colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
4,914 Commits 125 Branches 1 Tag 13 MiB
bda932c3df
Commit Graph

557 Commits

Author SHA1 Message Date
Colin
bda932c3df programs: supertuxkart: sandbox with bwrap 2024-02-06 01:10:39 +00:00
Colin
1c4e2f97fe swaylock: mark sandboxing as unsupported 2024-02-05 23:36:35 +00:00
Colin
6eb2a3d67f programs: handbrake: sandbox with bwrap 2024-02-05 22:28:15 +00:00
Colin
ddc41bc9d8 programs: pavucontrol/pwvucontrol: sandbox with bwrap 2024-02-05 22:15:48 +00:00
Colin
7d833ebf76 programs: kdenlive: sandbox with bwrap 2024-02-05 22:07:37 +00:00
Colin
bfc0eadfaa programs: hitori: sandbox with bwrap 2024-02-05 21:52:57 +00:00
Colin
ff1cbcc16b programs: gnome-clocks,gnome-calendar: sandbox with bwrap 2024-02-05 21:46:27 +00:00
Colin
9a8d8a20bd programs: frozen-bubble: persist data and sandbox with bwrap 2024-02-05 21:32:58 +00:00
Colin
cd1d22e7b9 programs: gnome-calculator: sandbox with bwrap 2024-02-05 20:58:38 +00:00
Colin
2c0e93826d programs: gimp: sandbox with bwrap 2024-02-05 20:53:05 +00:00
Colin
cab346f3ad programs: delfin: sandbox with bwrap 2024-02-05 20:44:47 +00:00
Colin
a2decaff9c programs: bemenu: sandbox with landlock 2024-02-05 18:41:52 +00:00
Colin
8ef9f7a485 epiphany: persist dconf settings; reduce sandboxer errors 2024-02-05 18:31:38 +00:00
Colin
12846732b9 programs: blanket: sandbox with bwrap 2024-02-05 18:26:21 +00:00
Colin
e84079e84c programs: firefox: allow sandbox access to ~/dev 2024-02-05 18:17:49 +00:00
Colin
45ffd9246d programs: brave: sandbox with bwrap 2024-02-05 18:17:28 +00:00
Colin
6d1eae2200 programs: gnome-2048: sandbox with bwrap 2024-02-05 08:26:06 +00:00
Colin
293eab8225 koreader: use modern openssl 2024-02-04 20:05:02 +00:00
Colin
abdbb83e10 koreader: replace vendored dependencies with their nixpkgs equivalents much more effectively 
the old method was still causing everything to be re-compiled within koreader, rather than linking against the nix store.

decreases build time to about 3m on a desktop
 2024-02-04 19:39:32 +00:00
Colin
dc74bca06a programs: vim: add private/knowledge to sandbox 2024-02-03 23:53:53 +00:00
Colin
42523b75a8 programs: gdb: disable sandboxing 2024-02-03 23:53:34 +00:00
Colin
111946eb1d programs: vim, imagemagick: fix sandboxing to consider uncreated files 2024-02-03 14:07:53 +00:00
Colin
14b20fd9c2 programs: komikku: fix sandboxing 2024-02-03 00:52:17 +00:00
Colin
2df1b20f02 programs: epiphany: simplify the sandboxing 2024-02-03 00:44:23 +00:00
Colin
2f9fad503c programs: fix sandboxing errors for programs which create files (notably: ffmpeg) 2024-02-03 00:17:54 +00:00
Colin
56734fe5da mpv: add /dev/dri to the sandbox 2024-02-02 19:18:30 +00:00
Colin
3c96f6d418 programs: koreader: enable DRI in the sandbox, and use wrappedDerivation 2024-02-02 17:22:57 +00:00
Colin
86b23e8183 programs: fractal: enable DRI in sandbox 2024-02-02 17:19:35 +00:00
Colin
6151eee8d5 programs (assorted): fix wantedBy = "default.target" to be more specific 
now GUI apps aren't stuck in a restart loop until sway starts

in particular, signal-desktop can actually be autostarted
 2024-02-02 14:21:57 +00:00
Colin
715ac42f13 remove samba from closure 
current samba hangs during configurePhase. this is not the first time samba has failed to build. nor the third. purge it.
 2024-02-01 15:28:40 +00:00
Colin
368eb2c29b programs: git: whitelist more repo roots 2024-01-31 21:17:48 +00:00
Colin
8736ca478b programs: firefox: allow access to servo image-macros 2024-01-31 15:36:09 +00:00
Colin
cb3960fb21 programs: git: fix access to ~/private/knowledge 2024-01-31 15:35:21 +00:00
Colin
6e24a1ff28 programs: re-enable sops 2024-01-31 15:30:15 +00:00
Colin
f5c88853ee sway: replace "greetd" with "unl0kr"-based login process 2024-01-31 15:20:27 +00:00
Colin
0009e5ca4c programs: sandboxing: use wrapperType="wrappedDerivation" where applicable 2024-01-29 15:21:16 +00:00
Colin
db6ba61429 programs: sandbox more apps with wrapperType=wrappedDerivation 2024-01-29 13:45:57 +00:00
Colin
d3f7a036ce ripgrep: move options out of assorted.nix into its own file 2024-01-29 12:57:56 +00:00
Colin
0454abacd9 komikku: sandbox 2024-01-29 12:56:08 +00:00
Colin
1cb2c5225f programs: use wrapperType=wrappedDerivation where possible 2024-01-29 12:07:04 +00:00
Colin
6f86e61a00 firefox: fix build 
zip was giving some complaints... i'm not sure why, i think it still works
 2024-01-29 09:57:35 +00:00
Colin
c1a1f51ca2 git: fix git-upload-pack (used on the remote when doing git pull) 2024-01-29 09:57:27 +00:00
Colin
bfec531fa2 sandbox a bunch more apps 2024-01-28 11:43:05 +00:00
Colin
de11edffa5 programs/assorted: remove more unused programs 2024-01-28 11:34:33 +00:00
Colin
e536e3c718 programs/assorted.nix: remove unused tree-sitter package 2024-01-28 11:03:09 +00:00
Colin
17d14dbac2 programs/assorted.nix: uninstall some programs i don't frequently use 2024-01-28 10:40:57 +00:00
Colin
94981ef335 vim: sandbox 2024-01-28 10:39:08 +00:00
Colin
3cd244be76 git: sandbox with bwrap 2024-01-28 10:36:19 +00:00
Colin
7da979503b bubblewrap: explicitly disable sandboxing 2024-01-27 17:20:40 +00:00
Colin
3b32c26026 zsh: explicitly disable sandboxing 2024-01-27 17:20:24 +00:00