|
|
875d919fa8
|
systemd-rfkill: harden
|
2024-08-10 00:34:13 +00:00 |
|
|
|
a323f321b5
|
snapper: disable
it wasn't working to begin with
|
2024-08-10 00:09:58 +00:00 |
|
|
|
f986936bbd
|
wg-home-refresh: use the sandboxed wireguard-tools
|
2024-08-09 23:52:31 +00:00 |
|
|
|
3d773fe375
|
sanebox: improve the capsh stuff a bit more
|
2024-08-09 23:52:16 +00:00 |
|
|
|
055ad222e3
|
wg-home-refresh: harden systemd service
|
2024-08-09 23:05:58 +00:00 |
|
|
|
3aafcb0aa8
|
sanebox: capshonly: be more precise about preserving e/i/p capabilities
with this, gocryptfs works AND wg works
|
2024-08-09 22:55:02 +00:00 |
|
|
|
c85f02ca68
|
scripts/sync: dont rely on /mnt/$self existing
|
2024-08-09 21:41:56 +00:00 |
|
|
|
eeafc34ccf
|
hare-ev: 2024-07-11 -> 2024-08-06
|
2024-08-09 21:41:56 +00:00 |
|
|
|
039ffcdcd4
|
newsflash: sandbox
|
2024-08-09 21:35:33 +00:00 |
|
|
|
2a35cb5379
|
mime.urlAssociations: clarify regexes by using $ terminator
|
2024-08-09 20:57:13 +00:00 |
|
|
|
3db009bc98
|
mpv: associate with all web audio/video resources
|
2024-08-09 20:55:00 +00:00 |
|
|
|
1e840e72b3
|
nixpkgs: 24.05-unstable-2024-08-06 -> 24.05-unstable-2024-08-09
|
2024-08-09 10:34:20 +00:00 |
|
|
|
ce1c3ec804
|
nixpkgs-wayland: 0-unstable-2024-08-06 -> 0-unstable-2024-08-09
|
2024-08-09 10:34:02 +00:00 |
|
|
|
09dd69a855
|
uassets: 0-unstable-2024-08-06 -> 0-unstable-2024-08-09
|
2024-08-09 10:33:29 +00:00 |
|
|
|
cbe71868ef
|
newsflash: deploy
|
2024-08-09 10:25:53 +00:00 |
|
|
|
7b043d0c87
|
newsflash: simplify cross compilation
|
2024-08-09 10:14:59 +00:00 |
|
|
|
fd0188025d
|
newsflash: fix cross compilation
|
2024-08-09 09:46:40 +00:00 |
|
|
|
1c57ffa798
|
newsflash-nixified: init at 3.3.4 (doesn't build!)
it's doing complicated things with glib macros that i can't get to work.
|
2024-08-09 03:50:36 +00:00 |
|
|
|
1d205a89bc
|
sway: fix gnome-calls to always be on workspace 1
|
2024-08-08 23:59:19 +00:00 |
|
|
|
5ff643aa2f
|
foliate: fix sandboxing
|
2024-08-08 23:58:02 +00:00 |
|
|
|
bfdf63e641
|
calls: 46.3 -> 47.0-beta
|
2024-08-08 23:57:47 +00:00 |
|
|
|
c695f7a979
|
foliate: ship
|
2024-08-08 21:08:51 +00:00 |
|
|
|
b3b38451b5
|
koreader-from-src: add an update script (only updates the toplevel, at the moment)
|
2024-08-08 18:47:03 +00:00 |
|
|
|
1ee81db537
|
switch xdg-desktop-portal-gtk -> xdg-desktop-portal-gnome
the gnome file chooser is far more responsive, on moby
though thumbnailing doesnt work, which may degrade the desktop experience :-(
|
2024-08-08 09:43:47 +00:00 |
|
|
|
b9947c05ca
|
xdg-desktop-portal-gnome: fix cross compilation
|
2024-08-08 09:05:26 +00:00 |
|
|
|
2de6491583
|
xdg-desktop-portal-gnome: get working as a xdp backend, on lappy
probably needs some porting to moby before it works there
|
2024-08-08 08:52:24 +00:00 |
|
|
|
4525df58e0
|
rsyslog: disable
|
2024-08-08 07:40:59 +00:00 |
|
|
|
9d1ffc7c43
|
todo.md: document some connectivity issues
|
2024-08-08 03:41:52 +00:00 |
|
|
|
a69af91b7b
|
add /mnt/servo/home to my hosts
|
2024-08-08 00:45:33 +00:00 |
|
|
|
7b5d655c91
|
scripts/check-backups: show how to view the host's last-completed
|
2024-08-07 23:00:44 +00:00 |
|
|
|
de6ffe6b75
|
flare-signal: update compatibility notes
|
2024-08-07 22:07:56 +00:00 |
|
|
|
f8aea34e96
|
sanebox: bwrap: make user namespace unsharing more obvious
|
2024-08-07 21:23:21 +00:00 |
|
|
|
49efb94a0a
|
seatd: restrict capabilities
|
2024-08-07 20:30:29 +00:00 |
|
|
|
9b1e053ead
|
seatd: place the socket in a place that lends itself to better sandboxing
|
2024-08-07 19:37:20 +00:00 |
|
|
|
235dc86155
|
todo.md: delete completed sandboxing items
|
2024-08-07 01:33:31 +00:00 |
|
|
|
6dad290cd5
|
duplicity: purge
|
2024-08-07 01:33:31 +00:00 |
|
|
|
cc6ed6c0ec
|
flare-signal: annotate my notes on it with datestamps
|
2024-08-07 01:23:43 +00:00 |
|
|
|
cc3aba3cc2
|
servo: fix postfix: dont start until after the mail dir has been mounted
|
2024-08-07 00:17:17 +00:00 |
|
|
|
41f08125bb
|
scripts/check-backups: convert timestamps to hours
|
2024-08-06 21:50:49 +00:00 |
|
|
|
27487fe870
|
scripts/check-admin: script to show which (if any) services require tending to registration attempts
|
2024-08-06 21:40:48 +00:00 |
|
|
|
d45ea622d1
|
servo: disable email-based registration gating
|
2024-08-06 21:39:32 +00:00 |
|
|
|
247fd3f807
|
less: tune flags, especially for systemd/journalctl
|
2024-08-06 19:25:10 +00:00 |
|
|
|
816e2a7065
|
nixpkgs: 24.05-unstable-2024-08-04 -> 24.05-unstable-2024-08-06
|
2024-08-06 19:08:39 +00:00 |
|
|
|
be842d5c5e
|
nixpkgs-wayland: 0-unstable-2024-08-03 -> 0-unstable-2024-08-06
|
2024-08-06 19:08:30 +00:00 |
|
|
|
fa6ec981e0
|
sops-nix: assets-unstable-2024-07-27 -> assets-unstable-2024-08-05
|
2024-08-06 19:08:16 +00:00 |
|
|
|
52b4c1542a
|
uassets: 0-unstable-2024-08-03 -> 0-unstable-2024-08-06
|
2024-08-06 19:08:00 +00:00 |
|
|
|
3ff59247da
|
uninsane-dot-org: ? -> 2024-08-06
|
2024-08-06 19:07:44 +00:00 |
|
|
|
d9c0855c4e
|
fractal-nixified: 7 -> 8
|
2024-08-06 08:26:50 +00:00 |
|
|
|
1a67a05238
|
transmission/torrent-done: make files readable (speculative)
|
2024-08-06 08:26:16 +00:00 |
|
|
|
1cdeedd9ec
|
servo: partially ship ollama
|
2024-08-06 08:24:29 +00:00 |
|
