d2ac88d66d
nixpatches: upstream the gnome-keyring cross compilation patch
2024-05-14 23:12:59 +00:00
b534af5203
signal-desktop: use nixpkgs' nodejs instead of the signal pin
...
it still seems stable
2024-05-14 23:12:41 +00:00
b06b75441c
signal-desktop: 7.0.0 -> 7.8.0
2024-05-14 23:05:00 +00:00
1f405fb2ba
element-desktop: update electron_28 -> electron_29
2024-05-14 22:32:56 +00:00
ffe9dcedf7
koreader: 2024.03 -> 2024.04
2024-05-14 22:12:23 +00:00
fc649de64c
fractal: remove dead code
2024-05-14 20:56:50 +00:00
1210696e3a
fractal: re-enable jpeg decoding
2024-05-14 20:56:37 +00:00
47ced34c84
fractal: 6-unstable-2024-01-31 -> 7
2024-05-14 20:15:27 +00:00
ae7034d942
nixpkgs: 2024-05-13 -> 2024-05-14; nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/eda36d7cf3391ad06097009b08822fb74acd5e00' (2024-05-13)
→ 'github:nixos/nixpkgs/a47743431bb52c25eecbeda1bb2350902478befe' (2024-05-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0a949cf2618e8eab83aa008f1f8e03db137ed36c' (2024-05-13)
→ 'github:nixos/nixpkgs/18198ef6f41074a6b42318dacb6fa4712b893ba4' (2024-05-14)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ed18785b8816fa878bdd9df7f2e8722695401ef8' (2024-05-13)
→ 'github:nix-community/nixpkgs-wayland/ce959368cbc8202181f37a464c825d54720b6b68' (2024-05-14)
```
2024-05-14 18:04:22 +00:00
f3cf9e0bed
trust-dns: set it to NOT be the system resolver for servo
...
trust-dns recursor is too beta for servo
2024-05-14 09:03:10 +00:00
3a7c9022af
trust-dns: bump StartLimitBurst so systemd doesnt abort the service too early
2024-05-14 08:50:37 +00:00
2a199bf373
trust-dns: recursor: merge DHCP DNS servers from all non-downed connections
...
otherwise overwriting the toml configs gets messy, when interfaces come up in unpredictable order
2024-05-14 08:25:59 +00:00
53198128e8
trust-dns: hook NetworkManager for state changes
...
there may be some edgecases to sort out around e.g. first-run,
but so far it seems to be importing the DHCP search zones :)
2024-05-14 07:42:41 +00:00
bee3eea040
modules/programs: sandbox: remove no-longer-needed /run/systemd/resolve from sandbox
2024-05-14 04:18:29 +00:00
1e202baa8a
networkmanager: tune config
...
mostly just pruning unused features
2024-05-14 04:18:29 +00:00
39eb1d150a
dns: deploy trust-dns as the default recursive resolver
...
outstanding issues: native.uninsane.org doesn't resolve. appears possibly to be an issue with following CNAMEs
2024-05-14 04:18:29 +00:00
68e6666819
trust-dns: use my patched version
2024-05-14 04:18:29 +00:00
447e1feb9c
sway: fix Super+L shortcut to actually lock
2024-05-14 04:17:05 +00:00
26e3c3e5b7
s6-rc: fix persist.byStore.persist
typo
2024-05-14 04:16:50 +00:00
38c038f4f7
sane-sandboxed: fix typo in linkCache queries, which would otherwise break for paths containing spaces
2024-05-14 01:22:08 +00:00
3557994cbb
gnome-clocks: fix sound an sandboxing artifacts
2024-05-14 01:21:37 +00:00
f3106ee316
programs: maxBuildCost: fix to actually build everything by default
2024-05-13 22:57:40 +00:00
bef0099eec
scripts/clean: fix to cleanup more dangling result
symlinks
2024-05-13 22:45:33 +00:00
67434caf45
scripts: add a script to clean the git dir
2024-05-13 22:45:33 +00:00
be84ab1f45
programs: set buildCost=1
for assorted low-priority programs
2024-05-13 22:45:33 +00:00
43d32641f3
programs: buildCost: introduce a new level between min
and light
2024-05-13 22:45:33 +00:00
9bf0dbabae
gnome.seahorse: disable
2024-05-13 22:45:33 +00:00
8c7880774e
monero-gui: disable
2024-05-13 22:45:33 +00:00
5774aa4a8f
zulip: dont ship
2024-05-13 22:45:33 +00:00
6c6d11578e
cross: fix curl-impersonate-chome
build
2024-05-13 22:45:33 +00:00
f33e960bdf
cross: gnome-keyring: patch via nixpkgs patch instead of override
2024-05-13 22:45:33 +00:00
14202a5bcc
neovim: wrap in such a way as to avoid cross-compilation-specific patching
2024-05-13 22:45:33 +00:00
3d2babf2bb
overlays/cross: sync upstreaming status
2024-05-13 22:45:33 +00:00
9d51b2ecc7
nixpatches: stop applying patches i dont need
2024-05-13 22:45:33 +00:00
0b855efb5f
nixpkgs: bump; nixpkgs-wayland: bump
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6a217e9b1d39415076c7a6cfc44be5e935e7a839' (2024-05-13)
→ 'github:nixos/nixpkgs/eda36d7cf3391ad06097009b08822fb74acd5e00' (2024-05-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6bc8c8a7ac13182ee24a5e2caab7ad739f1c55c5' (2024-05-13)
→ 'github:nixos/nixpkgs/0a949cf2618e8eab83aa008f1f8e03db137ed36c' (2024-05-13)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/5f7272dff81558143f93e2cb32189a52ef965892' (2024-05-13)
→ 'github:nix-community/nixpkgs-wayland/ed18785b8816fa878bdd9df7f2e8722695401ef8' (2024-05-13)
```
2024-05-13 22:45:33 +00:00
2ae286ff75
nixpkgs: 2024-05-08 -> 2024-05-13, nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/c8e3f684443d7c2875ff169f6ef2533534105e7b' (2024-05-08)
→ 'github:nixos/nixpkgs/6a217e9b1d39415076c7a6cfc44be5e935e7a839' (2024-05-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a751e2faa2fc94c1337c32aaf6a6e417afe90be9' (2024-05-08)
→ 'github:nixos/nixpkgs/6bc8c8a7ac13182ee24a5e2caab7ad739f1c55c5' (2024-05-13)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7dc8fb2aa7db995ac1ce2a8f2f8d8784b2af591c' (2024-05-08)
→ 'github:nix-community/nixpkgs-wayland/5f7272dff81558143f93e2cb32189a52ef965892' (2024-05-13)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/26fabca301e1133abd3d9192b1bcb6fb45b30f1d' (2024-05-05)
→ 'github:nix-community/lib-aggregate/09883ca828e8cfaacdb09e29190a7b84ad1d9925' (2024-05-12)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/4b620020fd73bdd5104e32c702e65b60b6869426' (2024-05-05)
→ 'github:nix-community/nixpkgs.lib/58e03b95f65dfdca21979a081aa62db0eed6b1d8' (2024-05-12)
• Updated input 'nixpkgs-wayland/nix-eval-jobs':
'github:nix-community/nix-eval-jobs/7b6640f2a10701bf0db16aff048070f400e8ea7c' (2024-04-23)
→ 'github:nix-community/nix-eval-jobs/63154bdfb22091041b307d17863bdc0e01a32a00' (2024-05-09)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/nixpkgs':
'github:NixOS/nixpkgs/1e1dc66fe68972a76679644a5577828b6a7e8be4' (2024-04-22)
→ 'github:NixOS/nixpkgs/ad7efee13e0d216bf29992311536fce1d3eefbef' (2024-05-06)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/893e3df091f6838f4f9d71c61ab079d5c5dedbd1' (2024-05-06)
→ 'github:Mic92/sops-nix/b6cb5de2ce57acb10ecdaaf9bbd62a5ff24fa02e' (2024-05-12)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/b980b91038fc4b09067ef97bbe5ad07eecca1e76' (2024-05-04)
→ 'github:NixOS/nixpkgs/8e47858badee5594292921c2668c11004c3b0142' (2024-05-11)
```
2024-05-13 22:45:33 +00:00
a05fa53ee1
curlftpfs: EXPERIMENT: double the connect timeout to see if this reduces dropped conns
2024-05-13 07:52:43 +00:00
46d95805e9
programs: simplify sandbox symlink closure code
2024-05-13 07:49:00 +00:00
9346a066d1
sane-sandboxed: fix typo in derefOnce
2024-05-13 06:49:43 +00:00
567531727e
sane-sandboxed: fix typos in normPath
2024-05-13 06:32:13 +00:00
6c65e4b313
sane-sandboxed: be a little more careful with out vars
2024-05-13 04:00:15 +00:00
e6b13adb61
sane-open: associate rofi-applications.desktop
with keyboard
2024-05-13 03:19:03 +00:00
bd3e06982b
sane-sandboxed: tweak symlink caching to allow /run/current-system to be bind-mounted instead of symlinked
2024-05-13 02:11:47 +00:00
660ba94c7c
sane-sandboxed: introduce a symlink cache to reduce readlink
calls even more
...
it's all a bit silly. i still do a bunch of -L tests: i just avoid the costly readlink fork :|
2024-05-13 01:31:30 +00:00
11ddce043d
sane-sandboxed: reduce forking (use out vars)
2024-05-12 22:35:05 +00:00
980fe6b33c
sane-sandboxed: use local
where applicable
2024-05-12 22:15:34 +00:00
016df3ff74
sane-open: launch some .desktop files even when they point outside ~/.local/share/applications
...
an unfortunate reality is that symlinks tend to get dereferenced too
early by other programs.
2024-05-12 22:13:28 +00:00
d827235d31
sane-sandboxed: be more strict internally about keeping paths
var as absolute-paths
2024-05-12 21:44:33 +00:00
f7a25d1421
sane-sandboxed: bwrap: expose symlinks to the sandbox directly, instead of binding
...
some things (e.g. `sane-open`) require the symlink, and lose too much
info when working only with the bind. having the sandboxed environment
stay similar to the out env sould make debugging things simpler
2024-05-12 21:42:31 +00:00
d148b19767
sane-sandboxed: expand symlinks before binding them into the sandbox
2024-05-12 21:41:49 +00:00