1bd715e57e
nixpkgs: 2024-04-18 -> 2024-04-19; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/19d2eb80a0e23daf1c4a8cf25b1011fbdb2260fb' (2024-04-18)
→ 'github:nixos/nixpkgs/6ad1fe08582fcdfedb2cb7c31b4a016a227bd38a' (2024-04-19)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/457c34178411e0072e59564ee7986e86255a6eff' (2024-04-18)
→ 'github:nixos/nixpkgs/40d15ed86dd08eff6a29e0a9abc416001d19cd67' (2024-04-19)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7867aa617c6eb205b1ac1b71d98cd18a2561bb18' (2024-04-17)
→ 'github:nix-community/nixpkgs-wayland/ab0f8d391a960764348935e6497fc62ba0d2378d' (2024-04-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/cc535d07cbcdd562bcca418e475c7b1959cefa4b' (2024-04-15)
→ 'github:Mic92/sops-nix/b94c6edbb8355756c53efc8ca3874c63622f287a' (2024-04-18)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/c27f3b6d8e29346af16eecc0e9d54b1071eae27e' (2024-04-13)
→ 'github:NixOS/nixpkgs/8494ae076b7878d61a7d2d25e89a847fe8f8364c' (2024-04-18)
```
2024-04-19 20:33:48 +00:00
317996b609
clightning-sane: document the status
command more
2024-04-19 07:29:20 +00:00
135f63480b
clightning-sane: add a help message
2024-04-19 07:29:20 +00:00
d9ffa5bb5a
wike: fix sandboxing for 3.0
2024-04-19 01:26:58 +00:00
f59f13588f
jackett/transmission/slskd: validate public IP address before starting
2024-04-18 20:05:59 +00:00
40af93a7fb
feeds: add apenwarr
2024-04-18 17:29:50 +00:00
a36ff517e7
servo: slskd: disable
2024-04-18 06:55:56 +00:00
60c370df3f
sftpgo: fix domain name in banner
2024-04-18 05:01:57 +00:00
d80852c6c1
sftpgo: re-enable password login
2024-04-18 04:58:59 +00:00
62b3047fff
sftpgo: support FTPS
2024-04-18 04:34:41 +00:00
de2c3a30ff
programs: ship lftp ftp client
2024-04-18 04:17:10 +00:00
c08280589d
lsof: fix sandboxing
2024-04-17 23:43:42 +00:00
9a9ffcbea9
transmission: fix faulty "find" expression (thanks shellcheck!)
2024-04-17 23:32:00 +00:00
733efcfaf7
servo: nginx: forceSSL for anything media related
2024-04-17 22:49:24 +00:00
b34d984572
servo: transmission: remove noisy files upon torrent completion
2024-04-17 20:47:00 +00:00
e2b58e1b77
servo: transmission: be extra strict about requiring VPN
2024-04-17 19:52:11 +00:00
b7e5bc5972
servo: sftpgo: disable external access
2024-04-17 19:41:57 +00:00
54cefa247a
dino: record another bug
2024-04-17 09:53:08 +00:00
b7fd5e78cc
swaync: show volume-per-app (TODO: stylize it better)
2024-04-17 01:37:03 +00:00
79985ff009
dino: docs: update notes about BUGS
2024-04-16 20:50:00 +00:00
62f5b9276f
pwvucontrol: whitelist DRI inside the sandbox, for better perf
2024-04-16 20:49:33 +00:00
13c1f01a6b
servo: pleroma: migrate port 4000 -> 4040
...
port 4000 is used by NFS
2024-04-16 18:57:54 +00:00
5f281f57de
servo: transmission: inline nested torrent directories
2024-04-16 18:25:41 +00:00
089e434e3f
servo: transmission: fix group permissions of media when copying them to public dir
2024-04-16 16:31:10 +00:00
539fe48947
swaync: cleanup
2024-04-16 04:14:07 +00:00
259c3af526
swaync-fbcli: fix CPU pegging when canceling a phone ringer
2024-04-16 02:18:51 +00:00
6b5e0e57bc
swaync: unify the *DEBUG variables
2024-04-15 21:29:17 +00:00
4f06f0dc5e
unl0kr: disable animations
2024-04-15 21:10:55 +00:00
c0dde0e540
unl0kr: populate config file with upstream defaults
2024-04-15 21:05:21 +00:00
0385c09f23
sane-sandboxed: split out into an actual package
2024-04-15 18:57:22 +00:00
bd57b95598
swaync-fbcli: fix so that the child actually exits when killed (critical is to use SIGINT)
2024-04-15 18:32:50 +00:00
465da7c939
swaync-fbcli: migrate an "echo" to a "log"
2024-04-15 18:22:30 +00:00
44f76e656a
swaync-fbcli: fix that pkill expression wouldn't work for wrapped binaries
2024-04-15 18:21:27 +00:00
824046aca1
swaync-fbcli: fix CPU pegging
2024-04-15 18:09:21 +00:00
827c50ff43
swaync: cleanup the swaync-fbcli helper
2024-04-15 18:00:51 +00:00
0230291bb2
swaync: move the pkill logic into swaync-fbcli
2024-04-15 17:46:40 +00:00
3d3618256d
swaync: split the fbcli wrapper into its own file
2024-04-15 17:46:40 +00:00
590cb2dd7f
feeds: sort the list
2024-04-15 16:21:31 +00:00
d9dcab544c
feeds: unsubscribe from Profectus
2024-04-15 16:20:17 +00:00
4ee0f0c659
feeds: disable TheSideView
2024-04-15 14:59:50 +00:00
2af5bb3d78
i-still-dont-care-about-cookies: enable
2024-04-15 03:36:49 +00:00
2d8fe1d3e5
bonsai: tune niceness to hopefully be more responsive
2024-04-15 01:46:32 +00:00
0741d87bcb
rofi: theme so that i can read more text on narrow moby display
2024-04-15 00:04:10 +00:00
2587c27f89
font-manager: fix sandboxing
2024-04-14 21:55:52 +00:00
2d74d0725d
feeds: podcasts: add Money Stuff
2024-04-14 20:39:53 +00:00
7804236499
xdg-terminal-exec: remove upstreamed patched
2024-04-14 14:16:50 +00:00
feb36d19ac
programs: ship cups
2024-04-14 03:33:55 +00:00
a8915661a7
style: refine the base pink color for mpv and sway/waybar
...
this matches swaync a little better. mpv had to be made lighter, i think because of transparency stuff. probably sway/waybar could be made normal lightness
2024-04-13 20:29:24 +00:00
dd58ba8b00
gvfs: enable as part of nautilus, not sway
2024-04-13 20:29:24 +00:00
0a888e205e
programs: ship objdump
2024-04-13 20:29:24 +00:00
4b22fd95bf
introduce 'moby-min' host variant for the quickest deployment (no webkitgtk)
2024-04-13 20:29:24 +00:00
527a9e7612
feeds: add The Side View
2024-04-10 04:47:34 +00:00
3686e6e508
feeds: subscribe to Future of Coding
2024-04-10 03:06:30 +00:00
cda50db23b
loupe: associate with avif filetype
2024-04-09 19:22:59 +00:00
9be6960bbf
sway: disable shortcuts for creating sub-splits
...
i'm just always accidentally triggering them
2024-04-09 16:24:02 +00:00
a45aabfb72
sway: todo: load background from a more traditional path
2024-04-09 16:19:56 +00:00
876103ff7b
mpv: remove legacy ao=alsa and volume-max config
2024-04-09 16:10:05 +00:00
46cda87d5e
notejot: fix sandboxing
2024-04-09 15:44:01 +00:00
d728dfcd70
mpv: uosc: tweak the maximize button to actually act as a fullscreen toggle
2024-04-09 10:14:40 +00:00
19fcd0318c
mpv: remove the double-click-to-fullscreen shortcut
2024-04-09 10:09:17 +00:00
030f6d1a99
mpv: fix so pseudo-gui mode doesnt break logging
2024-04-09 09:58:16 +00:00
86b495cb9f
mpv: sane-sysvol: integrate with uosc mute button
2024-04-09 08:05:00 +00:00
c897f4fa4b
mpv: sane-sysvol: fix pipewire mute to reflect onto uosc volume level
...
ideally it would actually show up as the mute parameter!
2024-04-09 08:05:00 +00:00
8181a0664d
mpv: sane-sysvol: remove the unused id tracking
2024-04-09 08:05:00 +00:00
c37e94493f
mpv: sane-sysvol: optimize
2024-04-09 08:05:00 +00:00
b9e107510d
mpv: sane-sysvol: dont force system volume to zero on init
2024-04-09 08:05:00 +00:00
0f4c1ccfe3
mpv: update input.conf for sane-cast rename
2024-04-09 08:05:00 +00:00
9d9413c790
mpv: announce pipewire volume changes so uosc can listen for them
2024-04-09 08:05:00 +00:00
64c28ae657
mpv: don't need to force uosc volume state to 0 by default; nil is OK
2024-04-09 08:05:00 +00:00
1f4c885748
mpv: sane-sysvol script: init
...
it's a one-way volume control, but that's a start
2024-04-09 08:05:00 +00:00
0545b178af
mpv: rename plugin: sane -> sane-cast
2024-04-09 08:04:51 +00:00
fe4b6c36c4
feeds: subscribe to jwz.org
2024-04-09 03:55:25 +00:00
fce3436c88
servo: expose Milkbags to the internet :)
2024-04-08 06:55:09 +00:00
3aba91b360
mpv: fix race condition in uosc/ao-volume monitoring
2024-04-06 23:41:59 +00:00
907933612d
htop: statically populate config
2024-04-06 23:41:59 +00:00
b4877a488e
discord: add media into sandbox
2024-04-06 09:36:55 +00:00
4b3975367a
fix warnings: remove xdg-desktop-portal patch; fix mautrix-meta enable logic
2024-04-05 21:40:42 +00:00
28110c3e85
fix system hang during vim ctrl+z (disable io_uring in libuv)
2024-04-05 07:29:55 +00:00
43aa498ff9
mpv: fix uosc touch controls
2024-04-05 07:29:15 +00:00
f7e4504764
pict-rs: remove no-transcoding patch (it doesnt apply anymore)
2024-04-04 19:09:12 +00:00
7ab148ea58
servo: migrate /var/media to be 100% on zfs pool
2024-04-04 06:20:50 +00:00
0dfeec3260
mpv-uosc: 5.2.0 -> 5.2.0-unstable-2024-03-13
2024-04-04 06:19:15 +00:00
eb2317a743
mpv: 0.37.0 -> 0.37.0-unstable-2024-03-31
2024-04-04 06:19:15 +00:00
7c3ad85d75
sane-bt-add: fix sandboxing
2024-04-03 09:48:21 +00:00
410097480f
docs: servo: fs: fix setfacl typo
2024-04-03 09:48:10 +00:00
f5fadbe4cf
transmission: place torrents in a separate directory, and copy them to the main media directory on completion
2024-04-03 09:48:10 +00:00
a0550660e7
feeds: add The Corresponding Source podcast
2024-04-02 22:10:36 +00:00
a814832e48
feeds: add Hacker Public Radio podcast
2024-04-02 19:34:42 +00:00
747032d9a4
dino: run with higher scheduling priority
2024-04-02 09:02:44 +00:00
9b2e35b93f
pipewire: ship rtkit and unlock better scheduling priority
2024-04-02 09:02:06 +00:00
d2751237c1
xdg-desktop-portal-wlr: propery document its dependency on pipewire
2024-04-02 09:01:35 +00:00
ae87160de3
dino: 0.4.3 -> 0.4.3-unstable-2024-04-01
2024-04-02 04:57:11 +00:00
a90a213cc0
apps: gui: disable under-used "blanket" noise generator
2024-04-02 04:18:53 +00:00
24c04b8fc0
docs: xdg-desktop-portal: link to Door Knocker debugging tool
2024-04-02 04:18:53 +00:00
9d9791814a
audacity: fix sandboxing
2024-04-02 02:56:51 +00:00
331e673589
common/fs: mount /mnt/servo/media/* directories more granularly
...
this benefits sandboxing
2024-04-01 07:31:25 +00:00
bbb93600b7
/mnt/servo/*: mount in a way which doesn't block sandboxes
2024-04-01 06:00:17 +00:00
c0de54c11a
curlftpfs: exit on timeout error
2024-04-01 04:02:32 +00:00
0d29722443
common/fs: refactor and DRY
2024-04-01 02:12:06 +00:00
1c2a375b6d
common/fs: split curlftpfs into sane.programs
...
this makes it easier to build outside of /etc/fstab context, and opens a future path to sandboxing
2024-04-01 00:50:14 +00:00
b6840a3ed4
curlftpfs: build via my own repo
2024-04-01 00:43:07 +00:00
74e994598e
feeds: add David Revoy
2024-03-31 20:28:41 +00:00
856b6fcd7a
feeds: add Willow
2024-03-31 18:20:49 +00:00
cd6a91e995
sway: tune sandboxing
2024-03-31 05:59:10 +00:00
ade680d9d2
unl0kr: remove legacy wayland stuff (it's handled by s6 now)
2024-03-31 05:20:33 +00:00
6d4a43fa0d
sway: warn when needed runtime dirs dont exist
2024-03-31 05:20:20 +00:00
d3ad661970
servo: zfs: enable reflink support
2024-03-31 03:48:34 +00:00
1e7de43da8
docs: sway: mention that hotplugging is broken
2024-03-31 03:24:33 +00:00
eff37765ae
sane.image: fix so imgs.moby
includes a working bootloader
2024-03-31 03:24:33 +00:00
a65673847a
superTux, superTuxKard: don't ship on moby
...
i don't use it there; it wastes deploy time
2024-03-31 03:24:33 +00:00
930c5e2412
delfin: don't ship
...
i don't use it; it wastes deploy time
2024-03-31 03:24:33 +00:00
e855be4796
hosts/common: port /mnt/servo/* from NFS -> FTP
...
fuse ftp seems to be easier to debug than kernel nfs so far
2024-03-28 23:15:05 +00:00
701e10b121
hosts/common/fs: optimize NFS options
2024-03-28 23:15:05 +00:00
eadb2057d9
sane-wipe: port from systemd -> s6
2024-03-28 23:15:05 +00:00
5ed29ceb47
servo: /var/media: fixup permissions so everything is r/w by "media" group, including sftpgo
2024-03-28 23:14:40 +00:00
725ab13628
servo: nfs: allow UDP NFSv3 connections
2024-03-27 00:54:58 +00:00
32e691b85b
feeds: add Hardcore Software by Steven Sinofsky
2024-03-26 14:08:13 +00:00
0108502055
feedbackd: fix so it depends on pipewire before launch
2024-03-26 13:48:13 +00:00
c6a1f310a0
servo: net: actually assert that ovpns exists if we fail to add it
2024-03-26 11:13:10 +00:00
1d494513a9
slskd: document common errors/flakiness
2024-03-26 11:04:21 +00:00
fb79ca4c8e
programs: iproute: use a less restrictive sandbox
2024-03-26 10:54:29 +00:00
3cf42db7dc
slskd: fix for more recent nixpkgs
2024-03-26 10:47:20 +00:00
5ecabc57bf
feeds: add low<-tech magazine
2024-03-25 13:13:41 +00:00
48a4c1bd26
feeds: add nixpkgs.news
2024-03-25 13:13:03 +00:00
febedb9323
nits: update --replace
uses to --replace-{fail,quiet}
as appropriate
2024-03-24 12:49:18 +00:00
4e74ba5bab
swaync-service-dispatcher: fix start/stop inversion
2024-03-24 12:22:54 +00:00
9c0b175260
swaync: allow toggling of s6 services
2024-03-24 11:54:12 +00:00
774066e53c
swaync: factor out a "service-dispatcher"
2024-03-24 09:21:07 +00:00
86400f45d6
swaync: port to s6
2024-03-24 08:56:06 +00:00
ddef2d0bfc
swaync: rename: print-is-active -> print-systemd-active
2024-03-24 08:54:27 +00:00
0172aa0b69
swaync: refactor
2024-03-24 08:54:27 +00:00
ce991c8887
swaync: refactor
2024-03-24 08:54:27 +00:00
92d8d42997
swaync: split the buttons out of the main config file
2024-03-24 08:54:27 +00:00
1c4ef84ec7
swaync: remove legacy sxmo-specific notification visibility rules
2024-03-24 08:54:27 +00:00
a820ae57c0
swaync: remove sxmo timer rules
2024-03-24 08:54:27 +00:00
89f913cadc
xdg-desktop-portal: 1.18.2 -> 1.18.2-unstable-2024-03-11
...
this will *hopefully* improve stability
2024-03-24 08:08:48 +00:00
d14fda2e62
engrampa: remove custom patch (upstream released a new version)
2024-03-24 07:46:22 +00:00
f680a4a25c
engrampa: patch the package via sane.programs, not nixpkgs overlay
2024-03-24 07:44:30 +00:00
47d37b4ce5
xdg-desktop-portal: enable logging
2024-03-24 07:19:33 +00:00
a1cc045837
waybar: update persistent_workspaces -> persistent-workspaces
...
the former is deprecated
2024-03-24 06:17:43 +00:00
7f8cae42ff
s6: migrate to /run/user/$id/s6
2024-03-23 21:33:08 +00:00
5b83d4d944
s6-rc: patch to use /run/user/$id/s6 as the default live dir
2024-03-23 20:52:42 +00:00
f16a68f5bb
element-desktop: use native wayland, not Xwayland
2024-03-23 18:51:41 +00:00
46fe6c690b
sway: fix WAYLAND_DISPLAY to be relative
2024-03-23 17:59:37 +00:00
dd7b1dae5f
sway: remove unnecessary pidspace sandbox exception
...
i guess this was from when SWAYSOCK was named after the pid?
2024-03-23 17:35:39 +00:00
2e58353b0e
refactor: users/services: have waitExists
support waiting on multiple paths
2024-03-23 17:28:29 +00:00
f65d3d04dc
sway: do the WAYLAND_DISPLAY moving inside sway config itself
2024-03-23 17:09:57 +00:00
6102a0301d
sway: move $WAYLAND_DISPLAY into a subdir to make it easier to sandbox
2024-03-23 16:37:22 +00:00
39de5b84c2
sway: fix readiness check
2024-03-23 15:54:20 +00:00
5205251f6f
programs: xwayland: sandbox it without exposing net access
2024-03-23 15:33:23 +00:00