7b1bc210fd
sanebox: integrate with pasta (passt) for better net sandboxing
2024-05-25 09:39:18 +00:00
842651efd5
mpv: tune webm.conf
2024-05-25 02:05:18 +00:00
27b4d4da16
mpv: ship a music visualizer
...
note that it doesnt show in `webm` exports
2024-05-25 02:05:09 +00:00
e407467e55
mpv: ship mpv-webm tool for clipping videos
2024-05-25 00:55:40 +00:00
30c677fafc
feeds: subscribe to weekinethereumnews.com
2024-05-25 00:52:39 +00:00
49b48b24fc
ship linux/posix manpages
2024-05-24 06:57:20 +00:00
844a128d60
iproute2: fix sandboxing (hopefully)
2024-05-24 06:41:12 +00:00
309797fe23
sane-input-handler: fix unrecoverable terminal state
...
bonsai is prone to miss inputs during high CPU load.
2024-05-24 04:29:34 +00:00
a6b10244eb
sane-input-handler: set vim filetype hint
2024-05-24 04:06:53 +00:00
18ec5505c4
servo: re-enable slskd
...
routing seems stable
2024-05-24 02:58:09 +00:00
2ccb4d94c5
nixpkgs: 2024-05-16 -> 2024-05-23, nixpkgs-wayland, sops-nix, uninsane-dot-org
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/1887e39d7e68bb191eb804c0f976ad25b3980595' (2024-05-16)
→ 'github:nixos/nixpkgs/?' (2024-05-23)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/977a49df312d89b7dfbb3579bf13b7dfe23e7878' (2024-05-16)
→ 'github:nixos/nixpkgs/?' (2024-05-23)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/5e2c5345f3204c867c9d4183cbb68069d0f7a951' (2024-05-16)
→ 'github:nix-community/nixpkgs-wayland/?' (2024-05-23)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/09883ca828e8cfaacdb09e29190a7b84ad1d9925' (2024-05-12)
→ 'github:nix-community/lib-aggregate/5fa64b174daa22fe0d20ebbcc0ec2c7905b503f1' (2024-05-19)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/58e03b95f65dfdca21979a081aa62db0eed6b1d8' (2024-05-12)
→ 'github:nix-community/nixpkgs.lib/0df131b5ee4d928a4b664b6d0cd99cf134d6ab6b' (2024-05-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/b6cb5de2ce57acb10ecdaaf9bbd62a5ff24fa02e' (2024-05-12)
→ 'github:Mic92/sops-nix/b549832718b8946e875c016a4785d204fcfc2e53' (2024-05-22)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/8e47858badee5594292921c2668c11004c3b0142' (2024-05-11)
→ 'github:NixOS/nixpkgs/e7cc61784ddf51c81487637b3031a6dd2d6673a2' (2024-05-18)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=af8420d1c256d990b5e24de14ad8592a5d85bf77 ' (2024-04-15)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=e6f88f563bdd1700c04018951de4f69862646dd1 ' (2024-05-16)
```
2024-05-24 02:57:53 +00:00
ca57fd692f
sane-input-handler: simplify the volume button controls; reduce vol-hold repeat count to 3
2024-05-23 02:50:38 +00:00
e6a8f5bae8
eg25-control: fix --enable-gps and --ensure-agps commands
...
these were failing due to pathing changes from systemd -> s6
2024-05-23 02:50:38 +00:00
d9922f8aa8
moby: tidy up the initrd kernel modules
2024-05-23 02:07:30 +00:00
03dab63042
moby: ship a bunch of kernel modules in the initrd: this allows the postmarketos kernel to boot to graphics!
2024-05-22 22:35:04 +00:00
5952c275a0
moby: document kernel compatibility
2024-05-21 22:54:11 +00:00
ea8eaaa91a
moby: un-blacklist stk3310
...
i don't know if blacklisting it is maybe interfering with other stuff
2024-05-21 22:47:12 +00:00
14a92b3f64
moby: disable iio sensor
...
this relaxes kernel requirements, allowing the pmOS kernel to pass eval checks
2024-05-21 22:47:12 +00:00
c5e7ef7b0c
polyunfill: don't ship x86-only kernel modules to moby's initrd
...
notably, this relaxes some constraints on the kernel so that e.g.
postmarketOS kernel actually passes eval checks (and boots to ssh!
no graphics yet)
2024-05-21 22:47:12 +00:00
d0734947bf
polyunfill: disable swraid
2024-05-21 22:47:12 +00:00
41b385b6ca
moby: refactor the kernel config into the actual kernel package and do less of that in the module system
...
this makes it easier to swap Kconfigs verbatim from other distros, e.g.
2024-05-21 22:47:12 +00:00
2e07797065
megapixels: document how to debug
2024-05-21 10:12:20 +00:00
3d295e8757
gst-device-monitor: bundle more gstreamer plugins to improve node detection
2024-05-20 09:59:08 +00:00
e3a20477f7
gst-device-monitor: wrap with required gst-plugins-base runtime dependency
2024-05-20 06:17:11 +00:00
c21ddca1fd
servo: doof tunnel: enable IPv6 and forward-DNS records
2024-05-20 05:47:04 +00:00
47da8e55f3
servo: disable jackett/slskd/transmission temporarily
2024-05-20 05:08:58 +00:00
3b99bb497b
servo: bridge to doof.net
2024-05-20 05:08:32 +00:00
cfedcc91bd
gst-device-monitor: fix so manpages are bundled
2024-05-20 03:00:23 +00:00
9873353d00
refactor: replace --replace substitutions with --replace-fail where applicable
2024-05-19 23:31:54 +00:00
f20a0ac409
fractal-latest: purge (unused package)
2024-05-19 21:16:06 +00:00
87c84f0e2e
ship libcamera, snapshot
...
note that properly packaging these is still a WIP
2024-05-19 10:41:09 +00:00
c0a6313023
home/mime: micro-opt: use toString instead of string coercion
2024-05-19 10:40:15 +00:00
26e347f38c
moby: ship with way higher CMA by default
2024-05-19 10:40:15 +00:00
5619bb3334
pkgs: ship gst-device-monitor binary
2024-05-19 10:40:15 +00:00
0fc4f83fc9
sane-input-handler: bump volume hold time from 600ms -> 750ms
...
hopefully this decreases the number of volup inputs which are misread as volup-hold (which happens a lot when the screen is off...?)
2024-05-19 00:34:23 +00:00
1b24bd50f9
errno: ship
2024-05-19 00:21:30 +00:00
58ef2cf863
calls/callaudiod: update documentation
2024-05-18 20:55:16 +00:00
41bc4ac7b4
callaudiod: fix repo URL
2024-05-18 08:10:34 +00:00
3361f2bbe7
zsh: port to sane.programs
2024-05-18 08:10:34 +00:00
c987f13ef0
calls: split callaudiod out and run it manually
2024-05-18 07:14:42 +00:00
ee36f2f052
sway: fix display names
2024-05-18 06:57:24 +00:00
09457bee5a
sway: position gnome-calls on workspace 1
2024-05-18 06:55:39 +00:00
278631b59e
calls: sandbox
2024-05-18 06:52:53 +00:00
4d09cce1aa
calls: fix latency so moby doesnt underrun
2024-05-18 06:47:26 +00:00
b2f2f88dc6
calls: exit on UI close
2024-05-18 06:32:23 +00:00
afb9d273ab
servo: re-enable slskd
2024-05-17 22:00:46 +00:00
9c27b8e864
swaync: sort icons
2024-05-17 08:42:35 +00:00
af34d395fc
swaync: fix Discord icon
2024-05-17 07:18:23 +00:00
008b659a10
swaync: reorder icons
2024-05-17 05:49:28 +00:00
1ce2839df9
swaync: clean up icons a bit more
2024-05-17 05:45:15 +00:00
022d15c2c7
swaync: increase font size of service icons
2024-05-17 03:42:32 +00:00
908a2ca6c3
swaync: fix a bug that i couldnt see all icons on the same row
2024-05-17 03:21:41 +00:00
42fb79b025
swaync: improve gnome-calls icon
2024-05-17 00:49:40 +00:00
4265ea9b99
calls: auto-start
2024-05-17 00:41:32 +00:00
a7d376778e
gnome-calls: re-enable
2024-05-17 00:36:56 +00:00
157af52112
feeds: add Grumpy.website
2024-05-16 19:25:22 +00:00
5924d092f4
coturn: expand documentation
2024-05-16 09:41:53 +00:00
a5f6aae6f5
desko: use stock systemd resolver
...
i need a backup system to use when things are broken, and this helps with debugging as well
2024-05-16 03:12:30 +00:00
fd94422982
distcc: purge
2024-05-16 02:51:38 +00:00
55a7119e3f
ccache: purge
2024-05-16 02:51:03 +00:00
d258d4ddd5
desko: re-enable firewall
2024-05-16 02:49:03 +00:00
9d725a0974
servo: disable unused nixcache.uninsane.org
2024-05-16 02:46:23 +00:00
4a15339e0e
desko: re-introduce the nix_serve key, which is actually needed for SSH deployements, not just nix-serve
2024-05-16 02:43:32 +00:00
df4ef0ce5a
desko: disable nix-serve
2024-05-16 02:35:27 +00:00
3bb5546aaf
systemd-logind: fix to not sleep when i close the lid (again)
2024-05-16 02:13:02 +00:00
b4229ecb1e
sanebox: load the link cache from a static /etc path instead of via CLI args
2024-05-15 23:55:15 +00:00
17eaa7446a
sanebox: remove all profile-related features except for direct, path-based profile loading
2024-05-15 09:13:20 +00:00
ee43fcdb89
rename LG TV -> Cuddlevision
2024-05-15 07:50:38 +00:00
bc73a16475
networkmanager: fix to be compatible when systemd-resolved is enabled
2024-05-15 02:57:40 +00:00
adfaa7f9c1
sane-sandboxed -> sanebox
2024-05-15 01:41:40 +00:00
f9a6873ee9
signal-desktop: remove NIXOS_OZONE_WL=1 hack (no longer required)
2024-05-15 00:10:00 +00:00
d5e8974a4a
refactor: trust-dns: listenAddrs -> listenAddrsIpv4
2024-05-14 23:22:50 +00:00
e040a5b0c5
servo: trust-dns: remove hn-resolver
...
my hosts run their own recursive DNS resolvers now, so there's no need for the wireguard VPN to provide them with that
2024-05-14 23:20:19 +00:00
1f405fb2ba
element-desktop: update electron_28 -> electron_29
2024-05-14 22:32:56 +00:00
f3cf9e0bed
trust-dns: set it to NOT be the system resolver for servo
...
trust-dns recursor is too beta for servo
2024-05-14 09:03:10 +00:00
2a199bf373
trust-dns: recursor: merge DHCP DNS servers from all non-downed connections
...
otherwise overwriting the toml configs gets messy, when interfaces come up in unpredictable order
2024-05-14 08:25:59 +00:00
53198128e8
trust-dns: hook NetworkManager for state changes
...
there may be some edgecases to sort out around e.g. first-run,
but so far it seems to be importing the DHCP search zones :)
2024-05-14 07:42:41 +00:00
1e202baa8a
networkmanager: tune config
...
mostly just pruning unused features
2024-05-14 04:18:29 +00:00
39eb1d150a
dns: deploy trust-dns as the default recursive resolver
...
outstanding issues: native.uninsane.org doesn't resolve. appears possibly to be an issue with following CNAMEs
2024-05-14 04:18:29 +00:00
447e1feb9c
sway: fix Super+L shortcut to actually lock
2024-05-14 04:17:05 +00:00
26e3c3e5b7
s6-rc: fix persist.byStore.persist typo
2024-05-14 04:16:50 +00:00
3557994cbb
gnome-clocks: fix sound an sandboxing artifacts
2024-05-14 01:21:37 +00:00
f3106ee316
programs: maxBuildCost: fix to actually build everything by default
2024-05-13 22:57:40 +00:00
be84ab1f45
programs: set buildCost=1 for assorted low-priority programs
2024-05-13 22:45:33 +00:00
43d32641f3
programs: buildCost: introduce a new level between min and light
2024-05-13 22:45:33 +00:00
9bf0dbabae
gnome.seahorse: disable
2024-05-13 22:45:33 +00:00
8c7880774e
monero-gui: disable
2024-05-13 22:45:33 +00:00
5774aa4a8f
zulip: dont ship
2024-05-13 22:45:33 +00:00
14202a5bcc
neovim: wrap in such a way as to avoid cross-compilation-specific patching
2024-05-13 22:45:33 +00:00
a05fa53ee1
curlftpfs: EXPERIMENT: double the connect timeout to see if this reduces dropped conns
2024-05-13 07:52:43 +00:00
89135d08cb
rofi: file browser: include an entry to open the app launcher
2024-05-12 19:46:51 +00:00
15a5afd2c4
sane-open: special-case how i open .desktop files to be compatible with portals
2024-05-12 19:46:03 +00:00
3c1a74998e
applications: hide .desktop files which arent meant to be user-visible
2024-05-12 17:43:07 +00:00
eadf85f66d
sane-open: associate as the default launcher for .desktop files
2024-05-12 17:41:00 +00:00
4b04c283b6
fcitx5: temporarily disable
2024-05-10 17:51:37 +00:00
a40f05260a
unl0kr: simplify the crash edge-case handling
2024-05-09 08:42:41 +00:00
2b539fafcd
unl0kr: handle some crashy edgecases
2024-05-09 08:38:22 +00:00
2a8ecf0423
nixpkgs: 2024-04-28 -> 2024-05-08; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0e395f4da1693e39239ffac7abf73a0a6931c961' (2024-04-28)
→ 'github:nixos/nixpkgs/c8e3f684443d7c2875ff169f6ef2533534105e7b' (2024-05-08)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/93909e9c7b05634ad924ff97c259ae0859b81756' (2024-04-28)
→ 'github:nixos/nixpkgs/a751e2faa2fc94c1337c32aaf6a6e417afe90be9' (2024-05-08)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/4e58e2cf22d11426ed2f997551f3650de0639e3a' (2024-04-28)
→ 'github:nix-community/nixpkgs-wayland/7dc8fb2aa7db995ac1ce2a8f2f8d8784b2af591c' (2024-05-08)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/49d9b510614b9bd137e067eb31445a8feca83313' (2024-04-28)
→ 'github:nix-community/lib-aggregate/26fabca301e1133abd3d9192b1bcb6fb45b30f1d' (2024-05-05)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/ade4fb7bbf04cd52bc1705734d5dc67755d77ec9' (2024-04-28)
→ 'github:nix-community/nixpkgs.lib/4b620020fd73bdd5104e32c702e65b60b6869426' (2024-05-05)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/f1b0adc27265274e3b0c9b872a8f476a098679bd' (2024-04-23)
→ 'github:Mic92/sops-nix/893e3df091f6838f4f9d71c61ab079d5c5dedbd1' (2024-05-06)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd' (2024-04-20)
→ 'github:NixOS/nixpkgs/b980b91038fc4b09067ef97bbe5ad07eecca1e76' (2024-05-04)
```
2024-05-09 05:26:23 +00:00
f58bcb4767
swaylock, schlock: convert to services
2024-05-07 15:02:46 +00:00
32e06ce998
programs: gnome-disk-utility: grant sandbox access to ~/tmp
2024-05-06 05:15:28 +00:00
8c04023eba
sway: fix sane-open integration to not mistake it as a file
2024-05-05 05:04:25 +00:00
a1625ea41d
programs: ship zulip
2024-05-04 08:28:48 +00:00
6544b9aca4
doc: dns: fix typo
2024-05-02 10:27:38 +00:00
08a9b838e5
sane-input-handler: fix log bog
2024-04-30 19:22:37 +00:00
b7dd40e558
sane-open-desktop -> sane-open and have it auto-open/close the keyboard based on what an app wants
2024-04-30 19:22:37 +00:00
7f2abf7e6e
sane-input-handler: fix missing newline when logging
2024-04-30 15:30:39 +00:00
825812e511
sane-input-handler: reset rofi directory to ~ when using the app + fsbrowser
2024-04-30 15:29:00 +00:00
69e5495cc9
sane-input-handler: set keyboard as appropriate for file/app browser
2024-04-30 15:16:59 +00:00
b422f15b59
sane-input-handler: swap volup tap/hold actions
2024-04-30 14:38:17 +00:00
889b332ade
trust-dns: split the parts which are generalizable into their own file
...
i can try to build this into a recursive resolver for *all* my hosts
2024-04-30 14:35:56 +00:00
46d1a49f0f
servo: enable sane-cast program
2024-04-29 21:50:03 +00:00
1b156dcb0a
networkmanager: fix eval error when not enabled
2024-04-29 05:58:32 +00:00
39d31c3ffd
swaync-service-dispatcher: add -b to block on service state query, to avoid incorrect responses when run in parallel
2024-04-27 12:32:12 +00:00
c50ef59102
swaync: fix service state tracking for oneshot services
2024-04-27 12:13:34 +00:00
5fc4ca6dad
modemmanager: ship udev rules
2024-04-27 12:01:01 +00:00
35c7527946
modemmanager: fix so it's active on boot
2024-04-27 11:54:08 +00:00
7e8a014f37
NetworkManager: use the upstream service file
2024-04-27 10:58:21 +00:00
4ce951bbed
wpa_supplicant: re-enable
2024-04-27 10:34:25 +00:00
f784550b9b
networkmanager: migrate from nixpkgs service to my own
2024-04-27 09:51:55 +00:00
1f2bbd4aec
refactor: split modemmanager stuff into own file
2024-04-27 08:32:15 +00:00
547d71c19a
nixpkgs: 2024-04-24 -> 2024-04-26, nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/acba655f267a49327f2cea95003f17b8540909c0' (2024-04-24)
→ 'github:nixos/nixpkgs/7d3f4eadec32d447a5f20d87fa309f00986cb288' (2024-04-26)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/1eb9a6980dee3970850f47ba8139c7402f54a9a0' (2024-04-24)
→ 'github:nixos/nixpkgs/0b868df4ced96400774414f5baf30b696215b98f' (2024-04-26)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/80659e4b2805654de851996e682b063a5d7eea5e' (2024-04-24)
→ 'github:nix-community/nixpkgs-wayland/ca9d278400c170935a95dd75e7e2537c2afd1cb7' (2024-04-26)
```
2024-04-27 06:33:24 +00:00
19115dfb65
eg25-control: port to s6 (hopefully)
2024-04-26 21:44:13 +00:00
34842c00fe
moby: make the modem powerable by the user, without root
...
this should allow migrating eg25-control to a user service
2024-04-26 17:19:38 +00:00
46a513b263
feeds: subscribe to SamuelDR
2024-04-26 17:19:38 +00:00
6129fbf2b3
lemmy: upstream the proxy headers
2024-04-26 16:44:43 +00:00
f3d2dee470
lemmy: fix federation (broke due to invalid HTTP signatures)
2024-04-26 10:31:47 +00:00
3d207ab7bb
coturn: allocate 256 ports instead of 16
2024-04-26 08:47:52 +00:00
95447eb765
goaccess: fix missing state dir
2024-04-26 08:47:09 +00:00
593268f620
coturn: run inside ovpns namespace
2024-04-26 08:01:34 +00:00
5c98a51cd6
dino: build without echo cancelation
...
this reduces CPU load on moby; it may also have implications for incoming call audio though, still sorting that out
2024-04-26 05:11:43 +00:00
4453bde815
dino: increase buffering 20ms -> 100ms (closer to 82ms, actually)
2024-04-25 11:28:22 +00:00
7843f9650a
feeds: subscribe to The Amp Hour (podcast)
2024-04-25 05:54:10 +00:00
82dce71b9c
feeds: add microarch.club podcast
2024-04-25 05:51:52 +00:00
9c00c2c5cc
zsh: add exit aliases: ecit, exi5
2024-04-25 01:51:45 +00:00
d01e49f566
pipewire: switch back to bwrap sandboxing and document limitations
2024-04-24 13:14:35 +00:00
7447d4879e
pipewire: man: link to docs
2024-04-24 10:33:23 +00:00
215864e3d4
pipewire: reduce realtime priority so it doesnt crash moby gpu driver
2024-04-24 09:36:22 +00:00
0cbb81cfea
WIP: pipewire: trying to tune so lima doesnt crash
2024-04-24 09:20:13 +00:00
9d7816a1cd
koreader: fix sandboxing so that i can open links again
2024-04-24 01:02:02 +00:00
461aa5ede0
htop: include "PRIORITY" column
2024-04-23 12:01:15 +00:00
10fc7bbb84
curlftpfs: document sandbox attempt
2024-04-23 09:08:05 +00:00
87e3f2a9ef
pipewire: split rtkit into own file, and use defaults from pipewire project
2024-04-23 09:08:05 +00:00
9481131daf
pipewire: sandbox with landlock (so that rtkit integration works) and split rtkit into own file
2024-04-23 09:08:05 +00:00
ae418fb2d1
valgrind: mark as not sandboxable
2024-04-23 09:08:05 +00:00
c174eddddf
wireplumber: sandbox such that it gets higher sched priority
2024-04-23 09:08:05 +00:00
6d74c6616c
pipewire: shrink the mount sandbox
2024-04-23 09:08:05 +00:00
7db40fbf47
sane-cast: add a menu for choosing which device to cast to whenever there are multiple
2024-04-23 08:10:05 +00:00
152a5d4c92
sane-cast: integrate with mpv
2024-04-23 07:52:48 +00:00
fd771cdb2c
fs: mount media/torrents instead of media/freeleech (the latter was removed)
2024-04-23 01:25:57 +00:00
4c7cd06212
go2tv: clarify compatibility
2024-04-22 12:45:55 +00:00
d0de6a9254
sftpgo: reduce the passive port range
...
hopefully this eases the load on the upstream firewall's UPNP service
2024-04-22 12:08:23 +00:00
12f2798140
servo: sftpgo: move to own directory
2024-04-22 12:05:16 +00:00
bd92076291
fontconfig: populate the cache directory even when cross compiling
2024-04-22 09:47:20 +00:00
9cbe774c5a
sane-input-handler: fix power_hold -> power_tap_1_hold when inhibited by rofi
2024-04-22 06:27:33 +00:00
b4653b20a2
moby: button map: move vol{up,down}_hold to only act in power-off, else they may falsely trigger during other power-on actions
2024-04-22 05:13:29 +00:00
2c011df252
moby: tweak button mappings
...
- power hold: toggle media
- power x1 -> hold: kill
now nothing in screenoff uses power x2, which means we can get to
screen-on without waiting for any timeout.
2024-04-22 05:10:35 +00:00
9d472bb290
sane-input-handler: clean up suggestedPrograms
2024-04-22 04:13:56 +00:00
95b21cbed9
moby: update improve button mappings
...
- power + volup: screenshot
- power + voldown: camera
- volup_hold: file browser
- remove modal media controls
2024-04-22 04:05:52 +00:00
82007c9b40
bonsai: store the config in ~/.config to allow easier online editing
2024-04-22 04:05:15 +00:00
50c72de4f9
megapixels: fix folder icon to actually open ~/Pictures/Photos
2024-04-22 00:16:46 +00:00
36237a3201
megapixels: remove unnecessary ~/tmp directory from sandbox
2024-04-22 00:16:14 +00:00
eb9df628e6
megapixels: remove unnecessary ~/.local/share/applications from sandbox
2024-04-21 23:49:29 +00:00
a92960d778
megapixels: place photos in ~/Pictures/Photos instead of directly in ~/Pictures
2024-04-21 23:13:49 +00:00
ef9b0e9309
megapixels: fix .dng -> .jpg conversion
2024-04-21 21:59:05 +00:00
350e00e0cd
firefox: decrease scrollbar width 20px -> 14px
2024-04-21 21:08:07 +00:00
b77e811ad4
blast-to-default: leverage sane-die-with-parent
2024-04-21 11:09:23 +00:00
a000a722ba
mpv: fix so sane-sysvol doesnt hang exit
2024-04-21 10:08:46 +00:00
4dde01245e
mpv: sane_sysvol: fix non_blocking_popen to use metatables and be more readable
2024-04-21 03:47:01 +00:00
f50c0a98c2
sane-sysvol -> sane_sysvol, sane-cast -> sane_cast
...
when a script contains a dash, mpv silently renames *parts* of it to _, which causes confusion
2024-04-21 00:27:30 +00:00
0625bfdd10
mpv: sane-cast: fix crash due to missing table.concat function
2024-04-21 00:24:46 +00:00
4dfee58d09
sops: fix sandbox path
2024-04-20 21:43:13 +00:00
a7b8eb179b
pipewire: move the clock quantum config into sane.programs proper
...
this ensures it's available in the sandbox
2024-04-20 09:09:05 +00:00
f10bb6c86c
sftpgo: adjust file mode to be compatible with Kodi
2024-04-20 08:07:00 +00:00
a59a7b5346
feeds: podcasts: add Tech Tales
2024-04-19 21:46:03 +00:00
1bd715e57e
nixpkgs: 2024-04-18 -> 2024-04-19; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/19d2eb80a0e23daf1c4a8cf25b1011fbdb2260fb' (2024-04-18)
→ 'github:nixos/nixpkgs/6ad1fe08582fcdfedb2cb7c31b4a016a227bd38a' (2024-04-19)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/457c34178411e0072e59564ee7986e86255a6eff' (2024-04-18)
→ 'github:nixos/nixpkgs/40d15ed86dd08eff6a29e0a9abc416001d19cd67' (2024-04-19)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7867aa617c6eb205b1ac1b71d98cd18a2561bb18' (2024-04-17)
→ 'github:nix-community/nixpkgs-wayland/ab0f8d391a960764348935e6497fc62ba0d2378d' (2024-04-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/cc535d07cbcdd562bcca418e475c7b1959cefa4b' (2024-04-15)
→ 'github:Mic92/sops-nix/b94c6edbb8355756c53efc8ca3874c63622f287a' (2024-04-18)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/c27f3b6d8e29346af16eecc0e9d54b1071eae27e' (2024-04-13)
→ 'github:NixOS/nixpkgs/8494ae076b7878d61a7d2d25e89a847fe8f8364c' (2024-04-18)
```
2024-04-19 20:33:48 +00:00
317996b609
clightning-sane: document the status command more
2024-04-19 07:29:20 +00:00
135f63480b
clightning-sane: add a help message
2024-04-19 07:29:20 +00:00
d9ffa5bb5a
wike: fix sandboxing for 3.0
2024-04-19 01:26:58 +00:00
f59f13588f
jackett/transmission/slskd: validate public IP address before starting
2024-04-18 20:05:59 +00:00
40af93a7fb
feeds: add apenwarr
2024-04-18 17:29:50 +00:00
a36ff517e7
servo: slskd: disable
2024-04-18 06:55:56 +00:00
60c370df3f
sftpgo: fix domain name in banner
2024-04-18 05:01:57 +00:00
d80852c6c1
sftpgo: re-enable password login
2024-04-18 04:58:59 +00:00
62b3047fff
sftpgo: support FTPS
2024-04-18 04:34:41 +00:00
de2c3a30ff
programs: ship lftp ftp client
2024-04-18 04:17:10 +00:00
c08280589d
lsof: fix sandboxing
2024-04-17 23:43:42 +00:00
9a9ffcbea9
transmission: fix faulty "find" expression (thanks shellcheck!)
2024-04-17 23:32:00 +00:00
733efcfaf7
servo: nginx: forceSSL for anything media related
2024-04-17 22:49:24 +00:00
b34d984572
servo: transmission: remove noisy files upon torrent completion
2024-04-17 20:47:00 +00:00
e2b58e1b77
servo: transmission: be extra strict about requiring VPN
2024-04-17 19:52:11 +00:00
b7e5bc5972
servo: sftpgo: disable external access
2024-04-17 19:41:57 +00:00
54cefa247a
dino: record another bug
2024-04-17 09:53:08 +00:00
b7fd5e78cc
swaync: show volume-per-app (TODO: stylize it better)
2024-04-17 01:37:03 +00:00
79985ff009
dino: docs: update notes about BUGS
2024-04-16 20:50:00 +00:00
62f5b9276f
pwvucontrol: whitelist DRI inside the sandbox, for better perf
2024-04-16 20:49:33 +00:00
13c1f01a6b
servo: pleroma: migrate port 4000 -> 4040
...
port 4000 is used by NFS
2024-04-16 18:57:54 +00:00
5f281f57de
servo: transmission: inline nested torrent directories
2024-04-16 18:25:41 +00:00
089e434e3f
servo: transmission: fix group permissions of media when copying them to public dir
2024-04-16 16:31:10 +00:00
539fe48947
swaync: cleanup
2024-04-16 04:14:07 +00:00
259c3af526
swaync-fbcli: fix CPU pegging when canceling a phone ringer
2024-04-16 02:18:51 +00:00
6b5e0e57bc
swaync: unify the *DEBUG variables
2024-04-15 21:29:17 +00:00
4f06f0dc5e
unl0kr: disable animations
2024-04-15 21:10:55 +00:00
c0dde0e540
unl0kr: populate config file with upstream defaults
2024-04-15 21:05:21 +00:00
0385c09f23
sane-sandboxed: split out into an actual package
2024-04-15 18:57:22 +00:00
bd57b95598
swaync-fbcli: fix so that the child actually exits when killed (critical is to use SIGINT)
2024-04-15 18:32:50 +00:00
465da7c939
swaync-fbcli: migrate an "echo" to a "log"
2024-04-15 18:22:30 +00:00
44f76e656a
swaync-fbcli: fix that pkill expression wouldn't work for wrapped binaries
2024-04-15 18:21:27 +00:00
824046aca1
swaync-fbcli: fix CPU pegging
2024-04-15 18:09:21 +00:00
827c50ff43
swaync: cleanup the swaync-fbcli helper
2024-04-15 18:00:51 +00:00
0230291bb2
swaync: move the pkill logic into swaync-fbcli
2024-04-15 17:46:40 +00:00
3d3618256d
swaync: split the fbcli wrapper into its own file
2024-04-15 17:46:40 +00:00
590cb2dd7f
feeds: sort the list
2024-04-15 16:21:31 +00:00
d9dcab544c
feeds: unsubscribe from Profectus
2024-04-15 16:20:17 +00:00
4ee0f0c659
feeds: disable TheSideView
2024-04-15 14:59:50 +00:00
2af5bb3d78
i-still-dont-care-about-cookies: enable
2024-04-15 03:36:49 +00:00
2d8fe1d3e5
bonsai: tune niceness to hopefully be more responsive
2024-04-15 01:46:32 +00:00
0741d87bcb
rofi: theme so that i can read more text on narrow moby display
2024-04-15 00:04:10 +00:00
2587c27f89
font-manager: fix sandboxing
2024-04-14 21:55:52 +00:00
2d74d0725d
feeds: podcasts: add Money Stuff
2024-04-14 20:39:53 +00:00
7804236499
xdg-terminal-exec: remove upstreamed patched
2024-04-14 14:16:50 +00:00
feb36d19ac
programs: ship cups
2024-04-14 03:33:55 +00:00
a8915661a7
style: refine the base pink color for mpv and sway/waybar
...
this matches swaync a little better. mpv had to be made lighter, i think because of transparency stuff. probably sway/waybar could be made normal lightness
2024-04-13 20:29:24 +00:00
dd58ba8b00
gvfs: enable as part of nautilus, not sway
2024-04-13 20:29:24 +00:00
0a888e205e
programs: ship objdump
2024-04-13 20:29:24 +00:00
4b22fd95bf
introduce 'moby-min' host variant for the quickest deployment (no webkitgtk)
2024-04-13 20:29:24 +00:00
527a9e7612
feeds: add The Side View
2024-04-10 04:47:34 +00:00
3686e6e508
feeds: subscribe to Future of Coding
2024-04-10 03:06:30 +00:00
cda50db23b
loupe: associate with avif filetype
2024-04-09 19:22:59 +00:00
9be6960bbf
sway: disable shortcuts for creating sub-splits
...
i'm just always accidentally triggering them
2024-04-09 16:24:02 +00:00
a45aabfb72
sway: todo: load background from a more traditional path
2024-04-09 16:19:56 +00:00
876103ff7b
mpv: remove legacy ao=alsa and volume-max config
2024-04-09 16:10:05 +00:00
46cda87d5e
notejot: fix sandboxing
2024-04-09 15:44:01 +00:00
d728dfcd70
mpv: uosc: tweak the maximize button to actually act as a fullscreen toggle
2024-04-09 10:14:40 +00:00
19fcd0318c
mpv: remove the double-click-to-fullscreen shortcut
2024-04-09 10:09:17 +00:00
030f6d1a99
mpv: fix so pseudo-gui mode doesnt break logging
2024-04-09 09:58:16 +00:00
86b495cb9f
mpv: sane-sysvol: integrate with uosc mute button
2024-04-09 08:05:00 +00:00
c897f4fa4b
mpv: sane-sysvol: fix pipewire mute to reflect onto uosc volume level
...
ideally it would actually show up as the mute parameter!
2024-04-09 08:05:00 +00:00
8181a0664d
mpv: sane-sysvol: remove the unused id tracking
2024-04-09 08:05:00 +00:00
c37e94493f
mpv: sane-sysvol: optimize
2024-04-09 08:05:00 +00:00
b9e107510d
mpv: sane-sysvol: dont force system volume to zero on init
2024-04-09 08:05:00 +00:00
0f4c1ccfe3
mpv: update input.conf for sane-cast rename
2024-04-09 08:05:00 +00:00
9d9413c790
mpv: announce pipewire volume changes so uosc can listen for them
2024-04-09 08:05:00 +00:00
64c28ae657
mpv: don't need to force uosc volume state to 0 by default; nil is OK
2024-04-09 08:05:00 +00:00
1f4c885748
mpv: sane-sysvol script: init
...
it's a one-way volume control, but that's a start
2024-04-09 08:05:00 +00:00
0545b178af
mpv: rename plugin: sane -> sane-cast
2024-04-09 08:04:51 +00:00
fe4b6c36c4
feeds: subscribe to jwz.org
2024-04-09 03:55:25 +00:00
fce3436c88
servo: expose Milkbags to the internet :)
2024-04-08 06:55:09 +00:00
3aba91b360
mpv: fix race condition in uosc/ao-volume monitoring
2024-04-06 23:41:59 +00:00
907933612d
htop: statically populate config
2024-04-06 23:41:59 +00:00
b4877a488e
discord: add media into sandbox
2024-04-06 09:36:55 +00:00
4b3975367a
fix warnings: remove xdg-desktop-portal patch; fix mautrix-meta enable logic
2024-04-05 21:40:42 +00:00
28110c3e85
fix system hang during vim ctrl+z (disable io_uring in libuv)
2024-04-05 07:29:55 +00:00
43aa498ff9
mpv: fix uosc touch controls
2024-04-05 07:29:15 +00:00
f7e4504764
pict-rs: remove no-transcoding patch (it doesnt apply anymore)
2024-04-04 19:09:12 +00:00
7ab148ea58
servo: migrate /var/media to be 100% on zfs pool
2024-04-04 06:20:50 +00:00
0dfeec3260
mpv-uosc: 5.2.0 -> 5.2.0-unstable-2024-03-13
2024-04-04 06:19:15 +00:00
eb2317a743
mpv: 0.37.0 -> 0.37.0-unstable-2024-03-31
2024-04-04 06:19:15 +00:00
7c3ad85d75
sane-bt-add: fix sandboxing
2024-04-03 09:48:21 +00:00
410097480f
docs: servo: fs: fix setfacl typo
2024-04-03 09:48:10 +00:00
f5fadbe4cf
transmission: place torrents in a separate directory, and copy them to the main media directory on completion
2024-04-03 09:48:10 +00:00
a0550660e7
feeds: add The Corresponding Source podcast
2024-04-02 22:10:36 +00:00
a814832e48
feeds: add Hacker Public Radio podcast
2024-04-02 19:34:42 +00:00
747032d9a4
dino: run with higher scheduling priority
2024-04-02 09:02:44 +00:00
9b2e35b93f
pipewire: ship rtkit and unlock better scheduling priority
2024-04-02 09:02:06 +00:00
d2751237c1
xdg-desktop-portal-wlr: propery document its dependency on pipewire
2024-04-02 09:01:35 +00:00
ae87160de3
dino: 0.4.3 -> 0.4.3-unstable-2024-04-01
2024-04-02 04:57:11 +00:00
a90a213cc0
apps: gui: disable under-used "blanket" noise generator
2024-04-02 04:18:53 +00:00
24c04b8fc0
docs: xdg-desktop-portal: link to Door Knocker debugging tool
2024-04-02 04:18:53 +00:00
9d9791814a
audacity: fix sandboxing
2024-04-02 02:56:51 +00:00
331e673589
common/fs: mount /mnt/servo/media/* directories more granularly
...
this benefits sandboxing
2024-04-01 07:31:25 +00:00
bbb93600b7
/mnt/servo/*: mount in a way which doesn't block sandboxes
2024-04-01 06:00:17 +00:00
c0de54c11a
curlftpfs: exit on timeout error
2024-04-01 04:02:32 +00:00
0d29722443
common/fs: refactor and DRY
2024-04-01 02:12:06 +00:00
1c2a375b6d
common/fs: split curlftpfs into sane.programs
...
this makes it easier to build outside of /etc/fstab context, and opens a future path to sandboxing
2024-04-01 00:50:14 +00:00
b6840a3ed4
curlftpfs: build via my own repo
2024-04-01 00:43:07 +00:00
74e994598e
feeds: add David Revoy
2024-03-31 20:28:41 +00:00
856b6fcd7a
feeds: add Willow
2024-03-31 18:20:49 +00:00
cd6a91e995
sway: tune sandboxing
2024-03-31 05:59:10 +00:00
ade680d9d2
unl0kr: remove legacy wayland stuff (it's handled by s6 now)
2024-03-31 05:20:33 +00:00
6d4a43fa0d
sway: warn when needed runtime dirs dont exist
2024-03-31 05:20:20 +00:00
d3ad661970
servo: zfs: enable reflink support
2024-03-31 03:48:34 +00:00
1e7de43da8
docs: sway: mention that hotplugging is broken
2024-03-31 03:24:33 +00:00
eff37765ae
sane.image: fix so imgs.moby includes a working bootloader
2024-03-31 03:24:33 +00:00
a65673847a
superTux, superTuxKard: don't ship on moby
...
i don't use it there; it wastes deploy time
2024-03-31 03:24:33 +00:00
930c5e2412
delfin: don't ship
...
i don't use it; it wastes deploy time
2024-03-31 03:24:33 +00:00
e855be4796
hosts/common: port /mnt/servo/* from NFS -> FTP
...
fuse ftp seems to be easier to debug than kernel nfs so far
2024-03-28 23:15:05 +00:00
701e10b121
hosts/common/fs: optimize NFS options
2024-03-28 23:15:05 +00:00
eadb2057d9
sane-wipe: port from systemd -> s6
2024-03-28 23:15:05 +00:00
5ed29ceb47
servo: /var/media: fixup permissions so everything is r/w by "media" group, including sftpgo
2024-03-28 23:14:40 +00:00
725ab13628
servo: nfs: allow UDP NFSv3 connections
2024-03-27 00:54:58 +00:00
32e691b85b
feeds: add Hardcore Software by Steven Sinofsky
2024-03-26 14:08:13 +00:00
0108502055
feedbackd: fix so it depends on pipewire before launch
2024-03-26 13:48:13 +00:00
c6a1f310a0
servo: net: actually assert that ovpns exists if we fail to add it
2024-03-26 11:13:10 +00:00
1d494513a9
slskd: document common errors/flakiness
2024-03-26 11:04:21 +00:00
fb79ca4c8e
programs: iproute: use a less restrictive sandbox
2024-03-26 10:54:29 +00:00
3cf42db7dc
slskd: fix for more recent nixpkgs
2024-03-26 10:47:20 +00:00
5ecabc57bf
feeds: add low<-tech magazine
2024-03-25 13:13:41 +00:00
48a4c1bd26
feeds: add nixpkgs.news
2024-03-25 13:13:03 +00:00
febedb9323
nits: update --replace uses to --replace-{fail,quiet} as appropriate
2024-03-24 12:49:18 +00:00
4e74ba5bab
swaync-service-dispatcher: fix start/stop inversion
2024-03-24 12:22:54 +00:00
