|
|
c490b6e6ad
|
common/polyunfill: simplify my config by using the new security.pam.package option
|
2024-08-02 10:04:20 +00:00 |
|
|
|
89d678c729
|
nixpkgs: 2024-07-29 -> 2024-07-31
|
2024-08-02 10:03:48 +00:00 |
|
|
|
c64163290c
|
gocryptfs: return to running mainline
i don't need the bug fix anymore, since i don't use pam_mount anymore
|
2024-08-02 09:52:20 +00:00 |
|
|
|
eaeb8380dc
|
fs: enable @basic-api everywhere, since its required by systemd restart logic
|
2024-08-02 09:13:55 +00:00 |
|
|
|
05a9e8e819
|
common: /mnt/servo: fix systemd mount files to be aware of the timeout, again
|
2024-08-02 08:16:13 +00:00 |
|
|
|
cf20230d96
|
sane.fs: cleanup
plumb systemd.{mounts,services} instead of the less detailed 'systemd'
|
2024-08-02 08:01:38 +00:00 |
|
|
|
9dbb2a6266
|
sane.fs: take in the role of generating systemd.mounts files
|
2024-08-02 07:33:21 +00:00 |
|
|
|
113b107d73
|
persist: fix ordering so stores arent required by local-fs.target
maybe they should be, but then there's weird stuff about getty depending on sysinit.target, and that being blocked by the private store...
|
2024-08-02 06:20:39 +00:00 |
|
|
|
96dfe79a8c
|
fs: persist/private: harden systemd mount file
|
2024-08-02 05:17:44 +00:00 |
|
|
|
6e5bde17aa
|
cleanup: persist/private: simplify
|
2024-08-02 05:00:55 +00:00 |
|
|
|
3eb66c098b
|
trust-dns: make it a dependency of "network-online.target"
|
2024-08-02 04:54:58 +00:00 |
|
|
|
515aab5370
|
cleanup: persist/private: encode the dependencies more precisely, rather than just having it all depend on default.target
|
2024-08-02 04:50:33 +00:00 |
|
|
|
f925dd9a20
|
fs: isolate /mnt/servo/* and /mnt/persist/ephemeral a bit more
|
2024-08-02 04:45:14 +00:00 |
|
|
|
cbe6bdf158
|
hosts: fs: sandbox /mnt/servo/* mounts
|
2024-08-02 03:17:53 +00:00 |
|
|
|
949a52dee1
|
activationScripts.notifyActive: be quiet about sane-deadlines/sane-sysload
|
2024-08-02 01:11:19 +00:00 |
|
|
|
2ee1fb17c4
|
sane-deadlines, sane-sysload: fix ordering to not run before the environment is configured
|
2024-08-02 01:04:07 +00:00 |
|
|
|
48cc718700
|
login: remove systemd-user-sessions integration so that we dont block on remote-fs
tested on lappy. will it work on servo, with gitea?
|
2024-08-02 00:52:51 +00:00 |
|
|
|
6a7dd31755
|
vpn: fix warning about missing /32 syntax
|
2024-08-02 00:37:58 +00:00 |
|
|
|
2197951e12
|
NetworkManager-dispatcher: cleanup an ordering cycle between it and trust-dns-localhost
|
2024-08-02 00:36:54 +00:00 |
|
|
|
883db3e9ba
|
todo.md: sync
|
2024-08-02 00:33:35 +00:00 |
|
|
|
312b0a5554
|
todo.md: sandbox the remaining filesystems
|
2024-08-01 22:50:03 +00:00 |
|
|
|
07de46c616
|
todo.md: remove completed items
|
2024-08-01 22:48:49 +00:00 |
|
|
|
efc16a9e80
|
persist: harden the "ephemeral" store mount environment
there's only so much this can actually achieve. it's still quite possible for someone who knows what they're doing to do large amounts of damage
|
2024-08-01 22:40:55 +00:00 |
|
|
|
161f272f41
|
gpodder-adaptive: track youtube-dl upstreaming
|
2024-08-01 20:02:47 +00:00 |
|
|
|
6aa6c0020c
|
lightning-cli: fix sandboxing
|
2024-08-01 19:59:23 +00:00 |
|
|
|
acd46940e4
|
clightning: lift the build fix into pkgs/default.nix
this lets me apply it outside the context of a nixos module
|
2024-08-01 19:53:05 +00:00 |
|
|
|
00a25f1533
|
feeds: fix complex systems URL
|
2024-08-01 19:52:22 +00:00 |
|
|
|
bc0a1eb1b3
|
feeds: sub to Complex Systems Podcast
|
2024-08-01 18:58:39 +00:00 |
|
|
|
cd3f483df0
|
sway: add "Super+B" shortcut to open the Web Browser
|
2024-08-01 18:55:25 +00:00 |
|
|
|
38a183cf3b
|
sane-open: backfill missing configureKeyboardFor_uri method
|
2024-08-01 18:54:50 +00:00 |
|
|
|
5ed6e84cc7
|
sane-open: refactor
|
2024-08-01 18:54:04 +00:00 |
|
|
|
7c1a0fc323
|
sane-open: add --debug flag
|
2024-08-01 18:52:55 +00:00 |
|
|
|
f16066549f
|
sane-open: fallback to URI instead of file when we cant do anything more specialized
|
2024-08-01 18:52:06 +00:00 |
|
|
|
659da66106
|
sane-open: add the ability to open URIs
|
2024-08-01 18:50:17 +00:00 |
|
|
|
c07eaba873
|
tor-browser: associate with .onion URLs
|
2024-08-01 18:34:38 +00:00 |
|
|
|
bb420bd45d
|
firefox: add a desktop item for launching inside a VPN
|
2024-08-01 18:10:32 +00:00 |
|
|
|
3902432864
|
where-am-i: fix bin linking
|
2024-08-01 17:57:45 +00:00 |
|
|
|
33efbeda8a
|
link manpages into all linkIntoOwnPackage users
|
2024-08-01 17:43:58 +00:00 |
|
|
|
8206fb0519
|
linkIntoOwnPackage: place man/doc into separate outputs
|
2024-08-01 17:11:24 +00:00 |
|
|
|
2687286489
|
servo: nginx: switch to mainline zlib to silence syslog warnings
|
2024-08-01 01:25:16 +00:00 |
|
|
|
d5e52e21f7
|
sane-stop-all-servo: stop ntfy and trust-dns-doof services
|
2024-07-31 23:40:51 +00:00 |
|
|
|
367fc24aa8
|
nixpkgs: full_index=1: actually apply to all PR urls -- not just nixpkgs commits
|
2024-07-31 20:59:07 +00:00 |
|
|
|
bf45206d1a
|
nixpkgs: use full_index=1 when fetching patches, for stable hashes
|
2024-07-31 20:52:38 +00:00 |
|
|
|
397b2ae2ea
|
nixpkgs: update hashes
|
2024-07-30 22:05:01 +00:00 |
|
|
|
f0ebb305ec
|
nixpkgs: update hashes
though it's probably fetchpatch2 just being stupid again and i'll revert
|
2024-07-30 21:58:01 +00:00 |
|
|
|
e629d2d999
|
rsync-net: harden systemd service, and dodge the "pasta doesnt support root" bug
|
2024-07-30 21:54:25 +00:00 |
|
|
|
9b2601e450
|
cross: fix texinfo (used for info command)
|
2024-07-30 16:23:06 +00:00 |
|
|
|
a20c13fffe
|
firefox-extensions.ublacklist: 8.9.1 -> 8.9.2
|
2024-07-30 15:50:04 +00:00 |
|
|
|
20a2d8dc1c
|
uassets: 2024-07-28 -> 2024-07-29
|
2024-07-30 15:50:04 +00:00 |
|
|
|
297bf7e090
|
syshud: 2024-07-21 -> 2024-07-29
|
2024-07-30 15:50:04 +00:00 |
|
