32 +00:00
Colin
98aafead94 programs: wob: add missing "coreutils" dep 
it *should* be acquired via user's PATH, but wob-pulse can start before sway imports PATH to systemd
 2024-02-17 16:38:22 +00:00
Colin
f8663cd827 programs: monero-gui: sandbox 2024-02-17 16:06:58 +00:00
Colin
af1ee1734d programs: wireguard-tools: sandbox 2024-02-17 15:54:16 +00:00
Colin
5375cab716 programs: ntfy-sh: sandbox 2024-02-17 15:47:47 +00:00
Colin
162b3f5674 imagemagick: don't add 'ghostscript' package to path 2024-02-17 15:45:50 +00:00
Colin
a729f91d21 programs: jq: add working sandbox criteria, but don't enable yet 
i need to handle the extremely common `cat foo | jq .` without adding
`.` to the sandbox
 2024-02-17 15:36:41 +00:00
Colin
a273b559e2 programs: gnome-disk-utility: sandbox 2024-02-17 15:36:28 +00:00
Colin
785b375671 programs: smartmontools (smartctl): sandbox 2024-02-17 15:36:13 +00:00
Colin
24cba0c856 programs: xq: remove 2024-02-17 15:30:23 +00:00