Colin
7bb7a24b22
sanebox: tidy up the quoting in a few more edge-cases
2024-05-18 00:00:03 +00:00
Colin
795786f46b
sanebox: prefer `case` statments over if/elif/elif... constructs
2024-05-17 23:32:51 +00:00
Colin
26aa68ee59
sanebox: replace short-circuit eval idiom with if/else
2024-05-17 23:21:36 +00:00
Colin
85c0e72bf1
sanebox: remove unnecessary quotes in case statement
2024-05-17 23:15:00 +00:00
Colin
bf98da0061
sanebox: remove extraneous quotes
...
probably some still remain
2024-05-17 23:01:24 +00:00
Colin
76434b6970
sanebox: make it more obvious what we substitute at build-time
2024-05-17 22:27:55 +00:00
Colin
0698d4be24
landlock-sandboxer: define meta.mainProgram
2024-05-17 22:26:55 +00:00
Colin
afb9d273ab
servo: re-enable slskd
2024-05-17 22:00:46 +00:00
Colin
0003d79324
sane-tag-music: add a `print-missing` subcommand
2024-05-17 09:41:50 +00:00
Colin
e9bfc6cebd
sane-tag-music: fix help message formatting
2024-05-17 09:20:33 +00:00
Colin
aeed9ffd5b
sane-sync-music: prune directories left empty by sync
2024-05-17 08:59:36 +00:00
Colin
9c27b8e864
swaync: sort icons
2024-05-17 08:42:35 +00:00
Colin
af34d395fc
swaync: fix Discord icon
2024-05-17 07:18:23 +00:00
Colin
008b659a10
swaync: reorder icons
2024-05-17 05:49:28 +00:00
Colin
1ce2839df9
swaync: clean up icons a bit more
2024-05-17 05:45:15 +00:00
Colin
022d15c2c7
swaync: increase font size of service icons
2024-05-17 03:42:32 +00:00
Colin
908a2ca6c3
swaync: fix a bug that i couldnt see all icons on the same row
2024-05-17 03:21:41 +00:00
Colin
614eebfdc0
todo.md: document a sandbox link cache bug
2024-05-17 03:21:11 +00:00
Colin
42fb79b025
swaync: improve gnome-calls icon
2024-05-17 00:49:40 +00:00
Colin
4265ea9b99
calls: auto-start
2024-05-17 00:41:32 +00:00
Colin
a7d376778e
gnome-calls: re-enable
2024-05-17 00:36:56 +00:00
Colin
157af52112
feeds: add Grumpy.website
2024-05-16 19:25:22 +00:00
Colin
c7838486d3
nixpkgs: 2024-05-14 -> 2024-05-16, nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/a47743431bb52c25eecbeda1bb2350902478befe' (2024-05-14)
→ 'github:nixos/nixpkgs/1887e39d7e68bb191eb804c0f976ad25b3980595' (2024-05-16)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/18198ef6f41074a6b42318dacb6fa4712b893ba4' (2024-05-14)
→ 'github:nixos/nixpkgs/977a49df312d89b7dfbb3579bf13b7dfe23e7878' (2024-05-16)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ce959368cbc8202181f37a464c825d54720b6b68' (2024-05-14)
→ 'github:nix-community/nixpkgs-wayland/5e2c5345f3204c867c9d4183cbb68069d0f7a951' (2024-05-16)
• Updated input 'nixpkgs-wayland/nix-eval-jobs':
'github:nix-community/nix-eval-jobs/63154bdfb22091041b307d17863bdc0e01a32a00' (2024-05-09)
→ 'github:nix-community/nix-eval-jobs/bb95091f6c6f38f6cfc215a1797a2dd466312c8b' (2024-05-15)
```
2024-05-16 09:46:40 +00:00
Colin
1ac5b56f34
todo.md: task to fix ip netns sandboxing
2024-05-16 09:42:05 +00:00
Colin
5924d092f4
coturn: expand documentation
2024-05-16 09:41:53 +00:00
Colin
63cbcb0896
todo.md: add a few improvements to make
2024-05-16 04:39:35 +00:00
Colin
7cff078698
todo.md: remove completed items
2024-05-16 04:10:09 +00:00
Colin
a5f6aae6f5
desko: use stock systemd resolver
...
i need a backup system to use when things are broken, and this helps with debugging as well
2024-05-16 03:12:30 +00:00
Colin
fd94422982
distcc: purge
2024-05-16 02:51:38 +00:00
Colin
55a7119e3f
ccache: purge
2024-05-16 02:51:03 +00:00
Colin
d258d4ddd5
desko: re-enable firewall
2024-05-16 02:49:03 +00:00
Colin
c39aab34e0
refactor: nix_serve_privkey -> nix_signing_key
2024-05-16 02:48:16 +00:00
Colin
9d725a0974
servo: disable unused nixcache.uninsane.org
2024-05-16 02:46:23 +00:00
Colin
4a15339e0e
desko: re-introduce the nix_serve key, which is actually needed for SSH deployements, not just nix-serve
2024-05-16 02:43:32 +00:00
Colin
df4ef0ce5a
desko: disable nix-serve
2024-05-16 02:35:27 +00:00
Colin
3bb5546aaf
systemd-logind: fix to not sleep when i close the lid (again)
2024-05-16 02:13:02 +00:00
Colin
4de3c6d664
sanebox: fix tab typo when parsing the link cache
2024-05-16 00:15:57 +00:00
Colin
b5502ea401
sanebox: remove --sanebox-cache-symlink flag
2024-05-15 23:59:38 +00:00
Colin
1211023c55
modules/programs: remove dead code from per-user profiles
2024-05-15 23:58:10 +00:00
Colin
b4229ecb1e
sanebox: load the link cache from a static /etc path instead of via CLI args
2024-05-15 23:55:15 +00:00
Colin
348837ff4a
programs: sandboxing: replace profiles with raw CLI args
2024-05-15 09:13:20 +00:00
Colin
17eaa7446a
sanebox: remove all profile-related features except for direct, path-based profile loading
2024-05-15 09:13:20 +00:00
Colin
530664294a
programs: sandbox: always specify --sanebox-profile-dir instead of loading from XDG_DATA_DIRS
2024-05-15 08:54:16 +00:00
Colin
b649071d98
programs: sandboxing: make the profiles be generic across users
...
this is a step toward making the profile not even be dynamically loaded, since its content is no longer dynamic :)
2024-05-15 08:48:09 +00:00
Colin
ea2653b7ce
programs: sandboxing: pass home- and runtime-relative paths to the sandboxer, instead of making absolute first
2024-05-15 08:20:09 +00:00
Colin
d97f0f7300
sanebox: implement --sanebox-home-path and --sanebox-run-path flags
2024-05-15 08:05:00 +00:00
Colin
ee43fcdb89
rename LG TV -> Cuddlevision
2024-05-15 07:50:38 +00:00
Colin
4c1b1282d6
modules/programs: sandbox: be compatible with systemd resolved again
2024-05-15 02:57:40 +00:00
Colin
bc73a16475
networkmanager: fix to be compatible when systemd-resolved is enabled
2024-05-15 02:57:40 +00:00
Colin
adfaa7f9c1
sane-sandboxed -> sanebox
2024-05-15 01:41:40 +00:00
Colin
f9a6873ee9
signal-desktop: remove NIXOS_OZONE_WL=1 hack (no longer required)
2024-05-15 00:10:00 +00:00
Colin
66f73c92bd
trust-dns: asSystemResolver: listen also on ipv6 address
2024-05-14 23:38:01 +00:00
Colin
d5e8974a4a
refactor: trust-dns: listenAddrs -> listenAddrsIpv4
2024-05-14 23:22:50 +00:00
Colin
e040a5b0c5
servo: trust-dns: remove hn-resolver
...
my hosts run their own recursive DNS resolvers now, so there's no need for the wireguard VPN to provide them with that
2024-05-14 23:20:19 +00:00
Colin
d2ac88d66d
nixpatches: upstream the gnome-keyring cross compilation patch
2024-05-14 23:12:59 +00:00
Colin
b534af5203
signal-desktop: use nixpkgs' nodejs instead of the signal pin
...
it still seems stable
2024-05-14 23:12:41 +00:00
Colin
b06b75441c
signal-desktop: 7.0.0 -> 7.8.0
2024-05-14 23:05:00 +00:00
Colin
1f405fb2ba
element-desktop: update electron_28 -> electron_29
2024-05-14 22:32:56 +00:00
Colin
ffe9dcedf7
koreader: 2024.03 -> 2024.04
2024-05-14 22:12:23 +00:00
Colin
fc649de64c
fractal: remove dead code
2024-05-14 20:56:50 +00:00
Colin
1210696e3a
fractal: re-enable jpeg decoding
2024-05-14 20:56:37 +00:00
Colin
47ced34c84
fractal: 6-unstable-2024-01-31 -> 7
2024-05-14 20:15:27 +00:00
Colin
ae7034d942
nixpkgs: 2024-05-13 -> 2024-05-14; nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/eda36d7cf3391ad06097009b08822fb74acd5e00' (2024-05-13)
→ 'github:nixos/nixpkgs/a47743431bb52c25eecbeda1bb2350902478befe' (2024-05-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0a949cf2618e8eab83aa008f1f8e03db137ed36c' (2024-05-13)
→ 'github:nixos/nixpkgs/18198ef6f41074a6b42318dacb6fa4712b893ba4' (2024-05-14)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ed18785b8816fa878bdd9df7f2e8722695401ef8' (2024-05-13)
→ 'github:nix-community/nixpkgs-wayland/ce959368cbc8202181f37a464c825d54720b6b68' (2024-05-14)
```
2024-05-14 18:04:22 +00:00
Colin
f3cf9e0bed
trust-dns: set it to NOT be the system resolver for servo
...
trust-dns recursor is too beta for servo
2024-05-14 09:03:10 +00:00
Colin
3a7c9022af
trust-dns: bump StartLimitBurst so systemd doesnt abort the service too early
2024-05-14 08:50:37 +00:00
Colin
2a199bf373
trust-dns: recursor: merge DHCP DNS servers from all non-downed connections
...
otherwise overwriting the toml configs gets messy, when interfaces come up in unpredictable order
2024-05-14 08:25:59 +00:00
Colin
53198128e8
trust-dns: hook NetworkManager for state changes
...
there may be some edgecases to sort out around e.g. first-run,
but so far it seems to be importing the DHCP search zones :)
2024-05-14 07:42:41 +00:00
Colin
bee3eea040
modules/programs: sandbox: remove no-longer-needed /run/systemd/resolve from sandbox
2024-05-14 04:18:29 +00:00
Colin
1e202baa8a
networkmanager: tune config
...
mostly just pruning unused features
2024-05-14 04:18:29 +00:00
Colin
39eb1d150a
dns: deploy trust-dns as the default recursive resolver
...
outstanding issues: native.uninsane.org doesn't resolve. appears possibly to be an issue with following CNAMEs
2024-05-14 04:18:29 +00:00
Colin
68e6666819
trust-dns: use my patched version
2024-05-14 04:18:29 +00:00
Colin
447e1feb9c
sway: fix Super+L shortcut to actually lock
2024-05-14 04:17:05 +00:00
Colin
26e3c3e5b7
s6-rc: fix `persist.byStore.persist` typo
2024-05-14 04:16:50 +00:00
Colin
38c038f4f7
sane-sandboxed: fix typo in linkCache queries, which would otherwise break for paths containing spaces
2024-05-14 01:22:08 +00:00
Colin
3557994cbb
gnome-clocks: fix sound an sandboxing artifacts
2024-05-14 01:21:37 +00:00
Colin
f3106ee316
programs: maxBuildCost: fix to actually build everything by default
2024-05-13 22:57:40 +00:00
Colin
bef0099eec
scripts/clean: fix to cleanup more dangling `result` symlinks
2024-05-13 22:45:33 +00:00
Colin
67434caf45
scripts: add a script to clean the git dir
2024-05-13 22:45:33 +00:00
Colin
be84ab1f45
programs: set `buildCost=1` for assorted low-priority programs
2024-05-13 22:45:33 +00:00
Colin
43d32641f3
programs: buildCost: introduce a new level between `min` and `light`
2024-05-13 22:45:33 +00:00
Colin
9bf0dbabae
gnome.seahorse: disable
2024-05-13 22:45:33 +00:00
Colin
8c7880774e
monero-gui: disable
2024-05-13 22:45:33 +00:00
Colin
5774aa4a8f
zulip: dont ship
2024-05-13 22:45:33 +00:00
Colin
6c6d11578e
cross: fix `curl-impersonate-chome` build
2024-05-13 22:45:33 +00:00
Colin
f33e960bdf
cross: gnome-keyring: patch via nixpkgs patch instead of override
2024-05-13 22:45:33 +00:00
Colin
14202a5bcc
neovim: wrap in such a way as to avoid cross-compilation-specific patching
2024-05-13 22:45:33 +00:00
Colin
3d2babf2bb
overlays/cross: sync upstreaming status
2024-05-13 22:45:33 +00:00
Colin
9d51b2ecc7
nixpatches: stop applying patches i dont need
2024-05-13 22:45:33 +00:00
Colin
0b855efb5f
nixpkgs: bump; nixpkgs-wayland: bump
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6a217e9b1d39415076c7a6cfc44be5e935e7a839' (2024-05-13)
→ 'github:nixos/nixpkgs/eda36d7cf3391ad06097009b08822fb74acd5e00' (2024-05-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6bc8c8a7ac13182ee24a5e2caab7ad739f1c55c5' (2024-05-13)
→ 'github:nixos/nixpkgs/0a949cf2618e8eab83aa008f1f8e03db137ed36c' (2024-05-13)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/5f7272dff81558143f93e2cb32189a52ef965892' (2024-05-13)
→ 'github:nix-community/nixpkgs-wayland/ed18785b8816fa878bdd9df7f2e8722695401ef8' (2024-05-13)
```
2024-05-13 22:45:33 +00:00
Colin
2ae286ff75
nixpkgs: 2024-05-08 -> 2024-05-13, nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/c8e3f684443d7c2875ff169f6ef2533534105e7b' (2024-05-08)
→ 'github:nixos/nixpkgs/6a217e9b1d39415076c7a6cfc44be5e935e7a839' (2024-05-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a751e2faa2fc94c1337c32aaf6a6e417afe90be9' (2024-05-08)
→ 'github:nixos/nixpkgs/6bc8c8a7ac13182ee24a5e2caab7ad739f1c55c5' (2024-05-13)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7dc8fb2aa7db995ac1ce2a8f2f8d8784b2af591c' (2024-05-08)
→ 'github:nix-community/nixpkgs-wayland/5f7272dff81558143f93e2cb32189a52ef965892' (2024-05-13)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/26fabca301e1133abd3d9192b1bcb6fb45b30f1d' (2024-05-05)
→ 'github:nix-community/lib-aggregate/09883ca828e8cfaacdb09e29190a7b84ad1d9925' (2024-05-12)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/4b620020fd73bdd5104e32c702e65b60b6869426' (2024-05-05)
→ 'github:nix-community/nixpkgs.lib/58e03b95f65dfdca21979a081aa62db0eed6b1d8' (2024-05-12)
• Updated input 'nixpkgs-wayland/nix-eval-jobs':
'github:nix-community/nix-eval-jobs/7b6640f2a10701bf0db16aff048070f400e8ea7c' (2024-04-23)
→ 'github:nix-community/nix-eval-jobs/63154bdfb22091041b307d17863bdc0e01a32a00' (2024-05-09)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/nixpkgs':
'github:NixOS/nixpkgs/1e1dc66fe68972a76679644a5577828b6a7e8be4' (2024-04-22)
→ 'github:NixOS/nixpkgs/ad7efee13e0d216bf29992311536fce1d3eefbef' (2024-05-06)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/893e3df091f6838f4f9d71c61ab079d5c5dedbd1' (2024-05-06)
→ 'github:Mic92/sops-nix/b6cb5de2ce57acb10ecdaaf9bbd62a5ff24fa02e' (2024-05-12)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/b980b91038fc4b09067ef97bbe5ad07eecca1e76' (2024-05-04)
→ 'github:NixOS/nixpkgs/8e47858badee5594292921c2668c11004c3b0142' (2024-05-11)
```
2024-05-13 22:45:33 +00:00
Colin
a05fa53ee1
curlftpfs: EXPERIMENT: double the connect timeout to see if this reduces dropped conns
2024-05-13 07:52:43 +00:00
Colin
46d95805e9
programs: simplify sandbox symlink closure code
2024-05-13 07:49:00 +00:00
Colin
9346a066d1
sane-sandboxed: fix typo in `derefOnce`
2024-05-13 06:49:43 +00:00
Colin
567531727e
sane-sandboxed: fix typos in `normPath`
2024-05-13 06:32:13 +00:00
Colin
6c65e4b313
sane-sandboxed: be a little more careful with out vars
2024-05-13 04:00:15 +00:00
Colin
e6b13adb61
sane-open: associate `rofi-applications.desktop` with keyboard
2024-05-13 03:19:03 +00:00
Colin
bd3e06982b
sane-sandboxed: tweak symlink caching to allow /run/current-system to be bind-mounted instead of symlinked
2024-05-13 02:11:47 +00:00
Colin
660ba94c7c
sane-sandboxed: introduce a symlink cache to reduce `readlink` calls even more
...
it's all a bit silly. i still do a bunch of -L tests: i just avoid the costly readlink fork :|
2024-05-13 01:31:30 +00:00
Colin
11ddce043d
sane-sandboxed: reduce forking (use out vars)
2024-05-12 22:35:05 +00:00
Colin
980fe6b33c
sane-sandboxed: use `local` where applicable
2024-05-12 22:15:34 +00:00
Colin
016df3ff74
sane-open: launch some .desktop files even when they point outside ~/.local/share/applications
...
an unfortunate reality is that symlinks tend to get dereferenced too
early by other programs.
2024-05-12 22:13:28 +00:00
Colin
d827235d31
sane-sandboxed: be more strict internally about keeping `paths` var as absolute-paths
2024-05-12 21:44:33 +00:00
Colin
f7a25d1421
sane-sandboxed: bwrap: expose symlinks to the sandbox directly, instead of binding
...
some things (e.g. `sane-open`) require the symlink, and lose too much
info when working only with the bind. having the sandboxed environment
stay similar to the out env sould make debugging things simpler
2024-05-12 21:42:31 +00:00
Colin
d148b19767
sane-sandboxed: expand symlinks before binding them into the sandbox
2024-05-12 21:41:49 +00:00
Colin
89135d08cb
rofi: file browser: include an entry to open the app launcher
2024-05-12 19:46:51 +00:00
Colin
15a5afd2c4
sane-open: special-case how i open .desktop files to be compatible with portals
2024-05-12 19:46:03 +00:00
Colin
e63e359417
sane-open: fix so we can launch read-only files
2024-05-12 17:50:11 +00:00
Colin
3c1a74998e
applications: hide .desktop files which arent meant to be user-visible
2024-05-12 17:43:07 +00:00
Colin
eadf85f66d
sane-open: associate as the default launcher for .desktop files
2024-05-12 17:41:00 +00:00
Colin
536eb2154a
sane-open: add auto-keyboard action for a few more apps
2024-05-12 17:23:08 +00:00
Colin
e62365436c
sane-cast: implement `--device` option to choose a specific device non-interactively
2024-05-11 00:40:38 +00:00
Colin
4b04c283b6
fcitx5: temporarily disable
2024-05-10 17:51:37 +00:00
Colin
def5816003
sane-vpn: fix "regions" printing to print all regions
2024-05-10 09:07:59 +00:00
Colin
6f2ae56126
sane-cast: add an --always-ask option
2024-05-10 07:01:16 +00:00
Colin
a40f05260a
unl0kr: simplify the crash edge-case handling
2024-05-09 08:42:41 +00:00
Colin
2b539fafcd
unl0kr: handle some crashy edgecases
2024-05-09 08:38:22 +00:00
Colin
954c5c8344
trust-dns: fix so it starts as part of boot
2024-05-09 07:19:17 +00:00
Colin
2a8ecf0423
nixpkgs: 2024-04-28 -> 2024-05-08; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0e395f4da1693e39239ffac7abf73a0a6931c961' (2024-04-28)
→ 'github:nixos/nixpkgs/c8e3f684443d7c2875ff169f6ef2533534105e7b' (2024-05-08)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/93909e9c7b05634ad924ff97c259ae0859b81756' (2024-04-28)
→ 'github:nixos/nixpkgs/a751e2faa2fc94c1337c32aaf6a6e417afe90be9' (2024-05-08)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/4e58e2cf22d11426ed2f997551f3650de0639e3a' (2024-04-28)
→ 'github:nix-community/nixpkgs-wayland/7dc8fb2aa7db995ac1ce2a8f2f8d8784b2af591c' (2024-05-08)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/49d9b510614b9bd137e067eb31445a8feca83313' (2024-04-28)
→ 'github:nix-community/lib-aggregate/26fabca301e1133abd3d9192b1bcb6fb45b30f1d' (2024-05-05)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/ade4fb7bbf04cd52bc1705734d5dc67755d77ec9' (2024-04-28)
→ 'github:nix-community/nixpkgs.lib/4b620020fd73bdd5104e32c702e65b60b6869426' (2024-05-05)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/f1b0adc27265274e3b0c9b872a8f476a098679bd' (2024-04-23)
→ 'github:Mic92/sops-nix/893e3df091f6838f4f9d71c61ab079d5c5dedbd1' (2024-05-06)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd' (2024-04-20)
→ 'github:NixOS/nixpkgs/b980b91038fc4b09067ef97bbe5ad07eecca1e76' (2024-05-04)
```
2024-05-09 05:26:23 +00:00
Colin
a056ca84be
todo.md: fix multiple-schlocks bug
2024-05-07 15:26:08 +00:00
Colin
8d8bf00a34
s6-rc: use `s6-rc stop` instead of exiting 125 in the no-restart branch of "restartCondition = on-failure"
...
exiting 125 stops the service, but does NOT put it in the down state, preventing it from being re-started
2024-05-07 15:24:14 +00:00
Colin
f58bcb4767
swaylock, schlock: convert to services
2024-05-07 15:02:46 +00:00
Colin
4f56acc316
s6-rc: implement `restartCondition` to allow restarting of the service only on failure
2024-05-07 15:01:40 +00:00
Colin
fdf1b20368
s6-rc: propagate service status out of `run` script
2024-05-07 12:50:09 +00:00
Colin
c12691a3a0
todo.md: document multi-instance schlock issue
2024-05-06 17:31:54 +00:00
Colin
06bfa05ec1
todo.md: complete swaync modem toggle perm bug
2024-05-06 17:29:41 +00:00
Colin
32e06ce998
programs: gnome-disk-utility: grant sandbox access to ~/tmp
2024-05-06 05:15:28 +00:00
Colin
c0a7b831cd
sane-open: more robust auto-application/file detection
2024-05-05 05:19:07 +00:00
Colin
8c04023eba
sway: fix sane-open integration to not mistake it as a file
2024-05-05 05:04:25 +00:00
Colin
cf3cfc5249
sane-open: add debug logging
2024-05-05 05:03:22 +00:00
Colin
a1625ea41d
programs: ship zulip
2024-05-04 08:28:48 +00:00
Colin
2cedd2beb4
readme: fix renamed `users.nix` -> `users/default.nix`
2024-05-02 10:30:41 +00:00
Colin
6544b9aca4
doc: dns: fix typo
2024-05-02 10:27:38 +00:00
Colin
08a9b838e5
sane-input-handler: fix log bog
2024-04-30 19:22:37 +00:00
Colin
b7dd40e558
sane-open-desktop -> sane-open and have it auto-open/close the keyboard based on what an app wants
2024-04-30 19:22:37 +00:00
Colin
7f2abf7e6e
sane-input-handler: fix missing newline when logging
2024-04-30 15:30:39 +00:00
Colin
825812e511
sane-input-handler: reset rofi directory to ~ when using the app + fsbrowser
2024-04-30 15:29:00 +00:00
Colin
69e5495cc9
sane-input-handler: set keyboard as appropriate for file/app browser
2024-04-30 15:16:59 +00:00
Colin
b422f15b59
sane-input-handler: swap volup tap/hold actions
2024-04-30 14:38:17 +00:00
Colin
889b332ade
trust-dns: split the parts which are generalizable into their own file
...
i can try to build this into a recursive resolver for *all* my hosts
2024-04-30 14:35:56 +00:00
Colin
46d1a49f0f
servo: enable `sane-cast` program
2024-04-29 21:50:03 +00:00
Colin
1b156dcb0a
networkmanager: fix eval error when not enabled
2024-04-29 05:58:32 +00:00
Colin
efd2f14a13
nixpkgs: 2024-04-27 -> 2024-04-28; nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/19c30e016f04874d60ed0922bf58be4aa9a15e53' (2024-04-27)
→ 'github:nixos/nixpkgs/0e395f4da1693e39239ffac7abf73a0a6931c961' (2024-04-28)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/77759bd39047f1b92f12b26b55029f0cc2c88093' (2024-04-27)
→ 'github:nixos/nixpkgs/93909e9c7b05634ad924ff97c259ae0859b81756' (2024-04-28)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ff41a88e80aaf3ae1561cc6a54636fc46f9214de' (2024-04-27)
→ 'github:nix-community/nixpkgs-wayland/4e58e2cf22d11426ed2f997551f3650de0639e3a' (2024-04-28)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/3b32a98eb3053f8c8ca55497d1881443ef2996e6' (2024-04-21)
→ 'github:nix-community/lib-aggregate/49d9b510614b9bd137e067eb31445a8feca83313' (2024-04-28)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/6882347415e352cfc9c277cc01f73e0f5cb7b93c' (2024-04-21)
→ 'github:nix-community/nixpkgs.lib/ade4fb7bbf04cd52bc1705734d5dc67755d77ec9' (2024-04-28)
```
2024-04-29 04:16:33 +00:00
Colin
d4d06d037c
replace pipewire ffadoSupport toggle with a patch to fix cross compilation
2024-04-28 15:07:28 +00:00
Colin
9525c09c41
cross: remove obsoleted gpodder patch
2024-04-27 17:10:50 +00:00
Colin
e5876a1e5b
nixpkgs: 2024-04-26 -> 2024-04-27; nixpkgs-wayland -> 2024-04-27
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/7d3f4eadec32d447a5f20d87fa309f00986cb288' (2024-04-26)
→ 'github:nixos/nixpkgs/19c30e016f04874d60ed0922bf58be4aa9a15e53' (2024-04-27)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0b868df4ced96400774414f5baf30b696215b98f' (2024-04-26)
→ 'github:nixos/nixpkgs/77759bd39047f1b92f12b26b55029f0cc2c88093' (2024-04-27)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ca9d278400c170935a95dd75e7e2537c2afd1cb7' (2024-04-26)
→ 'github:nix-community/nixpkgs-wayland/ff41a88e80aaf3ae1561cc6a54636fc46f9214de' (2024-04-27)
```
2024-04-27 16:18:28 +00:00
Colin
1757ea4492
cross: upstream eyeD3 patch
2024-04-27 13:31:47 +00:00
Colin
39d31c3ffd
swaync-service-dispatcher: add `-b` to block on service state query, to avoid incorrect responses when run in parallel
2024-04-27 12:32:12 +00:00
Colin
c50ef59102
swaync: fix service state tracking for oneshot services
2024-04-27 12:13:34 +00:00
Colin
5fc4ca6dad
modemmanager: ship udev rules
2024-04-27 12:01:01 +00:00
Colin
35c7527946
modemmanager: fix so it's active on boot
2024-04-27 11:54:08 +00:00
Colin
7e8a014f37
NetworkManager: use the upstream service file
2024-04-27 10:58:21 +00:00
Colin
4ce951bbed
wpa_supplicant: re-enable
2024-04-27 10:34:25 +00:00
Colin
f784550b9b
networkmanager: migrate from nixpkgs service to my own
2024-04-27 09:51:55 +00:00
Colin
1f2bbd4aec
refactor: split modemmanager stuff into own file
2024-04-27 08:32:15 +00:00
Colin
2389757581
firefox-extensions.browserpass-extension: 3.7.2-2023-06-18 -> 3.8.0
2024-04-27 08:32:05 +00:00
Colin
9021ab9f05
s6: fix oneshot service runner
...
the runner previously couldn't find the 'live' directory, where the service state lives. now it can
2024-04-27 08:05:54 +00:00
Colin
547d71c19a
nixpkgs: 2024-04-24 -> 2024-04-26, nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/acba655f267a49327f2cea95003f17b8540909c0' (2024-04-24)
→ 'github:nixos/nixpkgs/7d3f4eadec32d447a5f20d87fa309f00986cb288' (2024-04-26)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/1eb9a6980dee3970850f47ba8139c7402f54a9a0' (2024-04-24)
→ 'github:nixos/nixpkgs/0b868df4ced96400774414f5baf30b696215b98f' (2024-04-26)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/80659e4b2805654de851996e682b063a5d7eea5e' (2024-04-24)
→ 'github:nix-community/nixpkgs-wayland/ca9d278400c170935a95dd75e7e2537c2afd1cb7' (2024-04-26)
```
2024-04-27 06:33:24 +00:00
Colin
79bba42768
s6-rc: fix oneshot services to generate `up`, not `run`
2024-04-27 06:33:24 +00:00
Colin
8dd4fe06f3
s6: longshot -> longrun (typo)
2024-04-27 05:22:35 +00:00
Colin
19115dfb65
eg25-control: port to s6 (hopefully)
2024-04-26 21:44:13 +00:00
Colin
4c0ae75b00
todo.md: more context for the uosc volume issue
2024-04-26 17:21:32 +00:00
Colin
34842c00fe
moby: make the modem powerable by the user, without root
...
this should allow migrating eg25-control to a user service
2024-04-26 17:19:38 +00:00
Colin
46a513b263
feeds: subscribe to SamuelDR
2024-04-26 17:19:38 +00:00
Colin
6129fbf2b3
lemmy: upstream the proxy headers
2024-04-26 16:44:43 +00:00
Colin
242541304e
todo.md: document a few moby bugs around modem
2024-04-26 13:05:34 +00:00
Colin
f3d2dee470
lemmy: fix federation (broke due to invalid HTTP signatures)
2024-04-26 10:31:47 +00:00
Colin
3d207ab7bb
coturn: allocate 256 ports instead of 16
2024-04-26 08:47:52 +00:00
Colin
95447eb765
goaccess: fix missing state dir
2024-04-26 08:47:09 +00:00
Colin
593268f620
coturn: run inside ovpns namespace
2024-04-26 08:01:34 +00:00
Colin
5c98a51cd6
dino: build without echo cancelation
...
this reduces CPU load on moby; it may also have implications for incoming call audio though, still sorting that out
2024-04-26 05:11:43 +00:00
Colin
4453bde815
dino: increase buffering 20ms -> 100ms (closer to 82ms, actually)
2024-04-25 11:28:22 +00:00
Colin
7843f9650a
feeds: subscribe to The Amp Hour (podcast)
2024-04-25 05:54:10 +00:00
Colin
82dce71b9c
feeds: add microarch.club podcast
2024-04-25 05:51:52 +00:00
Colin
8a981c3ca9
hackgregator: init at 2024-12-05
...
N.B.: it uses appstream/bwrap, and hence much be run with capsh --caps=
2024-04-25 03:56:57 +00:00
Colin
9c00c2c5cc
zsh: add `exit` aliases: `ecit`, `exi5`
2024-04-25 01:51:45 +00:00
Colin
aad645f2c5
nixpkgs: 2024-04-22 -> 2024-04-24; nixpkgs-wayland; sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/fe2b7d6a922c875221671df6aa360b6e73d47e2f' (2024-04-22)
→ 'github:nixos/nixpkgs/acba655f267a49327f2cea95003f17b8540909c0' (2024-04-24)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8a3f95b79ba3083cfff90752296ef8a52a6bec9a' (2024-04-22)
→ 'github:nixos/nixpkgs/1eb9a6980dee3970850f47ba8139c7402f54a9a0' (2024-04-24)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/f01c36f09cc5c2d77cbab4475528e06d6641bff4' (2024-04-22)
→ 'github:nix-community/nixpkgs-wayland/80659e4b2805654de851996e682b063a5d7eea5e' (2024-04-24)
• Updated input 'nixpkgs-wayland/nix-eval-jobs':
'github:nix-community/nix-eval-jobs/6b03a93296faf174b97546fd573c8b379f523a8d' (2024-01-14)
→ 'github:nix-community/nix-eval-jobs/7b6640f2a10701bf0db16aff048070f400e8ea7c' (2024-04-23)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/flake-parts':
'github:hercules-ci/flake-parts/34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5' (2023-12-01)
→ 'github:hercules-ci/flake-parts/9126214d0a59633752a136528f5f3b9aa8565b7d' (2024-04-01)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/nix-github-actions':
'github:nix-community/nix-github-actions/93e39cc1a087d65bcf7a132e75a650c44dd2b734' (2023-11-28)
→ 'github:nix-community/nix-github-actions/5163432afc817cf8bd1f031418d1869e4c9d5547' (2023-12-29)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/nixpkgs':
'github:NixOS/nixpkgs/d6863cbcbbb80e71cecfc03356db1cda38919523' (2023-12-21)
→ 'github:NixOS/nixpkgs/1e1dc66fe68972a76679644a5577828b6a7e8be4' (2024-04-22)
• Updated input 'nixpkgs-wayland/nix-eval-jobs/treefmt-nix':
'github:numtide/treefmt-nix/2961375283668d867e64129c22af532de8e77734' (2023-12-19)
→ 'github:numtide/treefmt-nix/49dc4a92b02b8e68798abd99184f228243b6e3ac' (2024-04-01)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/4371a1301c4d36cc791069d90ae522613a3a335e' (2024-04-22)
→ 'github:Mic92/sops-nix/f1b0adc27265274e3b0c9b872a8f476a098679bd' (2024-04-23)
```
2024-04-24 22:19:36 +00:00
Colin
d01e49f566
pipewire: switch back to `bwrap` sandboxing and document limitations
2024-04-24 13:14:35 +00:00
Colin
7447d4879e
pipewire: man: link to docs
2024-04-24 10:33:23 +00:00
Colin
215864e3d4
pipewire: reduce realtime priority so it doesnt crash moby gpu driver
2024-04-24 09:36:22 +00:00
Colin
0cbb81cfea
WIP: pipewire: trying to tune so lima doesnt crash
2024-04-24 09:20:13 +00:00
Colin
9d7816a1cd
koreader: fix sandboxing so that i can open links again
2024-04-24 01:02:02 +00:00
Colin
461aa5ede0
htop: include "PRIORITY" column
2024-04-23 12:01:15 +00:00
Colin
b5874f4b49
sane-cast: fix casting for relative paths to mp4-only devices
2024-04-23 09:12:53 +00:00
Colin
10fc7bbb84
curlftpfs: document sandbox attempt
2024-04-23 09:08:05 +00:00
Colin
87e3f2a9ef
pipewire: split rtkit into own file, and use defaults from pipewire project
2024-04-23 09:08:05 +00:00
Colin
5006692594
linux-megous: 6.7-20240306 -> 6.8-20240405
2024-04-23 09:08:05 +00:00
Colin
9481131daf
pipewire: sandbox with landlock (so that rtkit integration works) and split rtkit into own file
2024-04-23 09:08:05 +00:00
Colin
ae418fb2d1
valgrind: mark as not sandboxable
2024-04-23 09:08:05 +00:00
Colin
c174eddddf
wireplumber: sandbox such that it gets higher sched priority
2024-04-23 09:08:05 +00:00
Colin
6d74c6616c
pipewire: shrink the mount sandbox
2024-04-23 09:08:05 +00:00
Colin
7db40fbf47
sane-cast: add a menu for choosing which device to cast to whenever there are multiple
2024-04-23 08:10:05 +00:00
Colin
152a5d4c92
sane-cast: integrate with mpv
2024-04-23 07:52:48 +00:00
Colin
e33b7d7701
sane-cast: init
2024-04-23 07:37:17 +00:00
Colin
01e176d902
libjxl: fix hash
2024-04-23 05:42:24 +00:00
Colin
fd771cdb2c
fs: mount media/torrents instead of media/freeleech (the latter was removed)
2024-04-23 01:25:57 +00:00
Colin
243e8b831b
libjxl cross patch: push upstream
2024-04-22 23:40:06 +00:00
Colin
9a8b4395f1
nixpkgs: 2024-04-19 -> 2024-04-22; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6ad1fe08582fcdfedb2cb7c31b4a016a227bd38a' (2024-04-19)
→ 'github:nixos/nixpkgs/fe2b7d6a922c875221671df6aa360b6e73d47e2f' (2024-04-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/40d15ed86dd08eff6a29e0a9abc416001d19cd67' (2024-04-19)
→ 'github:nixos/nixpkgs/8a3f95b79ba3083cfff90752296ef8a52a6bec9a' (2024-04-22)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/ab0f8d391a960764348935e6497fc62ba0d2378d' (2024-04-19)
→ 'github:nix-community/nixpkgs-wayland/f01c36f09cc5c2d77cbab4475528e06d6641bff4' (2024-04-22)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/f347ed9a1cab12c27541ed4d173e2f2d5c9bc0bb' (2024-04-14)
→ 'github:nix-community/lib-aggregate/3b32a98eb3053f8c8ca55497d1881443ef2996e6' (2024-04-21)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/361d8a4f443bbfab20bd6d222f9022b8c6665906' (2024-04-14)
→ 'github:nix-community/nixpkgs.lib/6882347415e352cfc9c277cc01f73e0f5cb7b93c' (2024-04-21)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/b94c6edbb8355756c53efc8ca3874c63622f287a' (2024-04-18)
→ 'github:Mic92/sops-nix/4371a1301c4d36cc791069d90ae522613a3a335e' (2024-04-22)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/8494ae076b7878d61a7d2d25e89a847fe8f8364c' (2024-04-18)
→ 'github:NixOS/nixpkgs/74574c38577914733b4f7a775dd77d24245081dd' (2024-04-20)
```
2024-04-22 22:44:15 +00:00
Colin
4c7cd06212
go2tv: clarify compatibility
2024-04-22 12:45:55 +00:00
Colin
d0de6a9254
sftpgo: reduce the passive port range
...
hopefully this eases the load on the upstream firewall's UPNP service
2024-04-22 12:08:23 +00:00
Colin
12f2798140
servo: sftpgo: move to own directory
2024-04-22 12:05:16 +00:00
Colin
bd92076291
fontconfig: populate the cache directory even when cross compiling
2024-04-22 09:47:20 +00:00
Colin
9cbe774c5a
sane-input-handler: fix power_hold -> power_tap_1_hold when inhibited by rofi
2024-04-22 06:27:33 +00:00
Colin
b4653b20a2
moby: button map: move vol{up,down}_hold to only act in power-off, else they may falsely trigger during other power-on actions
2024-04-22 05:13:29 +00:00
Colin
2c011df252
moby: tweak button mappings
...
- power hold: toggle media
- power x1 -> hold: kill
now nothing in screenoff uses power x2, which means we can get to
screen-on without waiting for any timeout.
2024-04-22 05:10:35 +00:00
Colin
9d472bb290
sane-input-handler: clean up suggestedPrograms
2024-04-22 04:13:56 +00:00
Colin
95b21cbed9
moby: update improve button mappings
...
- power + volup: screenshot
- power + voldown: camera
- volup_hold: file browser
- remove modal media controls
2024-04-22 04:05:52 +00:00
Colin
82007c9b40
bonsai: store the config in ~/.config to allow easier online editing
2024-04-22 04:05:15 +00:00
Colin
50c72de4f9
megapixels: fix folder icon to actually open ~/Pictures/Photos
2024-04-22 00:16:46 +00:00
Colin
36237a3201
megapixels: remove unnecessary `~/tmp` directory from sandbox
2024-04-22 00:16:14 +00:00
Colin
eb9df628e6
megapixels: remove unnecessary ~/.local/share/applications from sandbox
2024-04-21 23:49:29 +00:00
Colin
6e04e288ea
todo.md: document rofi crashes
2024-04-21 23:21:43 +00:00
Colin
a92960d778
megapixels: place photos in ~/Pictures/Photos instead of directly in ~/Pictures
2024-04-21 23:13:49 +00:00
Colin
ef9b0e9309
megapixels: fix .dng -> .jpg conversion
2024-04-21 21:59:05 +00:00
Colin
350e00e0cd
firefox: decrease scrollbar width 20px -> 14px
2024-04-21 21:08:07 +00:00
Colin
e924363dfb
sysvol: 2024-02-08 -> 2024-04-11
...
it no longer flashes the volume on init
2024-04-21 20:43:03 +00:00
Colin
b12f31652c
todo.md: update `blast` items
2024-04-21 11:15:22 +00:00
Colin
b77e811ad4
blast-to-default: leverage sane-die-with-parent
2024-04-21 11:09:23 +00:00
Colin
a000a722ba
mpv: fix so sane-sysvol doesnt hang exit
2024-04-21 10:08:46 +00:00
Colin
4dde01245e
mpv: sane_sysvol: fix non_blocking_popen to use metatables and be more readable
2024-04-21 03:47:01 +00:00
Colin
f50c0a98c2
sane-sysvol -> sane_sysvol, sane-cast -> sane_cast
...
when a script contains a dash, mpv silently renames *parts* of it to _, which causes confusion
2024-04-21 00:27:30 +00:00
Colin
0625bfdd10
mpv: sane-cast: fix crash due to missing `table.concat` function
2024-04-21 00:24:46 +00:00
Colin
4dfee58d09
sops: fix sandbox path
2024-04-20 21:43:13 +00:00
Colin
a7b8eb179b
pipewire: move the clock quantum config into sane.programs proper
...
this ensures it's available in the sandbox
2024-04-20 09:09:05 +00:00
Colin
f10bb6c86c
sftpgo: adjust file mode to be compatible with Kodi
2024-04-20 08:07:00 +00:00
Colin
a59a7b5346
feeds: podcasts: add Tech Tales
2024-04-19 21:46:03 +00:00
Colin
1bd715e57e
nixpkgs: 2024-04-18 -> 2024-04-19; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/19d2eb80a0e23daf1c4a8cf25b1011fbdb2260fb' (2024-04-18)
→ 'github:nixos/nixpkgs/6ad1fe08582fcdfedb2cb7c31b4a016a227bd38a' (2024-04-19)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/457c34178411e0072e59564ee7986e86255a6eff' (2024-04-18)
→ 'github:nixos/nixpkgs/40d15ed86dd08eff6a29e0a9abc416001d19cd67' (2024-04-19)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7867aa617c6eb205b1ac1b71d98cd18a2561bb18' (2024-04-17)
→ 'github:nix-community/nixpkgs-wayland/ab0f8d391a960764348935e6497fc62ba0d2378d' (2024-04-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/cc535d07cbcdd562bcca418e475c7b1959cefa4b' (2024-04-15)
→ 'github:Mic92/sops-nix/b94c6edbb8355756c53efc8ca3874c63622f287a' (2024-04-18)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/c27f3b6d8e29346af16eecc0e9d54b1071eae27e' (2024-04-13)
→ 'github:NixOS/nixpkgs/8494ae076b7878d61a7d2d25e89a847fe8f8364c' (2024-04-18)
```
2024-04-19 20:33:48 +00:00
Colin
b7d2020f10
sane-tag-music: fix --help message
2024-04-19 07:29:20 +00:00
Colin
317996b609
clightning-sane: document the `status` command more
2024-04-19 07:29:20 +00:00
Colin
e197f6f54d
clightning-sane: fix build
2024-04-19 07:29:20 +00:00
Colin
135f63480b
clightning-sane: add a help message
2024-04-19 07:29:20 +00:00
Colin
d9ffa5bb5a
wike: fix sandboxing for 3.0
2024-04-19 01:26:58 +00:00
Colin
f59f13588f
jackett/transmission/slskd: validate public IP address before starting
2024-04-18 20:05:59 +00:00
Colin
c668a895d4
static-nix-shell: populate meta.mainProgram
2024-04-18 20:00:47 +00:00
Colin
9442a87311
sane-ip-check: add an --expect option to abort if IP address is not as expected
2024-04-18 19:46:16 +00:00
Colin
3bd56fb565
sane-ip-check: refactor: split out a `main` function
2024-04-18 19:42:16 +00:00
Colin
bdc3b1ed0e
sane-ip-check: port argument parsing to argparse
2024-04-18 19:40:44 +00:00
Colin
40af93a7fb
feeds: add apenwarr
2024-04-18 17:29:50 +00:00
Colin
cd4fc97bde
nixpkgs: 2024-04-17 -> 2024-04-18; nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/73f2b40dfc3413958695ae66fca3a52ee68451d6' (2024-04-17)
→ 'github:nixos/nixpkgs/19d2eb80a0e23daf1c4a8cf25b1011fbdb2260fb' (2024-04-18)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/2528b053e7c482baa8cd93cdce81172c3f0a3cee' (2024-04-17)
→ 'github:nixos/nixpkgs/457c34178411e0072e59564ee7986e86255a6eff' (2024-04-18)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/b0260157fccc94f4fe5a09fb3a1b1f62a87ae397' (2024-04-17)
→ 'github:nix-community/nixpkgs-wayland/7867aa617c6eb205b1ac1b71d98cd18a2561bb18' (2024-04-17)
```
2024-04-18 06:56:13 +00:00
Colin
a36ff517e7
servo: slskd: disable
2024-04-18 06:55:56 +00:00
Colin
3642ead646
trust-dns: 0.24.0 -> 0.24.1
2024-04-18 06:03:34 +00:00
Colin
60c370df3f
sftpgo: fix domain name in banner
2024-04-18 05:01:57 +00:00
Colin
d80852c6c1
sftpgo: re-enable password login
2024-04-18 04:58:59 +00:00
Colin
62b3047fff
sftpgo: support FTPS
2024-04-18 04:34:41 +00:00
Colin
de2c3a30ff
programs: ship lftp ftp client
2024-04-18 04:17:10 +00:00
Colin
c08280589d
lsof: fix sandboxing
2024-04-17 23:43:42 +00:00
Colin
9a9ffcbea9
transmission: fix faulty "find" expression (thanks shellcheck!)
2024-04-17 23:32:00 +00:00
Colin
733efcfaf7
servo: nginx: forceSSL for anything media related
2024-04-17 22:49:24 +00:00
Colin
b34d984572
servo: transmission: remove noisy files upon torrent completion
2024-04-17 20:47:00 +00:00
Colin
e2b58e1b77
servo: transmission: be extra strict about requiring VPN
2024-04-17 19:52:11 +00:00
Colin
b7e5bc5972
servo: sftpgo: disable external access
2024-04-17 19:41:57 +00:00
Colin
831b4ad72a
nixpkgs: 2024-04-16 -> 2024-04-17; nixpkgs-wayland -> 2024-04-17
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/097ced11fa37dec3146e0480026c0c10d7d35e6f' (2024-04-16)
→ 'github:nixos/nixpkgs/73f2b40dfc3413958695ae66fca3a52ee68451d6' (2024-04-17)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/7f1c8f1b9071c77b81b62e3be62ef5e3d0c578ad' (2024-04-16)
→ 'github:nixos/nixpkgs/2528b053e7c482baa8cd93cdce81172c3f0a3cee' (2024-04-17)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/a03b8253e5cedb72a0957f7d534ad2702d7a54f0' (2024-04-15)
→ 'github:nix-community/nixpkgs-wayland/b0260157fccc94f4fe5a09fb3a1b1f62a87ae397' (2024-04-17)
```
2024-04-17 09:54:45 +00:00
Colin
54cefa247a
dino: record another bug
2024-04-17 09:53:08 +00:00
Colin
e3898449b7
sane-tag-music: allow manually specifying the track number
2024-04-17 09:45:10 +00:00
Colin
e5bad6a74c
sane-tag-music: fixup track numbers
2024-04-17 07:56:52 +00:00
Colin
254343a6af
todo.md: sync
2024-04-17 02:26:09 +00:00
Colin
28bfd75114
sane-tag-music: split into two operations
2024-04-17 02:25:54 +00:00
Colin
b7fd5e78cc
swaync: show volume-per-app (TODO: stylize it better)
2024-04-17 01:37:03 +00:00
Colin
79985ff009
dino: docs: update notes about BUGS
2024-04-16 20:50:00 +00:00
Colin
62f5b9276f
pwvucontrol: whitelist DRI inside the sandbox, for better perf
2024-04-16 20:49:33 +00:00
Colin
276844af0b
sane-tag-music: update docs
2024-04-16 19:56:58 +00:00
Colin
13c1f01a6b
servo: pleroma: migrate port 4000 -> 4040
...
port 4000 is used by NFS
2024-04-16 18:57:54 +00:00
Colin
5f281f57de
servo: transmission: inline nested torrent directories
2024-04-16 18:25:41 +00:00
Colin
089e434e3f
servo: transmission: fix group permissions of media when copying them to public dir
2024-04-16 16:31:10 +00:00
Colin
b068b50d7c
sane-bt: require specifying a title when torrenting films
2024-04-16 16:05:39 +00:00
Colin
14911868e4
nixpkgs: 2024-04-14 -> 2024-04-16; nixpkgs-wayland, sops-nix, uninsane-dot-org
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/2d0506704b7d92cc610412b176b515fe1a782095' (2024-04-14)
→ 'github:nixos/nixpkgs/097ced11fa37dec3146e0480026c0c10d7d35e6f' (2024-04-16)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/bc59f72803cf40fb50f05cb73068d85b5ce21297' (2024-04-14)
→ 'github:nixos/nixpkgs/7f1c8f1b9071c77b81b62e3be62ef5e3d0c578ad' (2024-04-16)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/b816217ba4fc77d19ca033ab8f13b35ba0331e91' (2024-04-13)
→ 'github:nix-community/nixpkgs-wayland/a03b8253e5cedb72a0957f7d534ad2702d7a54f0' (2024-04-15)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/2737d0204685c3274390229a09eb8f7eaa1a9e89' (2024-04-07)
→ 'github:nix-community/lib-aggregate/f347ed9a1cab12c27541ed4d173e2f2d5c9bc0bb' (2024-04-14)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/3c62b6a12571c9a7f65ab037173ee153d539905f' (2024-04-07)
→ 'github:nix-community/nixpkgs.lib/361d8a4f443bbfab20bd6d222f9022b8c6665906' (2024-04-14)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/226062b47fe0e2130ba3ee9f4f1c880dc815cf87' (2024-04-14)
→ 'github:Mic92/sops-nix/cc535d07cbcdd562bcca418e475c7b1959cefa4b' (2024-04-15)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=b9502e6f190752d327f8cee7fa4b139094bd7c16 ' (2024-03-25)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=af8420d1c256d990b5e24de14ad8592a5d85bf77 ' (2024-04-15)
```
2024-04-16 04:59:59 +00:00
Colin
539fe48947
swaync: cleanup
2024-04-16 04:14:07 +00:00
Colin
259c3af526
swaync-fbcli: fix CPU pegging when canceling a phone ringer
2024-04-16 02:18:51 +00:00
Colin
6b5e0e57bc
swaync: unify the *DEBUG variables
2024-04-15 21:29:17 +00:00
Colin
b55c903a81
todo.md: made it so unl0kr starts with keyboard
2024-04-15 21:11:20 +00:00
Colin
4f06f0dc5e
unl0kr: disable animations
2024-04-15 21:10:55 +00:00
Colin
c0dde0e540
unl0kr: populate config file with upstream defaults
2024-04-15 21:05:21 +00:00
Colin
6779063578
todo.md: sync
2024-04-15 19:57:58 +00:00
Colin
2eea562d1f
sandbox: remove unused "binMap" option
2024-04-15 19:56:33 +00:00
Colin
0385c09f23
sane-sandboxed: split out into an actual package
2024-04-15 18:57:22 +00:00
Colin
bd57b95598
swaync-fbcli: fix so that the child actually exits when killed (critical is to use SIGINT)
2024-04-15 18:32:50 +00:00
Colin
465da7c939
swaync-fbcli: migrate an "echo" to a "log"
2024-04-15 18:22:30 +00:00
Colin
44f76e656a
swaync-fbcli: fix that pkill expression wouldn't work for wrapped binaries
2024-04-15 18:21:27 +00:00
Colin
824046aca1
swaync-fbcli: fix CPU pegging
2024-04-15 18:09:21 +00:00
Colin
827c50ff43
swaync: cleanup the swaync-fbcli helper
2024-04-15 18:00:51 +00:00
Colin
0230291bb2
swaync: move the pkill logic into swaync-fbcli
2024-04-15 17:46:40 +00:00
Colin
3d3618256d
swaync: split the fbcli wrapper into its own file
2024-04-15 17:46:40 +00:00
Colin
590cb2dd7f
feeds: sort the list
2024-04-15 16:21:31 +00:00
Colin
d9dcab544c
feeds: unsubscribe from Profectus
2024-04-15 16:20:17 +00:00
Colin
4ee0f0c659
feeds: disable TheSideView
2024-04-15 14:59:50 +00:00
Colin
7692ab0b3e
firefox-extensions.sidebery: build from source
2024-04-15 05:25:19 +00:00
Colin
2af5bb3d78
i-still-dont-care-about-cookies: enable
2024-04-15 03:36:49 +00:00
Colin
e72a0a4300
firefox extensions: support more manifest formats
2024-04-15 03:36:27 +00:00
Colin
6b0cbf684f
sidebery: 5.2.0.1 -> 5.2.0.7
2024-04-15 03:36:03 +00:00
Colin
62af314238
firefox-extensions.i-still-dont-care-about-cookies: init at 1.1.4
2024-04-15 03:02:19 +00:00
Colin
e8745b4312
firefox-extensions: ublock, metamask -> latest
2024-04-15 02:35:49 +00:00
Colin
5a10173ba3
schlock: fix to run on modern sway
2024-04-15 02:07:20 +00:00
Colin
2d8fe1d3e5
bonsai: tune niceness to hopefully be more responsive
2024-04-15 01:46:32 +00:00
Colin
0741d87bcb
rofi: theme so that i can read more text on narrow moby display
2024-04-15 00:04:10 +00:00
Colin
2587c27f89
font-manager: fix sandboxing
2024-04-14 21:55:52 +00:00
Colin
2d74d0725d
feeds: podcasts: add Money Stuff
2024-04-14 20:39:53 +00:00
Colin
b0d1d2e1af
coppwr: remove (it's been upstreamed into nixpkgs)
2024-04-14 16:16:46 +00:00
Colin
61dc79a2ea
cross: remove upstreamed webkitgtk patch
2024-04-14 16:08:48 +00:00
Colin
7804236499
xdg-terminal-exec: remove upstreamed patched
2024-04-14 14:16:50 +00:00
Colin
f908762cf8
nixpkgs: 2024-04-06 -> 2024-04-14; nixpkgs-wayland, sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/7c74352f2f7eca1925729f5c9c80cb89df8e74a2' (2024-04-06)
→ 'github:nixos/nixpkgs/2d0506704b7d92cc610412b176b515fe1a782095' (2024-04-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c58702222e0a29fd01cc42d70737d699995f6389' (2024-04-06)
→ 'github:nixos/nixpkgs/bc59f72803cf40fb50f05cb73068d85b5ce21297' (2024-04-14)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/9b77653338f52da4b498abdf4835efb6ff6e453e' (2024-04-04)
→ 'github:nix-community/nixpkgs-wayland/b816217ba4fc77d19ca033ab8f13b35ba0331e91' (2024-04-13)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/9c06929b83e57c18d125f1105ba6a423f24083d2' (2024-03-31)
→ 'github:nix-community/lib-aggregate/2737d0204685c3274390229a09eb8f7eaa1a9e89' (2024-04-07)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/90b1a963ff84dc532db92f678296ff2499a60a87' (2024-03-31)
→ 'github:nix-community/nixpkgs.lib/3c62b6a12571c9a7f65ab037173ee153d539905f' (2024-04-07)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/99b1e37f9fc0960d064a7862eb7adfb92e64fa10' (2024-03-31)
→ 'github:Mic92/sops-nix/226062b47fe0e2130ba3ee9f4f1c880dc815cf87' (2024-04-14)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/2b4e3ca0091049c6fbb4908c66b05b77eaef9f0c' (2024-03-30)
→ 'github:NixOS/nixpkgs/c27f3b6d8e29346af16eecc0e9d54b1071eae27e' (2024-04-13)
```
2024-04-14 14:15:02 +00:00
Colin
feb36d19ac
programs: ship cups
2024-04-14 03:33:55 +00:00
Colin
06185ac870
todo.md: add a way to exit mpv fullscreen on moby
2024-04-13 20:30:30 +00:00
Colin
a8915661a7
style: refine the base pink color for mpv and sway/waybar
...
this matches swaync a little better. mpv had to be made lighter, i think because of transparency stuff. probably sway/waybar could be made normal lightness
2024-04-13 20:29:24 +00:00
Colin
d57aa473ac
overlays/pkgs-debug: cleanup
2024-04-13 20:29:24 +00:00
Colin
a28b7d5616
todo.md: more mobile games, mpv improvements
2024-04-13 20:29:24 +00:00
Colin
dd58ba8b00
gvfs: enable as part of nautilus, not sway
2024-04-13 20:29:24 +00:00
Colin
a21508b6ba
todo.md: fix schlock (moby)
2024-04-13 20:29:24 +00:00
Colin
94cff99f53
todo.md: ftps support
2024-04-13 20:29:24 +00:00
Colin
8aa8d773de
cherry-pick orc update to fix Dino calls
2024-04-13 20:29:24 +00:00
Colin
0a888e205e
programs: ship objdump
2024-04-13 20:29:24 +00:00
Colin
898dc89c8f
overlays: add `pkgsDebug` for building packages with debug symbols and such
2024-04-13 20:29:24 +00:00
Colin
4b22fd95bf
introduce 'moby-min' host variant for the quickest deployment (no webkitgtk)
2024-04-13 20:29:24 +00:00
Colin
527a9e7612
feeds: add The Side View
2024-04-10 04:47:34 +00:00
Colin
3686e6e508
feeds: subscribe to Future of Coding
2024-04-10 03:06:30 +00:00
Colin
cda50db23b
loupe: associate with avif filetype
2024-04-09 19:22:59 +00:00
Colin
344e24fcd2
todo.md: ssh doesnt give the right linux capabilities
2024-04-09 18:38:04 +00:00
Colin
9be6960bbf
sway: disable shortcuts for creating sub-splits
...
i'm just always accidentally triggering them
2024-04-09 16:24:02 +00:00
Colin
a45aabfb72
sway: todo: load background from a more traditional path
2024-04-09 16:19:56 +00:00
Colin
602bf59843
todo.md: disable sway sub-layouts
2024-04-09 16:15:27 +00:00
Colin
895d7f6f20
todo.md: note that mpv exit hangs because of sane-sysvol
2024-04-09 16:13:43 +00:00
Colin
876103ff7b
mpv: remove legacy ao=alsa and volume-max config
2024-04-09 16:10:05 +00:00
Colin
46cda87d5e
notejot: fix sandboxing
2024-04-09 15:44:01 +00:00
Colin
d728dfcd70
mpv: uosc: tweak the maximize button to actually act as a fullscreen toggle
2024-04-09 10:14:40 +00:00
Colin
19fcd0318c
mpv: remove the double-click-to-fullscreen shortcut
2024-04-09 10:09:17 +00:00
Colin
030f6d1a99
mpv: fix so pseudo-gui mode doesnt break logging
2024-04-09 09:58:16 +00:00
Colin
86b495cb9f
mpv: sane-sysvol: integrate with uosc mute button
2024-04-09 08:05:00 +00:00
Colin
c897f4fa4b
mpv: sane-sysvol: fix pipewire mute to reflect onto uosc volume level
...
ideally it would actually show up as the mute parameter!
2024-04-09 08:05:00 +00:00
Colin
8181a0664d
mpv: sane-sysvol: remove the unused id tracking
2024-04-09 08:05:00 +00:00
Colin
c37e94493f
mpv: sane-sysvol: optimize
2024-04-09 08:05:00 +00:00
Colin
b9e107510d
mpv: sane-sysvol: dont force system volume to zero on init
2024-04-09 08:05:00 +00:00
Colin
976ae65529
todo.md: remove deprecated use of 'crypt'
2024-04-09 08:05:00 +00:00
Colin
0f4c1ccfe3
mpv: update input.conf for sane-cast rename
2024-04-09 08:05:00 +00:00
Colin
9d9413c790
mpv: announce pipewire volume changes so uosc can listen for them
2024-04-09 08:05:00 +00:00
Colin
64c28ae657
mpv: don't need to force uosc volume state to 0 by default; nil is OK
2024-04-09 08:05:00 +00:00
Colin
d221625eb3
todo.md: add work around signal, mpv
2024-04-09 08:05:00 +00:00
Colin
1f4c885748
mpv: sane-sysvol script: init
...
it's a one-way volume control, but that's a start
2024-04-09 08:05:00 +00:00
Colin
0545b178af
mpv: rename plugin: sane -> sane-cast
2024-04-09 08:04:51 +00:00
Colin
fe4b6c36c4
feeds: subscribe to jwz.org
2024-04-09 03:55:25 +00:00
Colin
fce3436c88
servo: expose Milkbags to the internet :)
2024-04-08 06:55:09 +00:00
Colin
03bec6aab2
coppwr: init at 1.5.1-unstable-2024-03-28 (4e7239d4bd5b2f24f7ebec0a02c1054648a4425c)
2024-04-06 23:42:25 +00:00
Colin
3aba91b360
mpv: fix race condition in uosc/ao-volume monitoring
2024-04-06 23:41:59 +00:00
Colin
907933612d
htop: statically populate config
2024-04-06 23:41:59 +00:00
Colin
0db546bf82
nixpkgs: 2024-04-05 -> 2024-04-06
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/9a0c25978d78416219718437fd7e618668d9ad74' (2024-04-05)
→ 'github:nixos/nixpkgs/7c74352f2f7eca1925729f5c9c80cb89df8e74a2' (2024-04-06)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/3541c7628de9414f999ced044c95a284584f4ec1' (2024-04-05)
→ 'github:nixos/nixpkgs/c58702222e0a29fd01cc42d70737d699995f6389' (2024-04-06)
```
2024-04-06 10:20:03 +00:00
Colin
b4877a488e
discord: add media into sandbox
2024-04-06 09:36:55 +00:00
Colin
4b3975367a
fix warnings: remove xdg-desktop-portal patch; fix mautrix-meta enable logic
2024-04-05 21:40:42 +00:00
Colin
38c8d96e5a
nixpkgs: 2024-04-04 -> 2024-04-05; nixpkgs-wayland -> 2024-04-04
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/1ea9e4ecab5010d29f557f7a1f8bb26ad3afd686' (2024-04-04)
→ 'github:nixos/nixpkgs/9a0c25978d78416219718437fd7e618668d9ad74' (2024-04-05)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/e52ada4e6beea931c244bf8cc4a75d8a07d62373' (2024-04-04)
→ 'github:nixos/nixpkgs/3541c7628de9414f999ced044c95a284584f4ec1' (2024-04-05)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/30aa5f8c558cd8a699f9a9227cf7310f291f1e29' (2024-04-03)
→ 'github:nix-community/nixpkgs-wayland/9b77653338f52da4b498abdf4835efb6ff6e453e' (2024-04-04)
```
2024-04-05 09:28:25 +00:00
Colin
28110c3e85
fix system hang during vim ctrl+z (disable io_uring in libuv)
2024-04-05 07:29:55 +00:00
Colin
43aa498ff9
mpv: fix uosc touch controls
2024-04-05 07:29:15 +00:00
Colin
f7e4504764
pict-rs: remove no-transcoding patch (it doesnt apply anymore)
2024-04-04 19:09:12 +00:00
Colin
4942fa8a38
nixpkgs: 2024-04-02 -> 2024-04-04
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/7a5ee8d0c786f9fd789b5bb07245d2a8b12193a4' (2024-04-02)
→ 'github:nixos/nixpkgs/1ea9e4ecab5010d29f557f7a1f8bb26ad3afd686' (2024-04-04)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/7ab59131642a42b92f4d6554173ef9a35cbb39f0' (2024-04-02)
→ 'github:nixos/nixpkgs/e52ada4e6beea931c244bf8cc4a75d8a07d62373' (2024-04-04)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/8c4df2153c615554b516ba698f5f7bd64f7bf520' (2024-03-31)
→ 'github:nix-community/nixpkgs-wayland/30aa5f8c558cd8a699f9a9227cf7310f291f1e29' (2024-04-03)
```
2024-04-04 06:27:24 +00:00
Colin
7ab148ea58
servo: migrate /var/media to be 100% on zfs pool
2024-04-04 06:20:50 +00:00
Colin
0dfeec3260
mpv-uosc: 5.2.0 -> 5.2.0-unstable-2024-03-13
2024-04-04 06:19:15 +00:00
Colin
eb2317a743
mpv: 0.37.0 -> 0.37.0-unstable-2024-03-31
2024-04-04 06:19:15 +00:00
Colin
1a0ef28377
sane-bt-add: document how to *move* a torrent
2024-04-03 11:00:54 +00:00
Colin
7c3ad85d75
sane-bt-add: fix sandboxing
2024-04-03 09:48:21 +00:00
Colin
7766e1cec1
sane_bt: save torrents to /var/media/torrents by default
2024-04-03 09:48:21 +00:00
Colin
158e674f83
sane_bt.py: fix dict typo
2024-04-03 09:48:21 +00:00
Colin
410097480f
docs: servo: fs: fix setfacl typo
2024-04-03 09:48:10 +00:00
Colin
f5fadbe4cf
transmission: place torrents in a separate directory, and copy them to the main media directory on completion
2024-04-03 09:48:10 +00:00
Colin
a0550660e7
feeds: add The Corresponding Source podcast
2024-04-02 22:10:36 +00:00
Colin
bad6c353ed
sane-bt: refactor
2024-04-02 20:53:01 +00:00
Colin
a814832e48
feeds: add Hacker Public Radio podcast
2024-04-02 19:34:42 +00:00
Colin
a4312f1494
nixpkgs: 2024-04-01 -> 2024-04-02
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/409234ba0c73ce2cee676f14b68a88e2b5a52af8' (2024-04-01)
→ 'github:nixos/nixpkgs/7a5ee8d0c786f9fd789b5bb07245d2a8b12193a4' (2024-04-02)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/e7de14ea98fe984aa73a5a6b2f540ca817471106' (2024-04-01)
→ 'github:nixos/nixpkgs/7ab59131642a42b92f4d6554173ef9a35cbb39f0' (2024-04-02)
```
2024-04-02 09:46:40 +00:00
Colin
747032d9a4
dino: run with higher scheduling priority
2024-04-02 09:02:44 +00:00
Colin
9b2e35b93f
pipewire: ship rtkit and unlock better scheduling priority
2024-04-02 09:02:06 +00:00
Colin
d2751237c1
xdg-desktop-portal-wlr: propery document its dependency on pipewire
2024-04-02 09:01:35 +00:00
Colin
ae87160de3
dino: 0.4.3 -> 0.4.3-unstable-2024-04-01
2024-04-02 04:57:11 +00:00
Colin
a90a213cc0
apps: gui: disable under-used "blanket" noise generator
2024-04-02 04:18:53 +00:00
Colin
24c04b8fc0
docs: xdg-desktop-portal: link to Door Knocker debugging tool
2024-04-02 04:18:53 +00:00
Colin
d0b022d1c6
libnice: 0.1.21 -> 0.1.22
2024-04-02 04:18:35 +00:00
Colin
9d9791814a
audacity: fix sandboxing
2024-04-02 02:56:51 +00:00
Colin
b85d4b20f8
nixpkgs: 2024-03-31 -> 2024-04-01, nixpkgs-wayland
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6b7b5776bef8eed645f63725ce31fa0946f997ff' (2024-03-31)
→ 'github:nixos/nixpkgs/409234ba0c73ce2cee676f14b68a88e2b5a52af8' (2024-04-01)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/7848d6f048d38c42a8aeeff7fe7d36916ffb8284' (2024-03-31)
→ 'github:nixos/nixpkgs/e7de14ea98fe984aa73a5a6b2f540ca817471106' (2024-04-01)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/11544449e6b696e209463aae094e736368eef757' (2024-03-30)
→ 'github:nix-community/nixpkgs-wayland/8c4df2153c615554b516ba698f5f7bd64f7bf520' (2024-03-31)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/120535dff702c551ec76a125a181d90131407264' (2024-03-24)
→ 'github:nix-community/lib-aggregate/9c06929b83e57c18d125f1105ba6a423f24083d2' (2024-03-31)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/b2a1eeef8c185f6bd27432b053ff09d773244cbc' (2024-03-24)
→ 'github:nix-community/nixpkgs.lib/90b1a963ff84dc532db92f678296ff2499a60a87' (2024-03-31)
```
2024-04-01 07:42:47 +00:00
Colin
331e673589
common/fs: mount /mnt/servo/media/* directories more granularly
...
this benefits sandboxing
2024-04-01 07:31:25 +00:00
Colin
bbb93600b7
/mnt/servo/*: mount in a way which doesn't block sandboxes
2024-04-01 06:00:17 +00:00
Colin
c0de54c11a
curlftpfs: exit on timeout error
2024-04-01 04:02:32 +00:00
Colin
0d29722443
common/fs: refactor and DRY
2024-04-01 02:12:06 +00:00
Colin
1c2a375b6d
common/fs: split curlftpfs into sane.programs
...
this makes it easier to build outside of /etc/fstab context, and opens a future path to sandboxing
2024-04-01 00:50:14 +00:00
Colin
b6840a3ed4
curlftpfs: build via my own repo
2024-04-01 00:43:07 +00:00
Colin
74e994598e
feeds: add David Revoy
2024-03-31 20:28:41 +00:00
Colin
856b6fcd7a
feeds: add Willow
2024-03-31 18:20:49 +00:00
Colin
2404fb66f3
nixpkgs: 2024-03-26 -> 2024-0-31; nixpkgs-wayland, sops
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/c904e6bf24e582e4fe28e988b7cdb7e9fda595c3' (2024-03-26)
→ 'github:nixos/nixpkgs/6b7b5776bef8eed645f63725ce31fa0946f997ff' (2024-03-31)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/da0502af1164c4fd04ebcd3acde1e378a861bd19' (2024-03-26)
→ 'github:nixos/nixpkgs/7848d6f048d38c42a8aeeff7fe7d36916ffb8284' (2024-03-31)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7274c73cf5708ed3a814edc9605463ec4a116619' (2024-03-25)
→ 'github:nix-community/nixpkgs-wayland/11544449e6b696e209463aae094e736368eef757' (2024-03-30)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/405987a66cce9a4a82f321f11b205982a7127c88' (2024-03-24)
→ 'github:Mic92/sops-nix/99b1e37f9fc0960d064a7862eb7adfb92e64fa10' (2024-03-31)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/ac6bdf6181666ebb4f90dd20f31e2fa66ede6b68' (2024-03-23)
→ 'github:NixOS/nixpkgs/2b4e3ca0091049c6fbb4908c66b05b77eaef9f0c' (2024-03-30)
```
2024-03-31 06:30:10 +00:00
Colin
cd6a91e995
sway: tune sandboxing
2024-03-31 05:59:10 +00:00
Colin
89d4b0ae0b
s6-rc: don't tee to /dev/stderr, as i don't want any logs going to the console and interfering with text entry
2024-03-31 05:20:33 +00:00
Colin
ade680d9d2
unl0kr: remove legacy wayland stuff (it's handled by s6 now)
2024-03-31 05:20:33 +00:00
Colin
6d4a43fa0d
sway: warn when needed runtime dirs dont exist
2024-03-31 05:20:20 +00:00
Colin
d3ad661970
servo: zfs: enable reflink support
2024-03-31 03:48:34 +00:00
Colin
c9632b05f9
linux-megous: fix config so that it boots to graphics again
...
see: <https://github.com/NixOS/nixpkgs/pull/298332 >
2024-03-31 03:24:33 +00:00
Colin
1e7de43da8
docs: sway: mention that hotplugging is broken
2024-03-31 03:24:33 +00:00
Colin
eff37765ae
sane.image: fix so `imgs.moby` includes a working bootloader
2024-03-31 03:24:33 +00:00
Colin
a65673847a
superTux, superTuxKard: don't ship on moby
...
i don't use it there; it wastes deploy time
2024-03-31 03:24:33 +00:00
Colin
930c5e2412
delfin: don't ship
...
i don't use it; it wastes deploy time
2024-03-31 03:24:33 +00:00
Colin
aff2a78ec3
sane-reclaim-boot-space: fix "self.format_attr" typo
2024-03-31 03:23:49 +00:00
Colin
f01758503c
linux-megous: orange-pi-6.7-20240211-1928 -> orange-pi-6.7-20240306-2359
...
still getting PHY issues with it, but it boots to ssh
2024-03-29 18:18:37 +00:00
Colin
e855be4796
hosts/common: port /mnt/servo/* from NFS -> FTP
...
fuse ftp seems to be easier to debug than kernel nfs so far
2024-03-28 23:15:05 +00:00
Colin
701e10b121
hosts/common/fs: optimize NFS options
2024-03-28 23:15:05 +00:00
Colin
eadb2057d9
sane-wipe: port from systemd -> s6
2024-03-28 23:15:05 +00:00
Colin
5ed29ceb47
servo: /var/media: fixup permissions so everything is r/w by "media" group, including sftpgo
2024-03-28 23:14:40 +00:00
Colin
725ab13628
servo: nfs: allow UDP NFSv3 connections
2024-03-27 00:54:58 +00:00
Colin
32e691b85b
feeds: add Hardcore Software by Steven Sinofsky
2024-03-26 14:08:13 +00:00
Colin
0108502055
feedbackd: fix so it depends on pipewire before launch
2024-03-26 13:48:13 +00:00
Colin
6c5b32aac2
s6-rc: fix so the service manager knows about readiness notifications again
2024-03-26 13:34:38 +00:00
Colin
f59dd99470
s6-rc: init services in the "down" state
2024-03-26 12:55:40 +00:00
Colin
55c8a98c33
s6-rc: pre-compute more stuff as nix exprs; don't even run s6-rc-init
2024-03-26 12:36:46 +00:00
Colin
7bb67391ae
nixpkgs: remove obsoleted patches
2024-03-26 11:16:43 +00:00
Colin
c6a1f310a0
servo: net: actually assert that ovpns exists if we fail to add it
2024-03-26 11:13:10 +00:00
Colin
1d494513a9
slskd: document common errors/flakiness
2024-03-26 11:04:21 +00:00
Colin
fb79ca4c8e
programs: iproute: use a less restrictive sandbox
2024-03-26 10:54:29 +00:00
Colin
3cf42db7dc
slskd: fix for more recent nixpkgs
2024-03-26 10:47:20 +00:00
Colin
aba5eee837
nixpkgs: 2024-03-25 -> 2024-03-26; others
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/8794d573a4fdd15b0002135cebf65a8f5d9adb6c' (2024-03-25)
→ 'github:nixos/nixpkgs/c904e6bf24e582e4fe28e988b7cdb7e9fda595c3' (2024-03-26)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0d2dc20762f21c3e43fc2acc03f9552adbc392bc' (2024-03-25)
→ 'github:nixos/nixpkgs/da0502af1164c4fd04ebcd3acde1e378a861bd19' (2024-03-26)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/59f7ad2c27737a7ea7ad16a48c95631f159ef822' (2024-03-24)
→ 'github:nix-community/nixpkgs-wayland/7274c73cf5708ed3a814edc9605463ec4a116619' (2024-03-25)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=9a3b2d74c3e6d177fd1317d03f4e3eecca7beb7b ' (2024-03-19)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=b9502e6f190752d327f8cee7fa4b139094bd7c16 ' (2024-03-25)
```
2024-03-26 09:44:45 +00:00
Colin
5cd9f34884
s6-rc: remove more unnecessarily files from live dir
2024-03-26 00:45:24 +00:00
Colin
2cabe51956
s6-rc: remove a couple more unused files from the live dir
2024-03-26 00:22:14 +00:00
Colin
cb8e9b7a23
s6-rc: make it so, once started, other programs can start/stop services but NOT edit/create them
2024-03-26 00:11:02 +00:00
Colin
4eb6b5735e
users/s6-rc: allow `startS6 ""`
2024-03-25 16:46:51 +00:00
Colin
5d3899959b
users/s6-rc: split out `compiled` var
2024-03-25 14:56:41 +00:00
Colin
ad951ad919
users/s6-rc: add symlink capabilities to my fs abstraction
2024-03-25 14:46:43 +00:00
Colin
5ecabc57bf
feeds: add low<-tech magazine
2024-03-25 13:13:41 +00:00
Colin
48a4c1bd26
feeds: add nixpkgs.news
2024-03-25 13:13:03 +00:00
Colin
1f47c5ba2e
nixpkgs: 2024-03-23 -> 2024-03-25; nixpkgs-wayland; sops-nix
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f4a0cee9233d6db356a0bdab307e865327a9b96b' (2024-03-23)
→ 'github:nixos/nixpkgs/8794d573a4fdd15b0002135cebf65a8f5d9adb6c' (2024-03-25)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/499583c00280ed90686b058e38a68fc9be2f4c4c' (2024-03-23)
→ 'github:nixos/nixpkgs/0d2dc20762f21c3e43fc2acc03f9552adbc392bc' (2024-03-25)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/0d291a959d01bb5d2bd2e20689b78258fa842cca' (2024-03-23)
→ 'github:nix-community/nixpkgs-wayland/59f7ad2c27737a7ea7ad16a48c95631f159ef822' (2024-03-24)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/f890211817b941d9ed9de48d62ba8553fa2c20f3' (2024-03-17)
→ 'github:nix-community/lib-aggregate/120535dff702c551ec76a125a181d90131407264' (2024-03-24)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/fa827dda806c5aa98f454da4c567991ab8ce422c' (2024-03-17)
→ 'github:nix-community/nixpkgs.lib/b2a1eeef8c185f6bd27432b053ff09d773244cbc' (2024-03-24)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/83b68a0e8c94b72cdd0a6e547a14ca7eb1c03616' (2024-03-17)
→ 'github:Mic92/sops-nix/405987a66cce9a4a82f321f11b205982a7127c88' (2024-03-24)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/6dc11d9859d6a18ab0c5e5829a5b8e4810658de3' (2024-03-16)
→ 'github:NixOS/nixpkgs/ac6bdf6181666ebb4f90dd20f31e2fa66ede6b68' (2024-03-23)
```
2024-03-25 00:23:58 +00:00
Colin
febedb9323
nits: update `--replace` uses to `--replace-{fail,quiet}` as appropriate
2024-03-24 12:49:18 +00:00
Colin
aed5ea4b2e
static-nix-shell: dont fail build if "nix-shell" occurs in the file as a non-directive
2024-03-24 12:28:23 +00:00
Colin
4e74ba5bab
swaync-service-dispatcher: fix start/stop inversion
2024-03-24 12:22:54 +00:00
Colin
03fbb780b2
sane.programs: sandbox: refactor extraRuntimePaths computation
2024-03-24 12:03:38 +00:00
Colin
9c0b175260
swaync: allow toggling of s6 services
2024-03-24 11:54:12 +00:00
Colin
e62be121e2
users/services: s6: fix so `s6-rc stop` can actually kill processes
2024-03-24 11:48:41 +00:00
Colin
774066e53c
swaync: factor out a "service-dispatcher"
2024-03-24 09:21:07 +00:00
Colin
86400f45d6
swaync: port to s6
2024-03-24 08:56:06 +00:00
Colin
ddef2d0bfc
swaync: rename: print-is-active -> print-systemd-active
2024-03-24 08:54:27 +00:00
Colin
0172aa0b69
swaync: refactor
2024-03-24 08:54:27 +00:00
Colin
ce991c8887
swaync: refactor
2024-03-24 08:54:27 +00:00
Colin
92d8d42997
swaync: split the buttons out of the main config file
2024-03-24 08:54:27 +00:00
Colin
1c4ef84ec7
swaync: remove legacy sxmo-specific notification visibility rules
2024-03-24 08:54:27 +00:00
Colin
a820ae57c0
swaync: remove sxmo timer rules
2024-03-24 08:54:27 +00:00
Colin
89f913cadc
xdg-desktop-portal: 1.18.2 -> 1.18.2-unstable-2024-03-11
...
this will *hopefully* improve stability
2024-03-24 08:08:48 +00:00
Colin
d14fda2e62
engrampa: remove custom patch (upstream released a new version)
2024-03-24 07:46:22 +00:00
Colin
f680a4a25c
engrampa: patch the package via sane.programs, not nixpkgs overlay
2024-03-24 07:44:30 +00:00
Colin
7c461cee2f
pkgs: remove gnome-control-center (unused)
2024-03-24 07:38:22 +00:00
Colin
47d37b4ce5
xdg-desktop-portal: enable logging
2024-03-24 07:19:33 +00:00
Colin
a1cc045837
waybar: update persistent_workspaces -> persistent-workspaces
...
the former is deprecated
2024-03-24 06:17:43 +00:00
Colin
72dd556b72
assorted: fix meta.homepage URLs for nur packages
2024-03-24 03:54:09 +00:00
Colin
ff9e1111b3
nixpkgs: 2024-03-22 -> 2024-03-23
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/5132e88bc7caad27f4cf28cbaa7b04c915e2c261' (2024-03-22)
→ 'github:nixos/nixpkgs/f4a0cee9233d6db356a0bdab307e865327a9b96b' (2024-03-23)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/e5d75daa715cbaee8b989f58884a31c0be00a8a0' (2024-03-22)
→ 'github:nixos/nixpkgs/499583c00280ed90686b058e38a68fc9be2f4c4c' (2024-03-23)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/61e42f8f6c9b0c2b557a4c978ea11874d3761083' (2024-03-22)
→ 'github:nix-community/nixpkgs-wayland/0d291a959d01bb5d2bd2e20689b78258fa842cca' (2024-03-23)
```
2024-03-23 21:49:57 +00:00
Colin
7f8cae42ff
s6: migrate to /run/user/$id/s6
2024-03-23 21:33:08 +00:00
Colin
5b83d4d944
s6-rc: patch to use /run/user/$id/s6 as the default live dir
2024-03-23 20:52:42 +00:00
Colin
f16a68f5bb
element-desktop: use native wayland, not Xwayland
2024-03-23 18:51:41 +00:00
Colin
6646a21089
nixpatches: fix handbrake hash
2024-03-23 18:02:45 +00:00
Colin
4bf43d884a
nixpkgs: minor bump
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/86b5ff8306a63bb266590018b21d2ae502a74880' (2024-03-22)
→ 'github:nixos/nixpkgs/5132e88bc7caad27f4cf28cbaa7b04c915e2c261' (2024-03-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6e147dce88054c47dd90c0be8c33500e023f8261' (2024-03-22)
→ 'github:nixos/nixpkgs/e5d75daa715cbaee8b989f58884a31c0be00a8a0' (2024-03-22)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/7d053c33b7a130ddada43ba09b089244390b3a23' (2024-03-19)
→ 'github:nix-community/nixpkgs-wayland/61e42f8f6c9b0c2b557a4c978ea11874d3761083' (2024-03-22)
```
2024-03-23 18:01:51 +00:00
Colin
46fe6c690b
sway: fix WAYLAND_DISPLAY to be relative
2024-03-23 17:59:37 +00:00
Colin
dd7b1dae5f
sway: remove unnecessary pidspace sandbox exception
...
i guess this was from when SWAYSOCK was named after the pid?
2024-03-23 17:35:39 +00:00
Colin
2e58353b0e
refactor: users/services: have `waitExists` support waiting on multiple paths
2024-03-23 17:28:29 +00:00
Colin
f65d3d04dc
sway: do the WAYLAND_DISPLAY moving inside sway config itself
2024-03-23 17:09:57 +00:00
Colin
6102a0301d
sway: move $WAYLAND_DISPLAY into a subdir to make it easier to sandbox
2024-03-23 16:37:22 +00:00
Colin
39de5b84c2
sway: fix readiness check
2024-03-23 15:54:20 +00:00
Colin
5205251f6f
programs: xwayland: sandbox it without exposing net access
2024-03-23 15:33:23 +00:00
Colin
8c48adefa5
pipewire: move sockets into a subdirectory for easier sandboxing
2024-03-23 13:34:13 +00:00
Colin
db2801c652
sway: don't launch s6 from within the sway session
2024-03-23 13:11:14 +00:00
Colin
4418c16967
users/services: s6: push bundle dependencies down onto the actual atomic services
2024-03-23 13:04:12 +00:00
Colin
8008fd35cb
modules/users: allow `readiness.pathExists`
2024-03-23 13:03:11 +00:00
Colin
36ea5b53ad
sway: place SWAYSOCK in a subdirectory
2024-03-23 11:33:58 +00:00
Colin
552d14b1b5
nixpatches: fix hashes
2024-03-23 09:29:34 +00:00
Colin
c404c8b2ae
xdg-terminal-exec: fix bad interaction with TERMINAL
2024-03-23 09:28:26 +00:00
Colin
d129ae2c03
koreader-from-src: remove a bunch of old cruft
...
this is beginning to look upstream-ready :)
2024-03-22 20:16:33 +00:00
Colin
58341b75f2
koreader-from-src: popen-noshell,turbo: populate more directly
2024-03-22 20:05:22 +00:00
Colin
373388c5b8
koreader-from-src: mupdf: populate more directly
2024-03-22 19:54:13 +00:00
Colin
8d45aad534
xdg-dirs: populate env vars at login
...
otherwise i believe they dont actually take effect?
2024-03-22 19:31:04 +00:00
Colin
a783bc9577
koreader-from-src: minizip: populate in a simpler manner
2024-03-22 19:24:19 +00:00
Colin
267d374b19
xdg-dirs: specify XDG_SCREENSHOTS_DIR
2024-03-22 19:23:14 +00:00
Colin
e67ce7576b
koreader-from-src: lunasvg: populate in a simpler way
2024-03-22 19:16:45 +00:00
Colin
ce770dbea9
koreader: lodepng: provide in a more direct manner
2024-03-22 18:59:17 +00:00
Colin
e7a65abd0b
koreader-from-src: libk2pdfopt: populate in a more direct manner
2024-03-22 18:53:23 +00:00
Colin
702a6cc7fa
koreader: kobo-usbms: link into build environment in a simpler fashion
2024-03-22 18:28:19 +00:00
Colin
f889543aa5
koreader-from-src: fbink: provide the sources more directly
2024-03-22 18:21:26 +00:00
Colin
98073f5e19
koreader-from-src: inject tesseract sources via make args
2024-03-22 17:58:41 +00:00
Colin
96c330813f
xterm: remove
...
xdg-terminal-exec updated recently, and it seems to prefer xterm over alacritty for some reason
2024-03-22 17:28:26 +00:00
Colin
a6d9c62bcf
lemonade: 2023.10.29 -> 2024.03.20
...
not much changed
2024-03-22 17:27:20 +00:00
Colin
8ff34d8518
koreader: migrate `leptonica` dep away from the `sources` hack
...
i hope that by using the makefile vars i can eventually get rid of the
"stamp" nonsense.
2024-03-22 17:16:19 +00:00
Colin
e11dd0ecb0
firefox-extensions: update to latest
2024-03-22 16:27:23 +00:00
Colin
3b6dfea2d0
koreader-from-src: notes about updating leptonica
2024-03-22 15:53:17 +00:00
Colin
22254db74c
koreader-from-src: cleanup (remove unused "machineAgnostic" and "package" third-party dependency options)
2024-03-22 14:42:37 +00:00
Colin
a316c87db6
koreader-from-src: use nixpkgs nanosvg (or, most of it)
2024-03-22 14:29:23 +00:00
Colin
fe2fb40565
koreader-from-src: don't vendor lj-wpaclient (unused)
2024-03-22 13:40:09 +00:00
Colin
cd63fdb510
koreader: cleanup
2024-03-22 12:12:14 +00:00
Colin
1e25f37774
nixpkgs: 2024-03-21 -> 2024-03-22
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/33cddc79aa062e243c59d3ac36b8b938f267748a' (2024-03-21)
→ 'github:nixos/nixpkgs/86b5ff8306a63bb266590018b21d2ae502a74880' (2024-03-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/783b241f949bea90e3347ce516ad8af84bde3126' (2024-03-21)
→ 'github:nixos/nixpkgs/6e147dce88054c47dd90c0be8c33500e023f8261' (2024-03-22)
```
2024-03-22 11:56:51 +00:00
Colin
cdac23211c
nixpkgs: 2024-03-13 -> 2024-03-21; others
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/4ee0840ba2ecc50458ab1677d108afcd691f4815' (2024-03-13)
→ 'github:nixos/nixpkgs/33cddc79aa062e243c59d3ac36b8b938f267748a' (2024-03-21)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
→ 'github:nixos/nixpkgs/783b241f949bea90e3347ce516ad8af84bde3126' (2024-03-21)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/771cb198c281db6918829651f194bf4db32e342d' (2024-03-13)
→ 'github:nix-community/nixpkgs-wayland/7d053c33b7a130ddada43ba09b089244390b3a23' (2024-03-19)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/45b75bf534592c0c1c881a1c447f7fdb37a87eaf' (2024-03-11)
→ 'github:nix-community/lib-aggregate/f890211817b941d9ed9de48d62ba8553fa2c20f3' (2024-03-17)
• Updated input 'nixpkgs-wayland/lib-aggregate/nixpkgs-lib':
'github:nix-community/nixpkgs.lib/630ebdc047ca96d8126e16bb664c7730dc52f6e6' (2024-03-10)
→ 'github:nix-community/nixpkgs.lib/fa827dda806c5aa98f454da4c567991ab8ce422c' (2024-03-17)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/e52d8117b330f690382f1d16d81ae43daeb4b880' (2024-03-11)
→ 'github:Mic92/sops-nix/83b68a0e8c94b72cdd0a6e547a14ca7eb1c03616' (2024-03-17)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/b17375d3bb7c79ffc52f3538028b2ec06eb79ef8' (2024-03-10)
→ 'github:NixOS/nixpkgs/6dc11d9859d6a18ab0c5e5829a5b8e4810658de3' (2024-03-16)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=bb10cd8853d05191e4d62947d93687c462e92c30 ' (2024-02-15)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=9a3b2d74c3e6d177fd1317d03f4e3eecca7beb7b ' (2024-03-19)
```
2024-03-21 18:03:37 +00:00
Colin
e6c00e6215
users/services: implement dbus readiness checks for s6-rc
2024-03-21 17:16:11 +00:00
Colin
fff9d69e3e
users/services: s6-rc: implement readiness polling
2024-03-21 17:16:11 +00:00
Colin
4fa7e6113d
users/services: s6: `exec` into the run/finish commands
2024-03-21 17:16:11 +00:00
Colin
16ca71188f
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
2024-03-21 17:16:11 +00:00
Colin
c5c37e79ac
users/services: actually remove the systemd backend
2024-03-21 17:16:11 +00:00
Colin
d2f6648bce
users/services: refactor: replace ExecStart/ExecStopPost with command/cleanupCommand
...
note that this completely breaks the systemd backend (though easily fixable if wanted)
2024-03-21 17:16:11 +00:00
Colin
5c9c7f8073
modules/users/s6-rc: add per-service logging
2024-03-21 17:16:11 +00:00
Colin
218072b2fe
refactor: modules/users/s6-rc.nix
2024-03-21 17:16:11 +00:00
Colin
d4f217a4f5
refactor: modules/users/s6-rc.nix
2024-03-21 17:16:11 +00:00
Colin
40f6f88a64
users/services: s6: remove broken `log` stuff
...
apparently the /log shorthand is only applicable to base `s6-supervise`,
and not `s6-rc`. "pipeline"s are the s6-rc equivalent:
<https://wiki.gentoo.org/wiki/S6-rc#Longrun_pipelining >
2024-03-21 17:16:11 +00:00
Colin
fbbb09322a
users/services: s6-rc: support ExecStopPost option
2024-03-21 17:16:11 +00:00
Colin
e7153ce4a1
users/services: remove ExecStartPre option
2024-03-21 17:16:11 +00:00
Colin
b13e7c38c7
users/services: remove `script` option
2024-03-21 17:16:11 +00:00
Colin
058c95bb2c
sysvol: remove autostart option (assume true)
2024-03-21 17:16:11 +00:00
Colin
9b793ef4b8
programs: services: no need to fully-qualify paths anymore (s6 doesn't require)
2024-03-21 17:16:11 +00:00
Colin
1417497001
users/services: remove serviceConfig.Type option
2024-03-21 17:16:11 +00:00
Colin
db12e03f64
users/services: remove `oneshot` service type
2024-03-21 17:16:11 +00:00
Colin
dee4866737
users/services: remove `ConditionEnvironment` option
2024-03-21 17:16:11 +00:00
Colin
81a6c53c26
users/services: remove RemainAfterExit option
2024-03-21 17:16:11 +00:00
Colin
9afd9725d1
users: services: remove no-longer-needed `Restart` and `RestartSec` options
2024-03-21 17:16:11 +00:00
Colin
384bc9e816
xdg-desktop-portal: fix to not over-escape $HOME in s6 service definition
2024-03-21 17:16:11 +00:00
Colin
452619dbfc
s6: log when a service starts up
...
it still seems to be all logging into a single file though?
2024-03-21 17:16:11 +00:00
Colin
6c6e10e470
s6: install manpages
2024-03-21 17:16:11 +00:00
Colin
dcdf58e1ab
sway: simplify wrapper
2024-03-21 17:16:11 +00:00
Colin
48b2280f2e
feedbackd: fix over-escaping of $HOME
2024-03-21 17:16:11 +00:00
Colin
8bedc860ae
s6: add some minimal logging
...
the root s6 call seems to be doing some logging, notably feedbackd; still don't know where the other logs are going
2024-03-21 17:16:11 +00:00
Colin
cbecdc4a95
s6: use `exec` in the `run` trampoline, to forward file descriptors and keep a cleaner process tree
2024-03-21 17:16:11 +00:00
Colin
e1001f57c5
modules/users: remove no-longer-need `environment` option
2024-03-21 17:16:11 +00:00
Colin
291e704477
programs: replace systemd-specific 'environment' option with generic 'env'
...
note, these services no longer work with systemd, because systemd expects absolute paths
2024-03-21 17:16:11 +00:00
Colin
d199e9df99
programs: wob (and wob-audio): remove
...
i don't use it, and its service file was no longer compatible with s6 (it used 'environment')
2024-03-21 17:16:11 +00:00
Colin
2336767059
port service manager to s6
...
still a lot of cleanup to do (e.g. support dbus service types), but it boots to a usable desktop
2024-03-21 17:16:11 +00:00
Colin
63af94383b
sane-input-handler: only inhibit controls if screen is on
2024-03-21 17:16:11 +00:00
Colin
05b37669e3
s6-rc: fix service `run` file to have expected format
2024-03-21 17:16:11 +00:00
Colin
ea9768c6ab
modules/users: prototype s6 integration: ~/.config/s6/{sources,compiled}
2024-03-21 17:16:11 +00:00
Colin
38353dbc29
modules/users: remove unused `requiredBy` service option
2024-03-21 17:16:11 +00:00
Colin
ef4a8e1989
modules: users: split services -> fs mapping into own `systemd.nix` file
2024-03-21 17:16:11 +00:00
Colin
acc9a9cb48
modules/users: make it a directory
2024-03-21 17:16:11 +00:00
Colin
0335b89a12
fractal: stop persisting old directories
2024-03-21 17:16:01 +00:00
Colin
0a6b0cbec7
gtkcord4: rename to dissent
2024-03-21 17:16:01 +00:00
Colin
df2310d590
gnome-keyring: ensure the keyring directory is created before entering the sandbox
2024-03-21 17:16:01 +00:00
Colin
70b5c57b50
modules/programs: enforce (or rather document) a stricter schema
...
this should make it easier to switch to a different service manager
2024-03-21 17:16:01 +00:00
Colin
c28ac38652
modules/users: refactor to remove `inherit`s
2024-03-21 17:16:01 +00:00
Colin
52133fde30
delfin: 0.4.1 -> 0.4.2
2024-03-21 13:51:46 +00:00
Colin
098cd2051e
sftpgo: expose to the WAN
2024-03-14 13:11:44 +00:00
Colin
691a7d7ff7
sftpgo: configure for credential-gated r/w access
2024-03-14 13:11:44 +00:00
Colin
c7c2785ad8
sftpgo_external_auth_hook: refactor
2024-03-14 13:11:44 +00:00
Colin
4c1a7fc910
sftpgo: port auth program to python
2024-03-14 13:11:44 +00:00
Colin
3c43fba878
feeds: add NativLang per Ben's rec
2024-03-14 07:53:19 +00:00
Colin
7904957544
give self cap_sys_nice
2024-03-14 07:02:57 +00:00
Colin
b25df1d997
sane-sandboxed: fix capabilities example
2024-03-14 01:36:46 +00:00
Colin
d08f318e4b
pmos: move to correct section
2024-03-13 23:51:24 +00:00
Colin
f655c31d77
Merge branch 'dev'
2024-03-13 23:48:48 +00:00
Colin
288d57e5d5
feeds: subscribe to pmOS blog
2024-03-13 23:20:45 +00:00
Colin
f669f2bfe8
procmail: merged into staging-next
2024-03-13 23:12:37 +00:00
Colin
5554ad9fe2
nixpkgs: 2024-03-12 -> 2024-03-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/2e2cc05898bbe54a8004801ea300525b231d24e2' (2024-03-12)
→ 'github:nixos/nixpkgs/4ee0840ba2ecc50458ab1677d108afcd691f4815' (2024-03-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/21adc4f16a8ab151fec83b9d9368cd62d9de86bc' (2024-03-12)
→ 'github:nixos/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/0f9388d3a9daa597ad87b870de236fb45e24ba63' (2024-03-12)
→ 'github:nix-community/nixpkgs-wayland/771cb198c281db6918829651f194bf4db32e342d' (2024-03-13)
```
2024-03-13 15:37:50 +00:00
Colin
6595d177be
gimp: fix sandboxing
2024-03-13 11:36:57 +00:00
Colin
d194abb4bf
swaync: stylize the actual notifications
2024-03-13 11:29:05 +00:00
Colin
eaf45e2366
swaync: re-theme (pink/black)
2024-03-13 11:07:17 +00:00
Colin
66e04857b6
swaync: fix dimensions to be compatible with pinephone
2024-03-13 08:29:23 +00:00
Colin
fa0dcdc5be
swaync: splie style.css out to own file
2024-03-13 08:18:34 +00:00
Colin
23b87a283a
swaync: move to own directory
2024-03-13 08:17:14 +00:00
Colin
849ca59f68
swaync: fix styling of toggle buttons
2024-03-13 08:16:47 +00:00
Colin
5e1a6062af
swaync: ensure it starts *after* pipewire-pulse so that the mpris plugin can function
2024-03-13 07:53:45 +00:00
Colin
8dacb93861
fontconfig: remove no-longer-needed cache; disable Font Awesome (emoji seem well-covered by Noto Color Emoji)
2024-03-13 05:28:57 +00:00
Colin
eafabe87c4
xdg-desktop-portal: tell systemd the BusName of the service so that it won't consider it started until after said bus name is acquired
...
this partially fixes an error in sandboxed gtk apps where they would try to connect to org.freedesktop.portal to query settings, and then fall back to bad default fonts when the endpoint errored (because xdp-gtk wasn't ready)
2024-03-13 05:27:43 +00:00
Colin
4510352c07
sane-sandboxed: implement --sane-sandbox-no-portal flag
2024-03-13 04:49:48 +00:00
Colin
430592632c
sane-sandboxed: add a help message
2024-03-13 04:49:48 +00:00
Colin
ac22b36d78
dconf: invoke it ourselves instead of letting dbus do it for us
2024-03-13 04:49:48 +00:00
Colin
4439491bf0
dconf: fix over-restrictive sandboxing (because previously it was being run unsandboxed...)
2024-03-13 04:49:48 +00:00
Colin
56aca78d84
make-sandboxed: also sandbox the `.lib` output of a package
2024-03-13 04:49:48 +00:00
Colin
546482dc80
dconf: disable GIO_EXTRA_MODULES patch
2024-03-13 02:41:39 +00:00
Colin
2f07fff084
dconf: migrate to `sane.programs`
2024-03-13 02:33:02 +00:00
Colin
294563c655
dbus: fix to only search /run/current-system/sw/share/dbus-1 for service files
2024-03-13 02:04:02 +00:00
Colin
f6c3557b8c
nixpkgs: 2024-03-11 -> 2024-03-12
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/ec7a981885b5ede88eabf9bb3516706107de00b2' (2024-03-11)
→ 'github:nixos/nixpkgs/2e2cc05898bbe54a8004801ea300525b231d24e2' (2024-03-12)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0fbcc4b2e8571f4af39be41752581ea09dd9ab06' (2024-03-11)
→ 'github:nixos/nixpkgs/21adc4f16a8ab151fec83b9d9368cd62d9de86bc' (2024-03-12)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/27a56d7435094f141bf5adfe9cfe155932597935' (2024-03-11)
→ 'github:nix-community/nixpkgs-wayland/0f9388d3a9daa597ad87b870de236fb45e24ba63' (2024-03-12)
• Updated input 'nixpkgs-wayland/lib-aggregate':
'github:nix-community/lib-aggregate/b8a148b163687c9be602b63c6b0b7bc81eecb015' (2024-03-10)
→ 'github:nix-community/lib-aggregate/45b75bf534592c0c1c881a1c447f7fdb37a87eaf' (2024-03-11)
• Updated input 'nixpkgs-wayland/lib-aggregate/flake-utils':
'github:numtide/flake-utils/d465f4819400de7c8d874d50b982301f28a84605' (2024-02-28)
→ 'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/f8d5c8baa83fe620a28c0db633be9db3e34474b4' (2024-03-10)
→ 'github:Mic92/sops-nix/e52d8117b330f690382f1d16d81ae43daeb4b880' (2024-03-11)
```
2024-03-12 12:46:24 +00:00
Colin
7513811111
blast: minor cleanups
2024-03-12 12:06:57 +00:00
Colin
eabd113262
mpv: blast: shut it down properly even when sandboxed
...
it only cost everything. also, blast doesnt reliably clean up its pseudo devices
2024-03-12 11:51:15 +00:00
Colin
01fa9919fd
mpv: route casting through a lua script
...
this lets me use `subcprocess` instead of `run`, and so the command terminate alongside mpv
2024-03-12 05:01:45 +00:00
Colin
56a2c4e49f
mpv: split conf files out of main nix code
2024-03-12 03:32:07 +00:00
Colin
bf953fbdb5
mpv: move to own dir
2024-03-12 03:27:20 +00:00
Colin
4f2d0f2e56
mpv: tune uosc options
2024-03-12 03:05:56 +00:00
Colin
500c989e61
nixpkgs: 2024-03-10 -> 2024-03-11
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/85e4390bb2db2543b65a61a6fb601819ba331399' (2024-03-10)
→ 'github:nixos/nixpkgs/ec7a981885b5ede88eabf9bb3516706107de00b2' (2024-03-11)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c916d4cbac62b2d8b70a3940d3471dbd0c57d2f4' (2024-03-10)
→ 'github:nixos/nixpkgs/0fbcc4b2e8571f4af39be41752581ea09dd9ab06' (2024-03-11)
• Updated input 'nixpkgs-wayland':
'github:nix-community/nixpkgs-wayland/8af78a7dfb3a2041235c116cc9cc92f5a6d3a20c' (2024-03-11)
→ 'github:nix-community/nixpkgs-wayland/27a56d7435094f141bf5adfe9cfe155932597935' (2024-03-11)
```
2024-03-11 12:23:03 +00:00
Colin
08ee0375cc
mpv: blast-to-default: remove unnecessary xdg-terminal-exec indirection
2024-03-11 12:07:08 +00:00
Colin
afd1a42ec7
mpv: refer to xdg-terminal-exec by name, not full path
2024-03-11 11:56:53 +00:00
Colin
21691fc2fd
mpv: add a menu option to cast just the audio, via Blast
2024-03-11 11:43:53 +00:00
Colin
c1edf96ce0
blast-ugjka: introduce a helper `blast-to-default` program
2024-03-11 11:43:29 +00:00
Colin
21714849cf
sway: get Celeste to run in fullscreen again
2024-03-11 08:04:21 +00:00
Colin
379f3ef9e0
zsh: deref alias: make the result writable
2024-03-11 08:01:27 +00:00
Colin
c07c23a9f8
ibus: remove cross patches (i don't use the package anymore)
2024-03-11 07:55:53 +00:00
Colin
f44a4c84ee
moby: don't ship fcitx5 (doesn't cross compile)
2024-03-11 07:54:49 +00:00
Colin
6822dad9c0
splatmoji: remove from config
2024-03-11 07:53:48 +00:00
Colin
9f8e42ef92
fcitx5: enable
2024-03-11 07:44:21 +00:00
Colin
bda374db13
sway: ship the nightly version
2024-03-11 05:53:14 +00:00
Colin
180a217744
cleanup: remove unnecessary `config = { ... }` scope
2024-03-11 04:31:11 +00:00
Colin
f13ece2212
sway: tune resize more shortcuts; enable natural scrolling
2024-03-11 04:30:28 +00:00
Colin
00ab28fcac
delfin: 0.4.0 -> 0.4.1
2024-03-11 00:13:13 +00:00
Colin
bb18f7355a
firefox-extensions: update to latest
2024-03-11 00:00:49 +00:00
Colin
0905a658ad
rofi: cherry-pick my patches instead of pinning to a fork
...
wayland upstream released 1.7.5+wayland3, which is compatible with my patches
2024-03-10 23:43:34 +00:00
Colin
90b9d00f37
swaync: remove mpris icon patch (upstreamed)
2024-03-10 23:16:33 +00:00
Colin
40effc08d6
fractal-nixified: 6 -> 6-unstable-2024-01-31
...
brings ability to enable/disable read and typing receipts
2024-03-10 23:15:02 +00:00
Colin
73a2c9d923
nixpkgs: update ~10hrs to remove now-upstreamed conky patch
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/32f638e62d638c9a0011c0162ed1be4a13d00ea9' (2024-03-10)
→ 'github:nixos/nixpkgs/85e4390bb2db2543b65a61a6fb601819ba331399' (2024-03-10)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/9fc2bd0eef6d2651638656c82fbe0b7a40478c3b' (2024-03-10)
→ 'github:nixos/nixpkgs/c916d4cbac62b2d8b70a3940d3471dbd0c57d2f4' (2024-03-10)
```
2024-03-10 22:31:33 +00:00
Colin
d93380938d
nixpkgs: 2024-03-09 -> 2024-03-10; sops-nix -> 2024-03-10
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/8baf388f460b92102ea1a8e2ece55f1f1260fbfa' (2024-03-09)
→ 'github:nixos/nixpkgs/32f638e62d638c9a0011c0162ed1be4a13d00ea9' (2024-03-10)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/52d9c7906c26317adc3524d44bdd98b953e20ba1' (2024-03-09)
→ 'github:nixos/nixpkgs/9fc2bd0eef6d2651638656c82fbe0b7a40478c3b' (2024-03-10)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/25dd60fdd08fcacee2567a26ba6b91fe098941dc' (2024-03-06)
→ 'github:Mic92/sops-nix/f8d5c8baa83fe620a28c0db633be9db3e34474b4' (2024-03-10)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/66d65cb00b82ffa04ee03347595aa20e41fe3555' (2024-03-03)
→ 'github:NixOS/nixpkgs/b17375d3bb7c79ffc52f3538028b2ec06eb79ef8' (2024-03-10)
```
2024-03-10 13:36:58 +00:00
Colin
573a50fedc
doc: pipewire: mention some debug env vars
2024-03-10 04:59:51 +00:00
Colin
f8797a77ff
blast: ship it!
...
TODO: integrate into mpv :)
2024-03-10 04:09:34 +00:00
Colin
92115709f6
blast-ugjka: init at 0.6.2
...
it works! at least, with the Sony TV, LG TV is detected but might need some finessing
2024-03-10 02:35:10 +00:00
Colin
e6111c9d5e
firefox: hide the bookmarks menuabar
2024-03-10 01:59:46 +00:00
Colin
975df698a4
pa-dlna: init at 0.7
...
it detects my TVs and adds them as sinks, but i can't the TVs to actually output anything
2024-03-10 01:55:29 +00:00
Colin
ce8c4a4f6f
remove dead binfmt code
2024-03-10 01:05:33 +00:00
Colin
df33576090
todo.md: remove completed xdg-desktop-portal item
2024-03-10 01:03:23 +00:00
Colin
4d6eb705eb
mpv: link to some useful extensions
2024-03-10 01:02:54 +00:00
Colin
fd70b6acbf
rofi: tune maximum height
2024-03-09 23:34:43 +00:00
Colin
1d3576b892
sxmo-utils: mark as broken/unmaintained
2024-03-09 21:09:32 +00:00
Colin
30d49dc3c3
feeds: update Anish's URL
2024-03-09 20:51:15 +00:00
Colin
8e0031e770
feeds: update Byrne Hobart's feed URL
2024-03-09 20:49:01 +00:00
Colin
7a50fcf566
feeds: unsubscribe webcurious.co.uk (defunct)
2024-03-09 20:46:08 +00:00
Colin
c453dbac8e
lwn.net: update feed URL
2024-03-09 20:42:03 +00:00
Colin
053b8cf737
nixpkgs: 2024-03-08 -> 2024-03-09
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f391672e1727b933cf6933154817fe236c6f84c7' (2024-03-08)
→ 'github:nixos/nixpkgs/8baf388f460b92102ea1a8e2ece55f1f1260fbfa' (2024-03-09)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/baf89057836e5f9928696526b85774ea529c749d' (2024-03-08)
→ 'github:nixos/nixpkgs/52d9c7906c26317adc3524d44bdd98b953e20ba1' (2024-03-09)
```
2024-03-09 08:54:18 +00:00
Colin
8af962c3a6
mpv: auto-populate internal playlist with other files in the same directory, on launch
...
so now i can listen to whole albums by opening any file from within them.
and for shows the next episode will automatically launch.
2024-03-09 03:02:09 +00:00
Colin
9ea39799a5
zsh: fix `c` alias
2024-03-09 03:01:37 +00:00
Colin
e695459b40
geary-gtk4: init (broken!)
2024-03-09 00:58:44 +00:00
Colin
f2e760710d
sysvol: tune its position
2024-03-08 23:06:37 +00:00
Colin
dc70ed8bd8
pipewire: wait for sockets to appear before considering it active
...
this fixes race around consumers like sysvol starting too early
2024-03-08 22:44:59 +00:00
Colin
b41c249830
disable vlc
...
i don't use it; it forces a bunch of extra qt builds
2024-03-08 18:53:25 +00:00
Colin
8f986e4616
nixpkgs: 2024-03-07 -> 2024-03-08
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/5e0cda94371075bead6d953e8a60a717ec022524' (2024-03-07)
→ 'github:nixos/nixpkgs/f391672e1727b933cf6933154817fe236c6f84c7' (2024-03-08)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/90714b18a06ddad90159cc312814f1871509e10e' (2024-03-07)
→ 'github:nixos/nixpkgs/baf89057836e5f9928696526b85774ea529c749d' (2024-03-08)
```
2024-03-08 13:15:25 +00:00
Colin
2b73ebb4c1
sysvol: don't start until after pipewire is ready
2024-03-08 12:55:33 +00:00
Colin
bffcaa668e
sysvol: wrap with required gtk4 environment variables
2024-03-08 12:54:41 +00:00
Colin
ebb037bd48
sysvol: fix cross compilation
2024-03-08 12:25:32 +00:00
Colin
df98ef30e0
sysvol: integrate as a service (sane.programs)
2024-03-08 11:53:13 +00:00
Colin
e45d4d6ae7
sysvol: init at 0-unstable-2024-02-08
2024-03-08 10:10:50 +00:00
Colin
f3568b3ffc
sway: port volume controls: pulse -> pipewire
2024-03-08 09:56:15 +00:00
Colin
9eaf4d71b2
sway: use simpler `assign` notation where applicable
2024-03-08 09:53:07 +00:00
Colin
3200188a32
sway: factor/generalize the TV workspace/output assignment
2024-03-08 09:50:35 +00:00
Colin
a4ab60b836
sway: auto-fullscreen everything on the TV
2024-03-08 09:42:07 +00:00
Colin
3282b40e9b
doc: sway: consider how to auto-fullscreen mpv on external display
2024-03-08 09:31:08 +00:00
Colin
39411164af
zsh: add `deref` function to turn a symlink into a real file
2024-03-08 08:50:28 +00:00
Colin
c0a94995a5
docs: note limitations of schlock
2024-03-08 08:16:11 +00:00
Colin
f4b5d3a70a
sway: position certain apps (mpv, Celeste) on external displays by default
2024-03-08 06:27:16 +00:00
Colin
07373b5e6b
sway: configure TV output
2024-03-08 06:23:33 +00:00
Colin
7281b94e23
deadd-notification-center: add to sane.programs
...
this is the bare, nearly-default config. i may come back to this,
or explore fixing swaync up into shape. deadd looks possibly a bit more
limited; needs much more effort to style.
2024-03-08 04:06:18 +00:00
Colin
0e83742096
sway: allow config reloading
2024-03-08 03:44:33 +00:00
Colin
7d8205352c
moby: use screen scale of 2.0 in portrait AND landscape
2024-03-08 02:21:47 +00:00
Colin
c4994162e1
mpv: fix go2tv sandbox interaction
2024-03-08 02:06:23 +00:00
Colin
24a211bd3d
sane-input-handler: remove keyboard launch fallback
...
it'll never work, because of sandboxing
2024-03-08 01:18:39 +00:00
Colin
3cf651b212
nixpkgs: 2024-03-06 -> 2024-03-07
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/09c267dae0dae6585ddbc98bd2301bd8153ac177' (2024-03-06)
→ 'github:nixos/nixpkgs/5e0cda94371075bead6d953e8a60a717ec022524' (2024-03-07)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a85303aef29c6a9000a259ed21c9c14a1aa3859e' (2024-03-06)
→ 'github:nixos/nixpkgs/90714b18a06ddad90159cc312814f1871509e10e' (2024-03-07)
```
2024-03-08 01:12:05 +00:00
Colin
cb1c76a0db
wvkbd-mk: init
2024-03-08 01:06:13 +00:00
Colin
27c12edec0
wvkbd: change default key border 2 -> 1 px
...
since moby is scaled 2x, it's actually 2 px *in practice*
2024-03-08 00:45:45 +00:00
Colin
b41320ffb3
megapixels: fix sandbox-related crash
2024-03-08 00:16:29 +00:00
Colin
ac41cfcd42
wvkbd: tune height (by guess)
2024-03-08 00:01:23 +00:00
Colin
62cbc65f12
epiphany: fix sandboxing
2024-03-07 23:24:33 +00:00
Colin
ccb856faf5
sane-input-handler: power -> vol to rotate display
2024-03-07 23:22:07 +00:00
Colin
d7f4438371
nixpatches: update procmail cross hash
2024-03-07 23:21:38 +00:00
Colin
f44c3f2e1f
moby: auto-screenoff: bump timeout from 150s -> 300s
2024-03-07 23:14:03 +00:00
Colin
bb300a4eb5
swayidle: dont enable screenoff action by default
2024-03-07 11:18:34 +00:00
Colin
fd4842ab5b
swayidle: auto screenoff
2024-03-07 10:59:44 +00:00
Colin
1cdc3b8bda
moby: enable `schlock` screen locker
2024-03-07 10:37:18 +00:00
Colin
531ea11b3d
schlock: fix cross build
2024-03-07 10:36:51 +00:00
Colin
041ce0654e
schlock: sandbox + auto-launch via .desktop file
2024-03-07 10:32:40 +00:00
Colin
526a02bb73
schlock: ship a .desktop file
2024-03-07 10:25:41 +00:00
Colin
1d0458ab10
schlock: ship as sane.programs
2024-03-07 10:10:39 +00:00
Colin
4358f9471e
schlock: init
...
it works! super jank; doesn't accept keyboard input, fails-open on
crash.
2024-03-07 09:36:53 +00:00
Colin
cb3a1fb3fe
swaylock-mobile: init (i won't likely use it though)
2024-03-07 01:42:43 +00:00
Colin
72d52f9239
sxmo_swaylock: init at unstable-2023-04-26 (but i won't likely use it)
2024-03-07 01:34:53 +00:00
Colin
219fe67f34
systemd: reduce shutdown timeout from "20" to "10" sec (40s IRL)
2024-03-07 01:01:06 +00:00
Colin
b36d224b85
swaylock-plugin: init (but i likely won't be using it)
2024-03-07 01:00:44 +00:00
Colin
90e3c33536
feeds: subscribe to slatecave.net
2024-03-06 22:40:57 +00:00
Colin
a9419b7351
swayidle: sandbox
2024-03-06 21:33:11 +00:00
Colin
f0d0343b32
sway: lappy: fix output name
2024-03-06 21:18:43 +00:00
Colin
bd27f3a015
swayidle: enable; pair with swaylock
2024-03-06 20:55:01 +00:00
Colin
6a3e632335
sway: remove config for old external displays i no longer use
2024-03-06 19:03:13 +00:00
Colin
a4c4b0575c
sway: map touch inputs to their correct display
2024-03-06 19:02:23 +00:00
Colin
4730a65008
nixpkgs: 2024-03-05 -> 2024-03-06
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/16bca48d251761297746d5bb7b9e47a3c6564c5a' (2024-03-05)
→ 'github:nixos/nixpkgs/09c267dae0dae6585ddbc98bd2301bd8153ac177' (2024-03-06)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/b3ed737064bc4cc0312081b6937fa2bb48d62afa' (2024-03-05)
→ 'github:nixos/nixpkgs/a85303aef29c6a9000a259ed21c9c14a1aa3859e' (2024-03-06)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/291aad29b59ceda517a06e59809f35cb0bb17c6b' (2024-03-04)
→ 'github:Mic92/sops-nix/25dd60fdd08fcacee2567a26ba6b91fe098941dc' (2024-03-06)
```
2024-03-06 09:54:23 +00:00
Colin
63d95edcbe
zsh: fix `c` alias
2024-03-06 09:47:33 +00:00
Colin
687e72897b
xdg-desktop-portal: don't always prompt the user for how to open every file
2024-03-06 06:25:36 +00:00
Colin
0e84744115
todo.md: xdg-desktop-portal improvements
2024-03-06 06:25:14 +00:00
Colin
1ee38d3aec
todo.md: remove completed items
2024-03-06 05:28:18 +00:00
Colin
5f4e421ab9
sane-wipe: fix sandboxing
2024-03-06 05:11:24 +00:00
Colin
471339d237
hosts (all): remove sxmo-related polyfills
2024-03-06 05:07:30 +00:00
Colin
085232f18c
wvkbd: configure layers
2024-03-06 05:07:30 +00:00
Colin
18c7fc17fd
alacritty: configure font size per-host
2024-03-06 05:07:30 +00:00
Colin
a7567dfbe6
ship celeste64
2024-03-06 04:56:39 +00:00
Colin
bc0660b623
PDF viewer: evince -> zathura
2024-03-06 04:51:01 +00:00
Colin
cf86b4a67c
xterm: move to pcGuiApps
2024-03-06 04:38:05 +00:00
Colin
d39bed46b5
rofi: allow access to Books
2024-03-06 01:39:48 +00:00
Colin
525450e21a
fix backlight persistence
2024-03-06 00:58:11 +00:00
Colin
a4ee820921
/var/lib/colord: don't persist
...
files haven't changed in over a year; i assume it's legacy
2024-03-05 23:53:41 +00:00
Colin
4b5d6b16e1
alacritty: ignore media keys
2024-03-05 23:25:31 +00:00
Colin
41a141dba6
servo: disable navidrome
2024-03-05 18:48:25 +00:00
Colin
d5811f142d
notifyActive activation script -> apply only to GUI systems
...
else i get warnings on every servo activation
2024-03-05 18:46:43 +00:00
Colin
4d6d79cc81
servo: /var/lib/uninsane/media -> /var/media
2024-03-05 18:44:30 +00:00
Colin
53d76920e4
servo: persist more specifically the /var/lib/uninsane/media directory
2024-03-05 18:39:23 +00:00
Colin
db892273ac
nixpatches: fix imagemagick cross fix hash
2024-03-05 18:37:09 +00:00
Colin
65e206afde
nixpkgs: 2024-03-04 -> 2024-03-05
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/1a3380fec6e3c2d539e58c4be6a4a094d7d14aea' (2024-03-04)
→ 'github:nixos/nixpkgs/16bca48d251761297746d5bb7b9e47a3c6564c5a' (2024-03-05)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/4c0862ebf8e474315767c5210c3d0a336625f318' (2024-03-04)
→ 'github:nixos/nixpkgs/b3ed737064bc4cc0312081b6937fa2bb48d62afa' (2024-03-05)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/075df9d85ee70cfb53e598058045e1738f05e273' (2024-03-03)
→ 'github:Mic92/sops-nix/291aad29b59ceda517a06e59809f35cb0bb17c6b' (2024-03-04)
```
2024-03-05 10:09:39 +00:00
Colin
6765fe8d7d
wob: rename sxmo.wobsock -> wob.sock
2024-03-05 10:00:45 +00:00
Colin
955119e07b
wob-audio: fix, by finishing the port to pipewire
...
also rewrote it in Python because bash can't do floating point math
2024-03-05 09:32:37 +00:00
Colin
daddf9314a
gpodder: fix .desktop file(s)
2024-03-05 02:58:21 +00:00
Colin
e59123fd62
cozy: fix patch hash
2024-03-05 02:58:14 +00:00
Colin
d43cc6c61c
alsa-ucm-conf: fold the Pinephone patches into sane.programs.alsa-ucm-conf & distribute to all hosts
2024-03-05 00:28:07 +00:00
Colin
a8bc77d40c
nixpkgs sourceInfo patching: move to nixpatches/
...
previously i was using the sourceInfo of the flake, which is kinda wrong: and it would force a _new_ nixpkgs for every time i commit to my own repo -- not just when i bump it
2024-03-05 00:06:08 +00:00
Colin
dfc768e2e6
flake: place builds strictly in build/ directory
2024-03-04 23:47:31 +00:00
Colin
3544b4b132
nixpkgs: 2024-03-03 -> 2024-03-04
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6a2985393fcc1dfabc6d36af148ca761a807e002' (2024-03-03)
→ 'github:nixos/nixpkgs/1a3380fec6e3c2d539e58c4be6a4a094d7d14aea' (2024-03-04)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/286977c08ddf540b4c6bebd8cd96fe30070bcb46' (2024-03-03)
→ 'github:nixos/nixpkgs/4c0862ebf8e474315767c5210c3d0a336625f318' (2024-03-04)
```
2024-03-04 09:41:23 +00:00
Colin
c86afca795
cozy: patch via sane.programs, not overlay
2024-03-04 09:26:25 +00:00
Colin
5f3ef37050
cozy: 1.2.1 -> 1.3.0
2024-03-04 08:57:52 +00:00
Colin
3b8252fe43
delfin: doc improvements
2024-03-04 08:28:50 +00:00
Colin
1e6e4d2644
cozy: doc improvements
2024-03-04 08:28:35 +00:00
Colin
60c447b6c4
signal-desktop: 6.44.0 -> 7.0.0
2024-03-04 08:26:59 +00:00
Colin
4fc2ffef56
koreader-from-src: 2024.01 -> 2024.03
2024-03-04 08:19:41 +00:00
Colin
9416ef1ff6
firefox-extensions: update
2024-03-04 08:18:48 +00:00
Colin
b1dff9bfa8
steam: fix controllers to work in the sandbox
2024-03-03 20:03:20 +00:00
Colin
0003acc091
nixpkgs: 2024-03-02 -> 2024-03-03
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/aefac840b87e8e0ab658fa5080539e292ad8a9ba' (2024-03-02)
→ 'github:nixos/nixpkgs/6a2985393fcc1dfabc6d36af148ca761a807e002' (2024-03-03)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/df41961bd4b7e838cb997543ea1297f4cbd7da15' (2024-03-02)
→ 'github:nixos/nixpkgs/286977c08ddf540b4c6bebd8cd96fe30070bcb46' (2024-03-03)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/a1c8de14f60924fafe13aea66b46157f0150f4cf' (2024-02-26)
→ 'github:Mic92/sops-nix/075df9d85ee70cfb53e598058045e1738f05e273' (2024-03-03)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea' (2024-02-25)
→ 'github:NixOS/nixpkgs/66d65cb00b82ffa04ee03347595aa20e41fe3555' (2024-03-03)
```
2024-03-03 10:11:16 +00:00
Colin
0630037f86
steam: sandbox
...
controllers are untested, probably need to be added; graphics and sound work fine
2024-03-03 10:10:14 +00:00
Colin
9513680538
sway: enable net access in the sandbox (for Xwayland)
2024-03-03 10:09:29 +00:00
Colin
0affeb098a
rofi: optimize sizing
2024-03-03 07:36:33 +00:00
Colin
979d07d693
wob: port pulseaudio -> pipewire
2024-03-03 07:22:03 +00:00
Colin
fd072883dc
sane-input-handler: port pulseaudio -> pipewire native
2024-03-03 07:13:23 +00:00
Colin
ed87792f9b
sed: sandbox
2024-03-03 07:06:00 +00:00
Colin
8821b3ca7d
procps: sandbox
2024-03-03 06:55:17 +00:00
Colin
5e5a1fbaae
rofi: allow to use more space on moby when keyboard is active
2024-03-03 04:46:12 +00:00
Colin
d2f470dc74
wvkbd: sandbox
2024-03-03 04:44:23 +00:00
Colin
7933ef41a2
unl0kr: simplify this code
2024-03-03 04:43:44 +00:00
Colin
6b45589e54
wireplumber: ensure ALSA_UCM_CONF2 env var is on PATH
...
this is critical for pipewire/wireplumber to work on moby
2024-03-03 04:43:11 +00:00
Colin
b04357c9de
nix.conf: dont ship NIX_PATH for light deploys
...
it's like 150 MiB
2024-03-03 03:53:13 +00:00
Colin
4b04cbc078
mpv: couple app volume to system volume
2024-03-03 03:22:28 +00:00
Colin
1498e364b2
doc: mimeo: mention jaro as alternative
2024-03-03 03:16:10 +00:00
Colin
0aaa3eaaeb
mpv: remove legacy vo=wlshim hack
2024-03-02 23:46:52 +00:00
Colin
3ac6b92c18
/etc/nix/registry.json: don't generate for -light builds (it links back to src)
2024-03-02 23:42:58 +00:00
Colin
c747855810
bonsai: sandbox
2024-03-02 22:34:38 +00:00
Colin
711865018d
/etc/nixos: don't link on '*-light' builds
2024-03-02 22:13:04 +00:00
Colin
f33fcc2018
nixpatches: update hashes
2024-03-02 21:23:44 +00:00
Colin
96ec0106ee
sane-input-handler: leverage sane-open-desktop instead of making direct gdbus calls
2024-03-02 21:20:47 +00:00
Colin
0c4d7761d3
sane-input-handler: sandbox
2024-03-02 21:20:47 +00:00
Colin
fe10640821
wob-pulse: sandbox
2024-03-02 20:57:44 +00:00
Colin
1f208083be
mpvScripts.uosc: 5.1.1 -> 5.2.0
2024-03-02 20:39:04 +00:00
Colin
6ec3126321
moby: fix display driver reload check to run before unl0kr
...
this should fix the no-graphics-on-boot bug i'm seeing. it was previously fixed for lightdm and greetd: just not unl0kr
2024-03-02 19:50:50 +00:00
Colin
8029744c90
modules/programs: don't expose *all* of /run/secrets/home to every program
...
this was actually causing a lot of bwrap errors because that directory's not user-readable
turns out any program which already uses programs.xyz.secrets gets the /run/secrets mounts for free via symlink following
2024-03-02 18:51:39 +00:00
Colin
1fcf0bfcb1
swaync: fix signal-desktop check to be --user
2024-03-02 18:33:35 +00:00
Colin
a3ae650273
dialect: fix so it works inside a sandbox
2024-03-02 18:25:13 +00:00
Colin
7e0bef549f
nixpkgs: 2024-03-01 -> 2024-03-02
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/ee743c92310804de4b4505ff0ac40b4f3f4f49de' (2024-03-01)
→ 'github:nixos/nixpkgs/aefac840b87e8e0ab658fa5080539e292ad8a9ba' (2024-03-02)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/f7fca9d98b0ec282f4b0d63f1fc2e38caf4ea55a' (2024-03-01)
→ 'github:nixos/nixpkgs/df41961bd4b7e838cb997543ea1297f4cbd7da15' (2024-03-02)
```
2024-03-02 07:52:21 +00:00
Colin
3b603519ff
fuzzel: sandbox (well, i probably dont even have it on my system anymore :P)
2024-03-02 07:43:42 +00:00
Colin
f69ca166f4
sway: sandbox
2024-03-02 07:41:51 +00:00
Colin
a45e42910d
make-sandboxed: generalize runCommand patch to handle any derivation, called with or without callPackage
2024-03-02 07:11:45 +00:00
Colin
3dd1d18dcd
less: sandbox
2024-03-02 07:11:45 +00:00
Colin
28cb705bd4
grim: sandbox
2024-03-02 07:11:45 +00:00
Colin
7fa1dbc5d5
slurp: sandbox
2024-03-02 07:11:45 +00:00
Colin
8b7575c205
swappy: sandbox
2024-03-02 07:11:45 +00:00
Colin
52e9902fa1
sane-screenshot: give it permissions to my screenshots dir (derp)
2024-03-02 06:14:05 +00:00
Colin
ab765a81af
sway: integrate sane-screenshot as the PrintScreen shortcut
2024-03-02 06:14:05 +00:00
Colin
a7bd831ad8
sane-screenshot: port to sane.programs
2024-03-02 06:14:05 +00:00
Colin
063d99dd73
todo.md: task to remove /run/wrappers
2024-03-02 05:42:26 +00:00
Colin
0d48c462cb
sane-screenshot: init
2024-03-02 02:04:48 +00:00
Colin
f4ec09f010
rofi: remember the last selected directory
2024-03-02 00:35:29 +00:00
Colin
a7ef9fc0b8
todo.md: task for better app integrations
2024-03-02 00:21:56 +00:00
Colin
a40cefc8a5
pipewire: speculatively add /dev/video*
2024-03-02 00:14:47 +00:00
Colin
f55bb3518f
wireplumber: add missing /dev/video2 which is on moby
2024-03-02 00:14:21 +00:00
Colin
3d16aa62ea
sway: let the pinephone default to it's normal scaling
...
it's actually pretty nice at 2.0 scaling with my current apps. i'll need to tweak swaync, conky, wvkbd, etc. later.
2024-03-01 23:53:31 +00:00
Colin
2548cfeadc
xdg-desktop-portal-wlr: fix crashing due to over-restrictive sandbox
2024-03-01 21:17:31 +00:00
Colin
90acbf716d
Videos/gPodder: allow access from mpv and rofi
2024-03-01 21:02:04 +00:00
Colin
4d98593b3f
todo.md: sync
2024-03-01 20:48:56 +00:00
Colin
db89ac88f0
sane-sandboxed: add new `--sane-sandbox-keep-namespace all` option
2024-03-01 20:48:56 +00:00
Colin
bba149c670
zsh: new `c` helper to change into a dir and list it
2024-03-01 20:09:20 +00:00
Colin
c056984003
zsh: alias exiy -> exit
2024-03-01 19:56:09 +00:00
Colin
2324d75165
switch psmisc -> killall
...
otherwise a really shitty `pstree` makes its way onto my PATH
2024-03-01 18:50:20 +00:00
Colin
9296b7731b
rofi: add a .desktop file to rofi-snippets
2024-03-01 18:07:52 +00:00
Colin
75e9ce509e
static-nix-shell: add support for extra nativeBuildInputs
2024-03-01 18:07:07 +00:00
Colin
95c95d6f53
splatmoji: actually install the .desktop files
2024-03-01 18:03:45 +00:00
Colin
fca23e661a
xdg-desktop-portal: disable debug logging
2024-03-01 17:50:49 +00:00
Colin
9a7ebbd9d3
rofi: configure window height/location
2024-03-01 17:18:40 +00:00
Colin
56b00d998e
rofi: theme
...
i still need to figure out how to make it wider for moby
2024-03-01 16:40:09 +00:00
Colin
01ef182073
waybar: theme the indicator style
...
i don't know if it's perfect, but it is better
2024-03-01 15:32:52 +00:00
Colin
b6daeddfa2
waybar: show different modules for moby v.s. others
2024-03-01 15:25:42 +00:00
Colin
c6e956f3d2
waybar: fix `button.urgent` color to match sway's `client.urgent`
2024-03-01 15:03:14 +00:00
Colin
f9510e5d24
nixpkgs: 2024-02-29 -> 2024-03-01
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/e894afb6c101fea0771b47d7827bef022e89ee1e' (2024-02-29)
→ 'github:nixos/nixpkgs/ee743c92310804de4b4505ff0ac40b4f3f4f49de' (2024-03-01)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/d29fabd630000579f744d04639d625828ba412bf' (2024-02-29)
→ 'github:nixos/nixpkgs/f7fca9d98b0ec282f4b0d63f1fc2e38caf4ea55a' (2024-03-01)
```
2024-03-01 07:31:58 +00:00
Colin
2e737c2ab1
moby: sxmo -> sway
...
still several things need to be improved, but the groundwork is there
2024-03-01 07:26:26 +00:00
Colin
82368eb45a
sway: desko: fix monitor layout
...
i guess my monitor's name changed... 👀
2024-03-01 07:19:00 +00:00
Colin
65fb9e1d57
rofi: allow access to more servo media paths
2024-03-01 07:14:41 +00:00
Colin
b02ae7ef74
moby: polyfill an OK sway layout
2024-03-01 05:20:28 +00:00
Colin
37ddb2ae17
waybar: fix font size to be more usable on moby
2024-03-01 04:46:06 +00:00
Colin
81e02e2885
sway: moby: fix layout/scale preferences
2024-03-01 04:38:26 +00:00
Colin
4a3f59468c
sway: launch gui apps via sane-open-desktop instead of inline
...
this will allow for sandboxing, in the future
2024-03-01 04:19:19 +00:00
Colin
daab5939e7
rofi: split `sane-open-desktop` out as a helper
2024-03-01 04:19:19 +00:00
Colin
e7430c41f9
refactor: sway-config: for readability
2024-03-01 03:29:52 +00:00
Colin
5849e75577
sway-config: remove dead window specializations
2024-03-01 03:21:47 +00:00
Colin
296123651c
sway: fold `sway-config.nix` into `default.nix`
2024-03-01 03:18:37 +00:00
Colin
7f0d5e7810
sane-input-handler: explain why i setsid
2024-03-01 03:11:06 +00:00
Colin
7af928a6d2
sway: direct inputs to bonsai WITHOUT swallowing them
2024-03-01 03:10:44 +00:00
Colin
b73569d675
wvkbd: fix service typo
2024-02-29 22:04:42 +00:00
Colin
50ee15ef2b
send sway-related cross patches upstream
2024-02-29 21:35:02 +00:00
Colin
9764d5f095
sway/waybar: decrease cross-specific patches
...
cava cross compiles now (yay); sndio is actually required by waybar if cava is enabled, so remove the disable
2024-02-29 18:56:54 +00:00
Colin
43386f3ba5
nixpkgs: update; couple cross-compiling patches have merged upstream
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0852bff4370133e3a62b0cc7d14d193b928a7c59' (2024-02-29)
→ 'github:nixos/nixpkgs/e894afb6c101fea0771b47d7827bef022e89ee1e' (2024-02-29)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/9f21aa90cb8c078969543956d88c19696b646743' (2024-02-29)
→ 'github:nixos/nixpkgs/d29fabd630000579f744d04639d625828ba412bf' (2024-02-29)
```
2024-02-29 18:22:35 +00:00
Colin
a3a6278a59
notifyActive: don't depend on sway
...
it was a little silly to be shipping sway on headless systems
2024-02-29 17:32:19 +00:00
Colin
083f743c1f
remove nixpkgs `less` defaults and manage PAGER myself
...
this lets me avoid the lesspipe cross failures, notably
2024-02-29 15:18:51 +00:00
Colin
626ad97005
nixpkgs: 2024-02-27 -> 2024-02-29
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6daf4de0662e1d895d220a4a4ddb356eb000abe9' (2024-02-27)
→ 'github:nixos/nixpkgs/0852bff4370133e3a62b0cc7d14d193b928a7c59' (2024-02-29)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/5bd8df40204f47a12263f3614c72cd5b6832a9a0' (2024-02-27)
→ 'github:nixos/nixpkgs/9f21aa90cb8c078969543956d88c19696b646743' (2024-02-29)
```
2024-02-29 06:42:18 +00:00
Colin
6253d1799a
port sxmo_hook_inputhandler.sh -> sane-input-handler
...
this one can run outside the SXMO environment.
major thing missing at the moment is that rofi doesn't get volume
control inputs because bonsai out-competes it for exclusive control.
2024-02-29 01:26:38 +00:00
Colin
d8a8038cae
xdg-terminal-exec: define a .desktop file
2024-02-29 00:17:26 +00:00
Colin
7fd56b63cb
rofi: better patch for the DT_UNKNOWN edgecase
2024-02-28 21:41:59 +00:00
Colin
7a65bd36c7
rofi: patch the filebrowser to reliably list entries on remote filesystems
...
see: <https://github.com/davatorium/rofi/issues/1954 >
2024-02-28 21:18:19 +00:00
Colin
bd4eeeeb3b
nixpatches: imagemagick closure fix: mark as merged upstream
2024-02-28 18:27:15 +00:00
Colin
7c22b59b9d
sane-which: handle relative symlinks
2024-02-28 18:16:08 +00:00
Colin
9e504676bd
sane-which: only print the first 30 lines for text files
2024-02-28 18:09:38 +00:00
Colin
b515127101
sane-which: follow nix wrappers
2024-02-28 18:09:24 +00:00
Colin
40e30cf2f8
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
2024-02-28 17:39:00 +00:00
Colin
812c0c8029
packages: reduce the number of packages which are using inplace sandbox wrapping
2024-02-28 17:35:40 +00:00
Colin
7ca5ae84b7
flake: deploy: abort on error
2024-02-28 17:34:45 +00:00
Colin
a4248fd5cc
make-sandboxed: don't try to wrap directories
...
whoops. test -x is true for directories
2024-02-28 16:28:25 +00:00
Colin
70229e0839
rofi: persist the filebrowsercache
2024-02-28 15:41:52 +00:00
Colin
cd303a76bc
rofi: disable "run" from combi
...
they wouldn't work, since i only 'xdg-open' the entries
2024-02-28 15:32:12 +00:00
Colin
e43aa3bb8b
splatmoji: fix sandboxing so rofi can read its config/cache
2024-02-28 15:19:53 +00:00
Colin
6c2d80715c
rofi-snippets: fix sandboxing so rofi can read its config/cache
2024-02-28 15:15:02 +00:00
Colin
db8456f152
flake: provide a "benchmark" target
2024-02-28 15:10:45 +00:00
Colin
d912190db5
sway: split snippets into own program (rofi-snippets)
2024-02-28 14:44:05 +00:00
Colin
c380f61bea
fix "rescue" host to eval again
2024-02-28 14:19:45 +00:00
Colin
ff8cfc9372
flake: fix `check.nur` target
2024-02-28 13:47:51 +00:00
Colin
b302113fc0
modules/programs: require manual definition; don't auto-populate attrset
...
this greatly decreases nix eval time
2024-02-28 13:35:09 +00:00
Colin
9749ff0442
sane.gui.phosh: remove
2024-02-28 13:35:05 +00:00
Colin
0d97191f74
sane-wipe-browser: dont call pkill with sudo
2024-02-28 13:35:00 +00:00
Colin
3816393e06
rofi: try integrating rofi-emoji (failed)
2024-02-28 01:28:05 +00:00
Colin
4c6c470c86
sway: snippets: port from fuzzel -> rofi
2024-02-28 01:26:22 +00:00
Colin
409a4db232
splatmoji: use rofi instead of fuzzel
...
will be best if i can port everything to one dmenu helper
2024-02-28 01:18:51 +00:00
Colin
c73684557e
overlays: remove dead `optimizations` overlay (old ccache stuff)
2024-02-28 00:19:29 +00:00
Colin
44067f6570
cross: document the state of gnome-keyring
2024-02-28 00:05:23 +00:00
Colin
466e7a9ecd
cross: libshumate: push patch upstream
2024-02-27 23:58:49 +00:00
Colin
6b2d189771
cross: graphicsmagick: push patch upstream
2024-02-27 23:46:05 +00:00
Colin
6ef729bbaf
assorted: prefer runCommandLocal over runCommand where it makes sense
2024-02-27 22:26:56 +00:00
Colin
8f424dcd5a
programs: sandboxing: link /etc into sandboxed programs
...
this is crucial for e.g. swaync, to find its resource files.
maybe a good idea to link *every* package directory which i also link
into /run/current-system.
2024-02-27 22:25:17 +00:00
Colin
7fb7f72bc0
cross: remove modemmanager patch; it compiles OOTB :)
...
thanks Cole!
2024-02-27 22:08:12 +00:00
Colin
67536e3c1f
programs: assorted: correct sandbox paths now that Pictures/Videos/Books are categorized
...
i don't like this Pictures/ approach though. i may reconsolidate some of those
2024-02-27 21:37:20 +00:00
Colin
715de37954
rofi: fix files to be opened with xdg-open
2024-02-27 21:20:12 +00:00
Colin
c8035abddf
fs: Books: persist subdirectories individually
...
TODO: KOReader will need to be updated for this
2024-02-27 20:48:38 +00:00
Colin
ef1cdac6b4
fs: split Pictures into separate persisted directory
...
TODO: update camera and screenshot apps to be aware of these directories
2024-02-27 20:46:25 +00:00
Colin
e37a7d85b3
~/Videos: don't persist ALL videos: just ~/Videos/local
...
otherwise, ~/Videos/servo is a symlink which the programs module doesn't know how to traverse (and hence, sandbox).
2024-02-27 20:45:56 +00:00
Colin
36f6c72183
rofi: sandbox, and launch apps via xdg-open or gdbus
2024-02-27 18:35:15 +00:00
Colin
20a1aeb5b3
programs: add gdbus as a standalone program, separate from the rest of glib
2024-02-27 18:28:24 +00:00
Colin
9ba0833d5f
todo.md: remove completed/obsoleted tasks
2024-02-27 17:40:42 +00:00
Colin
15f353f883
overlays: remove disable-flakey-tests: everything there only applied to emulated builds, which i no longer do
2024-02-27 17:34:22 +00:00
Colin
27af0002c8
nixpatches: remove obsoleted j4-menu-desktop build fix
2024-02-27 17:32:56 +00:00
Colin
9265252e04
nixpatches: remove stale commented-out patches
2024-02-27 17:29:17 +00:00
Colin
11a53c402d
nixpatches: procure procmail cross fix from nixpkgs PR
2024-02-27 17:24:20 +00:00
Colin
464f439f4a
nixpatches: remove ccache cross fix
...
i assume this was only needed when i was using binfmt?? anyways it doesn't apply cleanly
2024-02-27 17:04:44 +00:00
Colin
a4dbf18d7a
nixpatches: remove upstreamed "allow i2p to build on aarch64" patch
2024-02-27 17:04:40 +00:00
Colin
1579e089e9
cross: remove superfluous spandsp fix
...
it was upstreamed to nixpkgs 2.5 years ago:
<https://github.com/NixOS/nixpkgs/pull/134698 >
meanwhile, my patch was added in 46dabcd33f
2023-03-07: "cross compilation: speculatively compile spandsp with ac_cv_func_malloc_0_nonnull"
this was at a time when nixpkgs spandsp had version 3 and 0.0.6,
and *possibly* only 0.0.6 had the fix.
the fix was added to version 3 in nixpkgs
88cbe74d05cac6e037e934ee7fbe8b1f0d164f25, dated 2023-02-26.
2024-02-27 16:54:59 +00:00
Colin
4ce0c23c19
cross: comment out/remove a few more cross fixes for packages i don't plan to use
2024-02-27 16:44:47 +00:00
Colin
9710d55c6a
cross: comment out/remove cross fixes for packages i don't plan to use anytime soon
2024-02-27 16:20:55 +00:00
Colin
4b014af4b1
cross: disable unneeded libei patch
2024-02-27 16:11:59 +00:00
Colin
4379addf9e
plumb my configured sway through to everywhere that wants `pkgs.sway`.
...
kinda ugly. this lets me avoid having multiple versions of sway on my
system.
2024-02-27 16:11:10 +00:00
Colin
5c7eceeb55
grimshot: move to own file
2024-02-27 14:54:53 +00:00
Colin
50aa16df81
cross compilation: remove unused patches; note upstreaming status
2024-02-27 14:53:26 +00:00
Colin
b1e943c9bb
swaynotificationcenter: push cross fix upstream
2024-02-27 11:59:36 +00:00
Colin
be5fae369f
swaynotificationcenter: fix cross compilation
2024-02-27 11:32:48 +00:00
Colin
40e22533fb
swaynotificationcenter: update config/patches to be compatible with 0.10.0
2024-02-27 11:19:29 +00:00
Colin
03c5f82dbf
flake: fix sourceInfo propagation (and hence, nixosConfiguration naming!)
2024-02-27 10:34:20 +00:00
Colin
e90bbfe551
nixpkgs: 2024-02-25 -> 2024-02-27
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f42891a2fa716dcab10336a1b7313993430568ea' (2024-02-25)
→ 'github:nixos/nixpkgs/6daf4de0662e1d895d220a4a4ddb356eb000abe9' (2024-02-27)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8e474340ed0592ca21c1398d88dd89bf7100e881' (2024-02-25)
→ 'github:nixos/nixpkgs/5bd8df40204f47a12263f3614c72cd5b6832a9a0' (2024-02-27)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/2874fbbe4a65bd2484b0ad757d27a16107f6bc17' (2024-02-25)
→ 'github:Mic92/sops-nix/a1c8de14f60924fafe13aea66b46157f0150f4cf' (2024-02-26)
```
2024-02-27 01:24:07 +00:00
Colin
92033c8414
rofi: place druncache into rofi cache dir
2024-02-27 01:21:27 +00:00
Colin
16f0424631
rofi: patch so that i can use `-run-command "my-launcher {app_id}.desktop"`
...
this plus xdg-desktop-portal's DynamicLauncher should provide a way to sandbox everything
2024-02-27 01:03:21 +00:00
Colin
6fd1ce1f61
rofi: port cache from plaintext to cryptClearOnBoot
...
because i don't think it has any invalidation logic
2024-02-26 23:04:50 +00:00
Colin
a7c325c8e1
xdg-desktop-portal: link `applications` so that DynamicLauncher portal can work
2024-02-26 22:31:48 +00:00
Colin
fc7814e6cd
docs: mime: document `gio launch`
2024-02-26 22:29:15 +00:00
Colin
245e6c93cd
docs: xdg-desktop-portal: document notable dbus endpoints
2024-02-26 22:29:03 +00:00
Colin
ec073592ed
sway: use rofi app launcher instead of fuzzel
2024-02-26 21:22:03 +00:00
Colin
617525a317
programs: add rofi (dmenu-style launcher/file browser)
2024-02-26 21:21:30 +00:00
Colin
1098d121b4
firefox-extensions.sidebery: 5.0.0 -> 5.1.1.7
2024-02-26 18:07:45 +00:00
Colin
821c631b1d
firefox-extensions.sponsorblock: 5.5.5 -> 5.5.6
2024-02-26 18:03:44 +00:00
Colin
96347ad7ac
firefox-extensions.bypass-paywalls-clean: 3.5.5.0 -> 3.5.7.0
2024-02-26 18:02:10 +00:00
Colin
4f933cc0fa
fix "update.pkgs" script
2024-02-26 18:01:47 +00:00
Colin
03615ce244
nixpkgs: 2024-02-24 -> 2024-02-25; sops-nix -> 2024-02-25
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/a3e2b0de906a8fe0143c2783199abdc132dee56a' (2024-02-24)
→ 'github:nixos/nixpkgs/f42891a2fa716dcab10336a1b7313993430568ea' (2024-02-25)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/b66514c14e85cd7d853d6dbbf1a421ba232eff10' (2024-02-24)
→ 'github:nixos/nixpkgs/8e474340ed0592ca21c1398d88dd89bf7100e881' (2024-02-25)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/f6b80ab6cd25e57f297fe466ad689d8a77057c11' (2024-02-21)
→ 'github:Mic92/sops-nix/2874fbbe4a65bd2484b0ad757d27a16107f6bc17' (2024-02-25)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/69405156cffbdf2be50153f13cbdf9a0bea38e49' (2024-02-17)
→ 'github:NixOS/nixpkgs/89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea' (2024-02-25)
```
2024-02-26 17:35:34 +00:00
Colin
7d613d90d8
nixcache: disable my own substituters by default
2024-02-26 17:35:34 +00:00
Colin
afd52014d1
sane-reclaim-disk-space: note to run as root
2024-02-26 15:25:12 +00:00
Colin
dd6e1c5e38
flake: fix "deploy" commands to bypass substituters, and address deprecated nix path signing
2024-02-26 15:01:14 +00:00
Colin
d0d7994c2f
sxmo: remove 'greeter' option
2024-02-26 07:27:33 +00:00
Colin
b5da7a86fa
libkiwix: 12.1.1 -> 13.1.0
2024-02-26 06:10:37 +00:00
Colin
f2e1bb6b86
programs: python3-repl: sandbox
2024-02-25 18:52:55 +00:00
Colin
fe0f6988bd
programs: disable `wine` (unused)
2024-02-25 18:42:25 +00:00
Colin
c402a265cd
programs: stepmania: sandbox
2024-02-25 18:26:32 +00:00
Colin
d5643a6a5d
assorted static-nix-shell packages: use `srcRoot`
2024-02-25 17:37:38 +00:00
Colin
e757e35065
static-nix-shell: add a `srcRoot` argument which allows more precisely specifying the source files and avoiding unnecessary rebuilds
2024-02-25 17:37:10 +00:00
Colin
953dd98b0f
refactor: static-nix-shell: remove unused options
2024-02-25 17:28:00 +00:00
Colin
c9c1181242
programs: wireplumber: sandbox
2024-02-25 17:11:48 +00:00
Colin
f9888fe8d6
programs: sane-private-init: sandbox
2024-02-25 16:46:10 +00:00
Colin
036145e6ba
programs: sane-private-change-passwd: sandbox
...
note that this is entirely untested
2024-02-25 16:35:13 +00:00
Colin
5b647a1a90
programs: sane-private-change-passwd: rewrite based on how my system looks today
...
i haven't tested this
2024-02-25 16:28:57 +00:00
Colin
7c486492c8
programs: pipewire: port sandbox to bwrap and restrict further
2024-02-25 15:19:57 +00:00
Colin
890b41f563
programs: pipewire: sandbox
...
still need to sandbox wireplumber
2024-02-25 14:34:11 +00:00
Colin
ca36fe1b96
programs: gnome.seahorse: sandbox
2024-02-25 12:03:42 +00:00
Colin
d2df668c9e
modules/programs: sane-sandboxed: replace --sane-sandbox-keep-pidspace with --sane-sandbox-keep-namespace <pid|cgroup|ipc|uts>
2024-02-25 12:00:00 +00:00
Colin
b7921ac41b
refactor: programs: sort
2024-02-25 11:53:49 +00:00
Colin
c304367e21
programs: gnome-maps: sandbox
2024-02-25 11:51:50 +00:00
Colin
2ad33a49df
refactor: pipewire: remove dead code
2024-02-25 10:38:42 +00:00
Colin
0b4efd2ab2
pipewire: migrate services to sane.programs to completely disable socket activation
...
see: https://github.com/NixOS/nixpkgs/issues/291318
2024-02-25 10:36:21 +00:00
Colin
0745e9fc06
refactor: programs: split gnome-maps into own file
2024-02-25 09:06:32 +00:00
Colin
e0267b5669
programs: pipewire: disable socket activation
2024-02-25 08:55:59 +00:00
Colin
b3c7aac8c5
programs: wike: sandbox: enable DRI to fix graphical glitches
2024-02-25 08:38:10 +00:00
Colin
c788596c45
programs: sane-private-do: grant net access
...
crucial for e.g. sane-private-do git push
2024-02-25 08:25:13 +00:00
Colin
f807d7c0a2
modules/programs: sane-sandboxed: bwrap: don't virtualize {/dev,/proc,/tmp} if explicitly asked to bind them instead
...
this is necessary for some programs which want a near-maximial sandbox, like
launchers or shells, or more specifically, `sane-private-do`.
2024-02-25 08:15:39 +00:00
Colin
6ab5dd8a8f
modules/persist: ensure that the mountpoint for the private store is created at boot
2024-02-25 07:51:24 +00:00
Colin
52b8cd0209
modules/persist: ensure backing directory is created *before* we mount
2024-02-25 07:22:50 +00:00
Colin
6865331b48
programs: sandbox sane-scripts.private-do
2024-02-25 05:41:27 +00:00
Colin
dd00a2fe6e
sane-private-do: run a shell by default, and leave the mount in its original state on exit
2024-02-25 05:41:27 +00:00
Colin
4ee02151f4
sane-private-{lock,unlock}: just defer to `mount`
2024-02-25 05:19:44 +00:00
Colin
00bf2f79cc
ssh: clean up /etc/ssh/host_keys persistence
2024-02-25 05:19:44 +00:00
Colin
04a6055d06
remove /libexec from environment.pathsToLink
2024-02-25 05:12:44 +00:00
Colin
15a7793f0d
bonsai: 1.0.2 -> 1.1.0
2024-02-25 01:59:01 +00:00
Colin
f714bd8281
programs: jq: sandbox
2024-02-25 01:59:01 +00:00
Colin
73b2594d9b
programs: sandboxing: distinguish between "existingFileOrParent" and "existingOrParent"
2024-02-25 01:59:01 +00:00
Colin
a55dc5332d
modules/programs: sane-sandboxed: introduce "existingOrParent" autodetect-cli option
...
some programs will want this, to create directories by name; e.g. archive managers
2024-02-25 01:48:10 +00:00
Colin
86108518da
modules/programs: sane-sandboxed: add a new "existingFile" option for the cli autodetect
2024-02-25 01:43:39 +00:00
Colin
0f1ad0f3c9
fs: auto-mount /mnt/<host>/home and enable "follow_symlinks" option
2024-02-24 16:04:04 +00:00
Colin
bcd7a6f646
nixpkgs: 2024-02-22 -> 2024-02-24
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/024149d718e25378f4decfeeb614b88208c2f700' (2024-02-22)
→ 'github:nixos/nixpkgs/a3e2b0de906a8fe0143c2783199abdc132dee56a' (2024-02-24)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a7fa133a1e973c127e9c83e2c8e3407ae3797099' (2024-02-22)
→ 'github:nixos/nixpkgs/b66514c14e85cd7d853d6dbbf1a421ba232eff10' (2024-02-24)
```
2024-02-24 12:21:27 +00:00
Colin
92c2eb8383
nixpatches: update the icu cross fix
2024-02-24 12:14:29 +00:00
Colin
879d01ac2e
modules/ssh: note that theres a better store to place the ssh host_keys in
2024-02-24 12:14:14 +00:00
Colin
0448df51e3
modules/programs: sane-sandboxed: add a --sane-sandbox-dry-run flag
2024-02-24 12:00:58 +00:00
Colin
8e3eed7d51
modules/programs: sane-sandboxed: factor out the actual execution of the sandbox/program into the toplevel
...
this will make it easier to intercept
2024-02-24 11:57:42 +00:00
Colin
88a70b41f1
modules/programs: handle more symlink forms when calculating a program's sandbox closure
2024-02-24 11:47:39 +00:00
Colin
6f59254a22
modules/programs: fix symlink following
2024-02-24 05:36:44 +00:00
Colin
4023960dc0
README: MANUAL MIGRATION: move "plaintext" store to /nix/persist/plaintext
...
to migrate the data:
```sh
$ sudo mkdir /nix/persist/plaintext
$ sudo mv /nix/persist/{etc,home,var} /nix/persist/plaintext
$ sudo ln -s plaintext/etc /nix/persist/etc #< temporarily; if deploying over ssh
$ switch
$ reboot
$ sudo rm /nix/persist/etc #< if you did the symlink earlier
```
2024-02-23 18:02:17 +00:00
Colin
fff9f9d49a
README: MANUAL MIGRATION: move "private" store to /nix/persist/private
...
to migrate the data, first unmount `~/private` (`sane-private-lock`), then:
```sh
$ sudo mv /nix/persist/home/colin/private /nix/persist
$ switch
$ reboot
```
2024-02-23 16:01:09 +00:00
Colin
eecb98e2ee
programs: bonsai: fix eval error
2024-02-23 16:00:32 +00:00
Colin
5838603953
programs: sane-private-unlock: unbreak
...
it still doesn't work inside a sandbox, because 'mount' requires suid
2024-02-23 15:59:56 +00:00
Colin
c6ebcfe66e
servo: port legacy /var/lib users over to "method = bind" persistence
...
i may wittle these down in the future
2024-02-23 15:49:54 +00:00
Colin
d7402ae170
persist: stores: make naming more consistent
2024-02-23 14:57:20 +00:00
Colin
bd7ca20361
desko: fs: remove dead code
2024-02-23 14:45:57 +00:00
Colin
f5ef1e96ca
lappy: fs: remove dead code
2024-02-23 14:44:49 +00:00
Colin
6267e7f966
tidy up small persist/private nitpicks
2024-02-23 14:44:38 +00:00
Colin
120a41b169
persistence: split /var/log persistence into dedicated "initrd" store
2024-02-23 14:42:47 +00:00
Colin
aa0991bd6c
persistence: cleanup so it all works well with symlink-based stores
2024-02-23 13:09:44 +00:00
Colin
af2f97d61e
fs: ensure-file: don't error if the file already exists
2024-02-23 11:29:14 +00:00
Colin
5b8f13d9cc
fs: notice when a fs entry is set to two incompatible types (e.g. symlink + dir) and error
2024-02-23 11:24:32 +00:00
Colin
62b39bf01e
firefox: integrate the "persist" config into "sane.programs"
2024-02-23 11:23:41 +00:00
Colin
0d8307e877
programs: gnome-keyring: sandbox
...
and now secrets are readable again. they were broken for the last ~10 commits :)
2024-02-23 09:49:35 +00:00
Colin
9b1a2ae9bb
programs: mpv: remove useless "extraRuntimePaths = []" override
2024-02-23 09:32:19 +00:00
Colin
b8b805765b
programs: gnome-keyring-daemon: remove the SUID wrapper
...
it's not actually mandated. just, when enabled, gkd will `mlock` its
secrets into memory. but i don't use swap anyway. plus, i'll enable that
momentarily anyway (though systemd will probably not understand the
capablity)
2024-02-23 09:28:41 +00:00
Colin
84eae20765
gnome-keyring: don't integrate with PAM
...
PAM integration is only required if the keyring is encrypted on-disk
2024-02-23 09:15:30 +00:00
Colin
4a10c5f729
gnome-keyring: start as systemd service explicitly, not as implicit dbus service
2024-02-23 09:09:54 +00:00
Colin
c2696c1cd9
gnome-keyring: use sane.fs abstractions to write out the keyrings
2024-02-23 08:57:41 +00:00
Colin
c23e4dc9c7
servo: note why i use file.text instead of symlink.text here
2024-02-23 08:14:27 +00:00
Colin
ea6f45555c
gnome-keyring: simplify the scripts (untested)
2024-02-23 08:14:09 +00:00
Colin
687db545b4
gnome-keyring: move persistence and init script to sane.programs
2024-02-23 07:22:07 +00:00
Colin
24d1d13d0a
programs: simplify sandboxing of file browsers/etc now that private data lives on a different mount
2024-02-23 07:06:29 +00:00
Colin
2ada436634
home: remove ~/private symlink; move to .persist/private and add related aliases
2024-02-23 07:06:29 +00:00
Colin
e5ad0862fb
refactor: move ~/ fs definitions into hosts/common/home, not users/
2024-02-23 07:06:29 +00:00
Colin
057b9e3fed
replace links/references to ~/private/FOO with just ~/FOO
2024-02-23 07:06:29 +00:00
Colin
1bcfccf7e3
refactor: persist ~/knowledge formally instead of relying on the symlink
2024-02-23 07:06:29 +00:00
Colin
170eeeacc4
programs: dereference not just the leaf, but any part of the path, when determining a program's sandbox closure
2024-02-23 07:06:29 +00:00
Colin
a402822084
move "private" store to /mnt/persist/private instead of ~/private
...
this will allow me to add all of ~ to a sandbox without giving all of ~/private
2024-02-23 07:06:29 +00:00
Colin
80ecdcc4f9
persist: plaintext: consider "/mnt/persist/plaintext" as the logical root, and abstract away "/nix/persist"
2024-02-23 07:06:29 +00:00
Colin
0864790bb7
docs: modules/persist: document the "origin" store parameter
2024-02-23 07:06:29 +00:00
Colin
478747a96e
modules/persist: change default mounting method to symlink
...
this changes the plaintext and cryptClearOnBoot stores: private was already symlink-based.
this isn't strictly necessary: the rationale is:
1. `mount` syscall *requires* CAP_SYS_ADMIN (i.e. superuser/suid).
that's causing problems with sandboxing, particularly ~/private.
that doesn't affect other stores *yet*, but it may in the future.
2. visibility. i.e. it makes *clear* where anything is persisted.
if `realpath` doesn't evaluate to `/nix/persist`, then it's not
persisted.
2024-02-23 07:06:29 +00:00
Colin
771dc2e1ce
fs: allow common /mnt points to be mounted by me without sudo
2024-02-23 07:06:29 +00:00
Colin
4a316d4b91
bonsai: lift out of sxmo
2024-02-23 07:06:29 +00:00
Colin
0ff8154e96
icu: fix cross compilation
2024-02-23 07:04:39 +00:00
Colin
af03b3f6e8
xwayland: sandbox
2024-02-23 01:05:24 +00:00
Colin
5819f07181
programs: xwayland: sandbox
2024-02-22 22:12:03 +00:00
Colin
122f3fa5cc
sway: remove xwayland-specific placement of Signal
...
it breaks non-xwayland sway config parsing, and Signal is native Wayland now anyway even with Xwayland running'
2024-02-22 22:01:48 +00:00
Colin
ece612ea70
nixpkgs: 2024-02-21 -> 2024-02-22
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/97c19bdc7ecbe44755084a52acf38e17bdf2bc71' (2024-02-21)
→ 'github:nixos/nixpkgs/024149d718e25378f4decfeeb614b88208c2f700' (2024-02-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0e74ca98a74bc7270d28838369593635a5db3260' (2024-02-21)
→ 'github:nixos/nixpkgs/a7fa133a1e973c127e9c83e2c8e3407ae3797099' (2024-02-22)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/acfcce2a36da17ebb724d2e100d47881880c2e48' (2024-02-20)
→ 'github:Mic92/sops-nix/f6b80ab6cd25e57f297fe466ad689d8a77057c11' (2024-02-21)
```
2024-02-22 07:07:29 +00:00
Colin
f27f994090
systemd: fix the timeout for the user service manager
2024-02-22 00:24:05 +00:00
Colin
473999c001
sway: re-enable networkmanager
2024-02-21 23:46:25 +00:00
Colin
d1de9efde1
sway: port xwayland use to sane.programs API
2024-02-21 23:32:10 +00:00
Colin
50c3f04714
pipewire: remove dead alsa comments
2024-02-21 23:26:40 +00:00
Colin
49bad8f186
sway: split pipewire persisted file into pipewire.nix
2024-02-21 23:26:25 +00:00
Colin
fd9f500e97
sway: split pipewire config into separate sane.programs.pipewire
2024-02-21 23:23:52 +00:00
Colin
386651044e
sway: port to sane.programs API
2024-02-21 23:18:57 +00:00
Colin
55a6c828f2
sway: lift portal/menu reset into polyunfill.nix
2024-02-21 22:09:53 +00:00
Colin
7ecebd7521
sway: treat fontconfig as an ordinary sane.programs
2024-02-21 22:08:45 +00:00
Colin
7b299176e3
sway: simplify the wrapper
2024-02-21 22:06:10 +00:00
Colin
4da9cb5ac8
sway: simplify the wrapper... slightly
2024-02-21 21:42:48 +00:00
Colin
f068da709f
sway: compile with xwayland only if we plan to use it at runtime
...
else it's just extra weight
2024-02-21 21:05:41 +00:00
Colin
5b21257e4f
gui: sway: remove `useGreeter` option (provide a greeter always, via suggestedPrograms)
2024-02-21 20:59:34 +00:00
Colin
d77a12ce7b
unl0kr: remove the "afterLogin" option and choose automatically which desktop to launch
2024-02-21 20:47:48 +00:00
Colin
153d2a1047
GSK_RENDERER: don't set globally, but just for the apps which _actually_ require it
...
this way i can avoid conflicts around apps which don't expect this to be set (e.g. delfin)
2024-02-21 16:56:56 +00:00
Colin
2a528a5d8e
sane-sandboxed: leave a note about future mount work
2024-02-21 16:08:42 +00:00
Colin
b8f090be93
programs: delfin: add required mpris permissions
2024-02-21 13:27:19 +00:00
Colin
b16902bec1
delfin: downgrade 0.4.1 -> 0.4.0
...
0.4.1 doesn't cross compile because of rust requirement. 0.4.0 does
2024-02-21 13:26:54 +00:00
Colin
c919372324
delfin: add option to build in debug mode, and with debug patches
2024-02-21 12:09:48 +00:00
Colin
60371585e4
delfin: 0.4.0 -> 0.4.1
2024-02-21 09:04:49 +00:00
Colin
20cb850fb5
nixpkgs: 2024-02-18 -> 2024-02-21
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/d076cde70cbceca9315a11bdc609ddfcec9dfbca' (2024-02-18)
→ 'github:nixos/nixpkgs/97c19bdc7ecbe44755084a52acf38e17bdf2bc71' (2024-02-21)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/9511a7b219df1f8d8f5c2a58c4870fde169fe397' (2024-02-18)
→ 'github:nixos/nixpkgs/0e74ca98a74bc7270d28838369593635a5db3260' (2024-02-21)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/ffed177a9d2c685901781c3c6c9024ae0ffc252b' (2024-02-18)
→ 'github:Mic92/sops-nix/acfcce2a36da17ebb724d2e100d47881880c2e48' (2024-02-20)
```
2024-02-21 00:35:14 +00:00
Colin
c6470918de
types.string -> types.str
2024-02-21 00:25:44 +00:00
Colin
c0f374bd80
programs: sane-secrets-dump: don't leak secrets onto proc/cmdline
2024-02-21 00:24:31 +00:00
Colin
5a0760a571
programs: sandbox oathtools
2024-02-21 00:03:48 +00:00
Colin
757ab79724
programs: dconf: sandbox
2024-02-20 23:43:25 +00:00
Colin
81148b7b42
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
2024-02-20 23:39:27 +00:00
Colin
429d0c53e7
programs: ripgrep: sandbox with bwrap instead of landlock
...
this provides network isolation
2024-02-20 23:32:54 +00:00
Colin
6cf1bc5a28
programs: grep: sandbox
2024-02-20 23:32:28 +00:00
Colin
768b340c93
findutils: sandbox
...
use bwrap instead of landlock for the dumb preference that i can disable
net
2024-02-20 23:31:58 +00:00
Colin
d9901aa161
programs: sane-secrets-*: sandbox
2024-02-20 23:31:39 +00:00
Colin
be2098c18a
programs: sane-vpn: sandbox
2024-02-20 23:05:24 +00:00
Colin
ee7d99289a
sane-vpn: allow shorthands like "sane-vpn up us" instead of full ovpnd-us
2024-02-20 23:01:53 +00:00
Colin
bb569b1668
sane-vpn: port away from systemd so that i can use it as an ordinary user (no sudo)
2024-02-20 22:21:02 +00:00
Colin
34524ea3e4
modules/vpn: fix the vpn-* systemd services
2024-02-20 20:40:46 +00:00
Colin
71025329e7
programs: sane-dev-cargo-loop: sandbox
2024-02-20 19:26:38 +00:00
Colin
ca4d1e3b9d
programs: sane-tag-music: sandbox
2024-02-20 19:26:18 +00:00
Colin
284b698015
sane-reclaim-boot-space: fix, and sandbox
...
well i didn't get to test this thoroughly: might still have problems
2024-02-20 19:16:36 +00:00
Colin
bc50daf685
nix.settings: port to structured attrs
2024-02-20 18:35:03 +00:00
Colin
47dcfb9cba
fix `nix.settings.nix-path` to actually take effect
...
now i can `nix-shell` again! nix-path takes precedence over `NIX_PATH`
env var.
2024-02-20 17:54:25 +00:00
Colin
2bd99f6e51
remove no-longer-needed nix trusted-users setting
...
well, it *seems* to work, at least!
2024-02-20 13:43:41 +00:00
Colin
8beac8df2f
programs: sandbox sane-shutdown, sane-reboot
2024-02-20 13:43:05 +00:00
Colin
58db553c84
programs: unl0kr: sandbox
2024-02-20 13:29:56 +00:00
Colin
2ea3776d84
programs: sane-sync-from-servo: remove
...
this was obsoleted by the top-level flake `sync` scripts
2024-02-20 13:16:21 +00:00
Colin
d596d005ca
systemd: configure a 25s stop timeout for the user manager too (hopefully)
2024-02-20 13:11:47 +00:00
Colin
e92db138ef
systemd: allow ordinary users to invoke shutdown/reboot
2024-02-20 12:25:04 +00:00
Colin
5fed127c23
refactor: split systemd config into own file
2024-02-20 12:18:28 +00:00
Colin
db49f0461c
refactor: move nix stuff out of common/default.nix -> common/nix/default.nix
2024-02-20 12:16:00 +00:00
Colin
73bb7827c0
refactor: nix-path/ -> nix/
2024-02-20 12:13:52 +00:00
Colin
a624571b22
move glib program recommendation into programs/assorted.nix
2024-02-20 12:11:26 +00:00
Colin
53cbe5c8da
dconf: split into own `sane.programs` definition
2024-02-20 12:09:52 +00:00
Colin
46de7b7e0d
move environment.defaultPackages clearing into polyunfill.nix
2024-02-20 11:54:39 +00:00
Colin
d7be5da483
warnings.nix: port to a proper module
2024-02-20 11:19:12 +00:00
Colin
902e351085
hack: silence the warning about using hashedPasswordFile *and* initialPassword
...
see: <https://github.com/NixOS/nixpkgs/pull/287506 >
i'll factor this into something more general, later
2024-02-20 11:11:07 +00:00
Colin
9e8e1d82a6
flake: add a deploy.self-light target
2024-02-20 10:24:33 +00:00
Colin
a05184f956
programs: neovim: fix nvim-treesitter typo
2024-02-20 10:23:52 +00:00
Colin
36ad2d5421
programs: unl0kr: auto-derive the user option
2024-02-20 07:21:22 +00:00
Colin
b0f62830a5
unl0kr: port to `sane.programs`
2024-02-20 07:14:30 +00:00
Colin
f970679266
sxmo: remove symlinks for legacy sxmo_hook_{poweroff,reboot}.sh
2024-02-20 06:49:42 +00:00
Colin
c7f4661c1c
programs: htop: persist config
2024-02-20 05:38:45 +00:00
Colin
e8306831c5
programs: qemu: mark as slowToBuild
2024-02-20 05:34:47 +00:00
Colin
41b1a013d7
programs: sane-sudo-redirect: disable sandbox
2024-02-19 17:09:27 +00:00
Colin
f785ccd351
programs: sane-reclaim-disk-space: sandbox
2024-02-19 17:06:22 +00:00
Colin
48744dcaaa
programs: sane-ip-reconnect: remove (unused)
2024-02-19 17:05:27 +00:00
Colin
9373864b60
programs: sane-git-init: remove (unused)
2024-02-19 16:53:59 +00:00
Colin
c16c9dfe0b
programs: sandbox a bunch of sane scripts
2024-02-19 16:51:53 +00:00
Colin
292a411fb3
linux-megous: 6.7.2 (20240127-1717) -> 6.7.4 (20240211-1928)
2024-02-19 16:37:11 +00:00
Colin
2d17826731
programs: eza: sandbox with bwrap instead of landlock
2024-02-19 15:32:40 +00:00
Colin
34dedcff57
modules/programs: sane-sandboxed: fix normPath handling of paths containing special characters like [
2024-02-19 15:32:23 +00:00
Colin
de297f22be
programs: split sane-scripts out of assorted.nix
2024-02-19 14:19:10 +00:00
Colin
4b47b76461
programs: sfeed: sandbox
2024-02-19 14:14:59 +00:00
Colin
3effd59c9b
xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us
...
that gets more reliable environment importing, etc
2024-02-19 13:44:23 +00:00
Colin
a3d0691d99
trivial-builders: add rmDbusServicesInPlace for when the symlink method isnt applicable
2024-02-19 13:43:22 +00:00
Colin
44647e0d36
programs: forkstat: sandbox
2024-02-19 13:15:15 +00:00
Colin
da1053d635
programs: configure auto-launching programs to only start *after* graphical-session.target
...
this ensures they really have their environment
2024-02-19 12:58:08 +00:00
Colin
273b1b84e3
systemd: reduce the stop job timeout
2024-02-19 12:58:08 +00:00
Colin
0b6b98bba6
sway: add a safeguard to catch if the systemd environ race condition is re-introduced
2024-02-19 12:58:08 +00:00
Colin
8886177c23
xdg-desktop-portal: fix it to find all the portal configs again
...
maybe i broke this when i simplified XDG_CONFIG_DIRS? not sure
2024-02-19 12:58:08 +00:00
Colin
7e343bfc05
sway: fix race condition around dbus/systemd environment importing
2024-02-19 10:52:51 +00:00
Colin
f72bdb6f3a
activationScripts: notify on deploy: fix to work with new SWAYSOCK name
2024-02-19 08:21:23 +00:00
Colin
5666a05ef0
strip out a bunch of unused nixpkgs defaults
2024-02-19 06:20:13 +00:00
Colin
05daf738fc
nixpkgs: 2024-02-17 -> 2024-02-18
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/6caa6affcc4774c81467ed08fa3ec35da40fd1d9' (2024-02-17)
→ 'github:nixos/nixpkgs/d076cde70cbceca9315a11bdc609ddfcec9dfbca' (2024-02-18)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/28d6a724f54085377102db7c3278ba82a0a5255f' (2024-02-17)
→ 'github:nixos/nixpkgs/9511a7b219df1f8d8f5c2a58c4870fde169fe397' (2024-02-18)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/48afd3264ec52bee85231a7122612e2c5202fa74' (2024-02-13)
→ 'github:Mic92/sops-nix/ffed177a9d2c685901781c3c6c9024ae0ffc252b' (2024-02-18)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/d8cd80616c8800feec0cab64331d7c3d5a1a6d98' (2024-02-10)
→ 'github:NixOS/nixpkgs/69405156cffbdf2be50153f13cbdf9a0bea38e49' (2024-02-17)
```
2024-02-18 19:05:04 +00:00
Colin
35b4cc779f
megapixels: switch to bwrap, to support Loupe image viewer
2024-02-18 18:46:37 +00:00
Colin
c7d111a318
megapixels: 1.7.0 -> 1.8.0
2024-02-18 18:27:47 +00:00
Colin
7e5eb6324d
megapixels: sandbox
...
it's iffy... 1.8.0 is released, which can be sandboxed w/o sys/dev/char or ~/.local/share/applications, but seems to be even flakier
2024-02-18 17:44:49 +00:00
Colin
95cb5624ca
modules/programs: sane-sandboxed: fix but that --sane-sandbox-path / wasnt being canonicalized
2024-02-18 13:53:53 +00:00
Colin
55c305812d
WIP: megapixels: sandbox
2024-02-18 13:53:18 +00:00
Colin
600f6eb56c
modules/programs: sane-sandboxed: remove all remaining forks/subshells
...
launchtime for firefox in bwrap is about 65ms; 35ms for --sane-sandbox-method none
2024-02-18 13:15:04 +00:00
Colin
fd6f8493a7
modules/programs: sane-sandboxed: remove all forking from normPath
...
reduces time for librewolf benchmark from 90ms -> 65ms. there's still _some_ forking in this script, but it's constant now.
2024-02-18 12:25:03 +00:00
Colin
f10f1ee7b1
modules/programs: sane-sandboxed: optimize "normPath" to not invoke subshells
...
each subshell causes like 5ms just on my laptop, which really adds up.
this implementation still forks internally, but doesn't exec.
runtime decreases from 150ms -> 90ms for
`time librewolf --sane-sandbox-replace-cli true`
2024-02-18 12:08:23 +00:00
Colin
67395bdcd3
programs: ship forkstat
2024-02-18 11:58:30 +00:00
Colin
90ceeede74
programs: flare-signal: disable (unused)
2024-02-18 07:07:29 +00:00
Colin
32a704b1b8
moby: disable unused "calls" program
...
i may have future use for it, but as-is currently it's not worth the difficulty of sandboxing
2024-02-18 07:07:29 +00:00
Colin
a591be98d4
programs: portfolio-filemanager: sandbox
2024-02-18 07:07:29 +00:00
Colin
82e028e37d
programs: nautilus: assign a mime priority
2024-02-18 07:07:29 +00:00
Colin
a531676d0d
mime: include an error message when two file associations have identical mime priority
2024-02-18 07:07:29 +00:00
Colin
7f7543ee78
programs: planify: sandbox
2024-02-18 07:07:29 +00:00
Colin
8d0e3e0db3
programs: notejot: sandbox
2024-02-18 07:07:29 +00:00
Colin
bf352d184c
programs: tangram: sandbox
2024-02-18 07:07:29 +00:00
Colin
81a6600f54
programs: xarchiver: sandbox
2024-02-18 07:07:29 +00:00
Colin
9fde167e71
firefox-extensions.open-in-mpv: build from source
...
this ensures that the extension and the native component stay in sync
2024-02-18 06:14:49 +00:00
Colin
4e180e11df
open-in-mpv: update the non-browser component to 2.2.0
...
i _suppose_ i should keep these in sync... hmm
2024-02-18 06:02:00 +00:00
Colin
902166e45a
sxmo-utils: 2024-01-01 -> 2024-02-05
2024-02-18 04:57:20 +00:00
Colin
797bc4e188
delfin: 0.3.0 -> 0.4.0
...
i can't upstream this until i figure out why both versions fail to open media for me (portal stuff?)
2024-02-18 04:54:35 +00:00
Colin
536f0aedc3
open-in-mpv: remove my patch which has been upstreamed, previously required to use xdg-open
2024-02-18 04:52:27 +00:00
Colin
b855df902f
firefox-extensions: metamask,open-in-mpv,sponsorblock,ublacklist: update to latest
2024-02-18 04:50:03 +00:00
Colin
80ce49c579
firefox-extensions.bypass-paywalls-clean: 3.5.3.0 -> 3.5.5.0
2024-02-18 04:49:18 +00:00
Colin
408059420d
snippets: prefer the repology link which specifically shows my outdated packages
2024-02-18 04:15:05 +00:00
Colin
a3102c9395
pkgs overlay: prefer my own packages, if theyre newer than whats in nixpkgs
...
this gives me an easier way to test updates for the packages i maintain than a workflow based on patching nixpkgs
2024-02-18 04:07:23 +00:00
Colin
6760fcf1f4
snippets: remove home-manager; add repology
2024-02-18 03:43:32 +00:00
Colin
a90898491e
flake: fix "preDeploy" action mishandling null
2024-02-18 01:24:05 +00:00
Colin
059940d8e7
nixpkgs: 2024-02-16 -> 2024-02-17
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0ec5bef772dc12003df7a55f7be1f7b8809f8b48' (2024-02-16)
→ 'github:nixos/nixpkgs/6caa6affcc4774c81467ed08fa3ec35da40fd1d9' (2024-02-17)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/1225df86908f6f5b23553e9d77da4df4bfdd58ef' (2024-02-16)
→ 'github:nixos/nixpkgs/28d6a724f54085377102db7c3278ba82a0a5255f' (2024-02-17)
```
2024-02-17 17:18:38 +00:00
Colin
98aafead94
programs: wob: add missing "coreutils" dep
...
it *should* be acquired via user's PATH, but wob-pulse can start before sway imports PATH to systemd
2024-02-17 16:38:22 +00:00
Colin
cef2591425
modules/programs: sane-sandboxed: capshonly/landlock: don't request capabilities we know won't be granted
2024-02-17 16:30:18 +00:00
Colin
f8663cd827
programs: monero-gui: sandbox
2024-02-17 16:06:58 +00:00
Colin
af1ee1734d
programs: wireguard-tools: sandbox
2024-02-17 15:54:16 +00:00
Colin
5375cab716
programs: ntfy-sh: sandbox
2024-02-17 15:47:47 +00:00
Colin
162b3f5674
imagemagick: don't add 'ghostscript' package to path
2024-02-17 15:45:50 +00:00
Colin
a729f91d21
programs: jq: add working sandbox criteria, but don't enable yet
...
i need to handle the extremely common `cat foo | jq .` without adding
`.` to the sandbox
2024-02-17 15:36:41 +00:00
Colin
a273b559e2
programs: gnome-disk-utility: sandbox
2024-02-17 15:36:28 +00:00
Colin
785b375671
programs: smartmontools (smartctl): sandbox
2024-02-17 15:36:13 +00:00
Colin
24cba0c856
programs: xq: remove
2024-02-17 15:30:23 +00:00
Colin
df1db5d01c
programs: sox: sandbox
2024-02-17 15:27:22 +00:00
Colin
6749b64bca
programs: nautilus: add mounted media to the sandbox
2024-02-17 15:26:49 +00:00
Colin
d3e4bdfcd5
programs: gdisk: fix sandboxing
2024-02-17 15:26:16 +00:00
Colin
799cd4373f
programs: socat: disable
2024-02-17 15:11:12 +00:00
Colin
2efa6d1e27
programs: mepo: sandbox
2024-02-17 15:08:21 +00:00
Colin
a1470956a5
programs: gdisk: sandbox
2024-02-17 14:57:33 +00:00
Colin
556c20bc04
programs: vulkan-tools: sandbox
2024-02-17 14:53:22 +00:00
Colin
cf5f58dda6
programs: nmap: sandbox
2024-02-17 14:51:26 +00:00
Colin
fd30f7abbc
dev-machines: disable broken ldd-aarch64 program
2024-02-17 14:47:28 +00:00
Colin
6f8c299c69
programs: xdg-desktop-portal: log more
2024-02-17 14:40:56 +00:00
Colin
bbf7aac062
programs: gnome-frog: sandbox
2024-02-17 14:40:42 +00:00
Colin
7d1fd2f30a
programs: nvme-cli: sandbox
2024-02-17 14:40:29 +00:00
Colin
472987f164
programs: gimp: fix sandboxing failure
2024-02-17 13:43:35 +00:00
Colin
784c2145f3
programs: iputils: sandbox
2024-02-17 03:33:05 +00:00
Colin
4ced02b0b2
modules/programs: make-sandboxed: fix incorrect "priority" attribute
2024-02-17 03:32:49 +00:00
Colin
0000afb315
programs: make `nixosBuiltins` package set more precise
2024-02-17 03:08:14 +00:00
Colin
31fa21bd20
programs: host/iproute2/iw/nettools/wirelesstools: sandbox
2024-02-17 03:05:58 +00:00
Colin
9510817604
programs: document nixosBuiltins programs
2024-02-17 02:40:28 +00:00
Colin
4a84de3ee4
programs: inetutils/iptables: sandbox
2024-02-17 02:32:57 +00:00
Colin
ab42a4cc5a
programs: qemu: disable sandbox
2024-02-17 01:43:58 +00:00
Colin
f6537b083a
programs: discord: add dbus to sandbox
2024-02-17 01:42:22 +00:00
Colin
5ff1d014b8
servo: transmission: fix user agent
2024-02-17 01:35:40 +00:00
Colin
fa41e6c402
nixpkgs: 2024-02-14 -> 2024-02-16; uninsane-dot-org -> 2024-02-15
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/52e165035c897a7b41ff26bc235f8d841e9d3850' (2024-02-14)
→ 'github:nixos/nixpkgs/0ec5bef772dc12003df7a55f7be1f7b8809f8b48' (2024-02-16)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c0a130d16b170f4820c3d2ed294a7aaabf451bfd' (2024-02-14)
→ 'github:nixos/nixpkgs/1225df86908f6f5b23553e9d77da4df4bfdd58ef' (2024-02-16)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=4a1fa488e64e6c87c6c951e3fafb2684692f64d3 ' (2024-01-01)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=bb10cd8853d05191e4d62947d93687c462e92c30 ' (2024-02-15)
```
2024-02-16 15:34:19 +00:00
Colin
1b4306e649
programs: switch bridge-utils, btrfs-progs from landlock -> bwrap
...
landlock can't isolate net yet, so bwrap gives better sandboxing
2024-02-16 15:32:41 +00:00
Colin
af8a8358bd
programs: hdparm: sandbox
2024-02-16 15:32:41 +00:00
Colin
464c6c56c5
programs: btrfs-progs: sandbox
2024-02-16 15:32:41 +00:00
Colin
8e314e8b73
programs: bridge-utils: sandbox
2024-02-16 15:32:41 +00:00
Colin
198029f95f
programs: netcat: sandbox
2024-02-16 15:32:41 +00:00
Colin
1d646459ab
programs: pulsemixer: sandbox
2024-02-16 15:32:41 +00:00
Colin
8f3bab3636
programs: sort
2024-02-16 15:32:41 +00:00
Colin
a909a93c29
programs: strings: fix sandboxing
2024-02-16 15:32:41 +00:00
Colin
6aaa724abf
programs: strings: sandbox
2024-02-16 14:57:25 +00:00
Colin
a1c721d5b4
programs: binutils-unwrapped -> strings: distribute just the binary i care about
2024-02-16 14:57:25 +00:00
Colin
4002a57e03
servo: transmission: advertise as 3.00 to deal with old trackers
2024-02-16 12:58:08 +00:00
Colin
74a0b0d125
gitea: serve phone-case-cq/ build files as proper html/js content type
2024-02-16 12:07:28 +00:00
Colin
cd3b4dde7b
programs: nix-index: sandbox
2024-02-16 11:39:05 +00:00
Colin
a9d384688a
programs: alsaUtils: sandbox
2024-02-16 11:28:43 +00:00
Colin
fffd6f4204
programs: pciutils: sandbox
2024-02-16 11:12:47 +00:00
Colin
324485d105
programs: networkmanagerapplet: sandbox
2024-02-16 11:07:24 +00:00
Colin
7cb8b144b2
programs: sandbox fatresize
2024-02-16 10:45:56 +00:00
Colin
c2bb97e7e6
programs: ethtool: sandbox
2024-02-16 10:38:39 +00:00
Colin
3cbdc03369
programs: zeal: disable sandboxing
2024-02-16 10:32:49 +00:00
Colin
5c7fa591a0
programs: sandbox: dtrx/e2fsprogs/efibootmgr/electrum
2024-02-16 10:32:18 +00:00
Colin
18c54e8b04
programs: sandbox cryptsetup and ddrescue (latter is untested, probably lacking!)
2024-02-16 10:05:24 +00:00
Colin
1416856fb6
programs: blueberry: sandbox
2024-02-16 07:58:00 +00:00
Colin
2a5bc6f612
programs: util-linux: disable sandbox
2024-02-16 07:37:59 +00:00
Colin
c56a6a8c24
programs: disable libcap_ng since it cant sandbox
2024-02-16 07:32:34 +00:00
Colin
f5a4bdedaf
programs: libcap_ng (netcap): disable sandbox
2024-02-16 07:32:05 +00:00
Colin
114a45f347
programs: pstree: sandbox
2024-02-16 06:57:45 +00:00
Colin
d53344d527
programs: killall: sandbox
2024-02-16 06:57:32 +00:00
Colin
561447de70
programs: shattered-pixel-dungeon: sandbox
2024-02-16 06:57:03 +00:00
Colin
b6f918c32f
TODO.md: update sandboxing tasks
2024-02-16 06:18:11 +00:00
Colin
9cc12fab5d
programs: gpodder: fix to work in sandbox (add dbus)
2024-02-16 06:07:46 +00:00
Colin
5cda3b2805
programs: firefox/fractal: document portal filechooser limitations
2024-02-16 05:49:56 +00:00
Colin
4afd56ff4c
programs: powertop: fix capabilities typo in sandbox definition
2024-02-16 05:49:13 +00:00
Colin
029ba43bd6
modules/programs: sane-sandboxed: invoke "capsh" with the --no-new-privs argument
2024-02-16 05:48:50 +00:00
Colin
00e4078300
programs: disable lemoa. it's broken and development doesn't seem to be progressing
2024-02-16 05:34:24 +00:00
Colin
94b4f78e39
programs: lemoa: sandbox
2024-02-16 05:32:22 +00:00
Colin
3fd89ec91b
programs: sandbox powertop
2024-02-16 05:28:17 +00:00
Colin
4085828575
programs: sandbox parted
2024-02-16 05:28:07 +00:00
Colin
1a972927b6
programs: sandbox nethogs, nmon, nixpkgs-review
2024-02-16 05:27:50 +00:00
Colin
5f3ec42f57
programs: sandbox lsof with capsh only
...
can't get it to sandbox any more aggressively with either landlock or
bwrap
2024-02-16 04:55:18 +00:00
Colin
28aaeb051f
programs: disable sandboxing for strace and screen
2024-02-16 04:51:52 +00:00
Colin
9d252d095e
programs: htop/iotop/iftop: sandbox
2024-02-16 04:51:18 +00:00
Colin
4e5e4219ec
programs: usbutils: sandbox
2024-02-16 04:03:47 +00:00
Colin
824dd7c1f5
programs: endless-sky: sandbox with bwrap
2024-02-16 04:00:27 +00:00
Colin
b840a0d61c
programs: space-cadet-pinball: sandbox w/ bwrap
2024-02-16 03:58:09 +00:00
Colin
36bcecfd68
programs: sort
2024-02-16 03:53:53 +00:00
Colin
c3a5fb9394
programs: wdisplays: sandbox with bwrap
2024-02-16 03:53:27 +00:00
Colin
30507c3564
programs: soundconverter: sandbox with bwrap
2024-02-16 03:51:23 +00:00
Colin
2b66ffc58a
programs: feedbackd: sandbox w/ bwrap
2024-02-16 03:49:59 +00:00
Colin
48d96c1f36
programs: hase: sandbox with bwrap
...
couldn't test the net feature, because hase servers have since gone
offline :((
2024-02-16 03:48:59 +00:00
Colin
cdf61755a3
programs: splatmoji: document the sandboxing approach
2024-02-16 03:46:48 +00:00
Colin
dd1dc69530
packages: remove unused kid3
2024-02-16 03:39:45 +00:00
Colin
481f54ea2f
packages: disable unused packages: makemkv, mumble, openscad
2024-02-16 03:20:17 +00:00
Colin
511752fab5
programs: xdg-desktop-portal{-gtk,-wlr}: enable sandbox
2024-02-16 03:17:19 +00:00
Colin
40ed7cff1b
programs: git: fix failing sandbox build
2024-02-16 03:16:46 +00:00
Colin
5e7f914354
programs: superTux: fix failing sandbox build
2024-02-16 03:16:28 +00:00
Colin
8c9c6ec979
modules/programs: make-sandboxed: support /libexec binaries
2024-02-16 03:15:45 +00:00
Colin
0dec8b6d5b
programs: fontconfig: sandbox
2024-02-15 18:26:45 +00:00
Colin
7eaffc9fa0
programs: w3m: enable sandbox
2024-02-15 18:25:48 +00:00
Colin
b7c1a6331d
programs: mate.engrampa: enable sandbox
2024-02-15 18:24:27 +00:00
Colin
d6868d58e6
xdg-desktop-portal: disable sandbox
2024-02-15 18:23:40 +00:00
Colin
1edb1fc8b6
modules/programs: sane-sandboxed: avoid adding the sandbox implementation to $PATH
2024-02-15 17:58:22 +00:00
Colin
52d768a162
programs: xterm: mark as not needing a sandbox
2024-02-15 17:26:55 +00:00
Colin
7a685d8de9
programs: inkscape: sandbox with bwrap
2024-02-15 17:26:37 +00:00
Colin
838c6d7dc8
programs: swaync: sandbox
2024-02-15 16:38:38 +00:00
Colin
8d20dcadd1
modules/programs: sane-sandboxed: add --sane-sandbox-keep-pidspace flag
2024-02-15 15:05:28 +00:00
Colin
9d706df5b5
programs: waybar: narrow the /run/user paths to just sway-ipc.sock
2024-02-15 14:40:01 +00:00
Colin
06f1f1e9ea
sway: give SWAYSOCK a consistent name
2024-02-15 14:38:54 +00:00
Colin
2fbbe7fd78
sway: remove unused "sane.gui.sway.package" option
2024-02-15 14:38:10 +00:00
Colin
24d23f7903
programs: bemenu: fix sandboxing
2024-02-15 14:33:20 +00:00
Colin
0394aa65e9
sway: simplify config
2024-02-15 14:25:45 +00:00
Colin
5090c4e88c
sway: define without using nixos "programs.sway"
...
motivation was to leverage 'sane.programs.sway.env' to statically configure SWAYSOCK. i think that's still the right way: we'll see
2024-02-15 14:25:27 +00:00
Colin
081114da65
programs: waybar: sandbox in a way that works well for moby too
2024-02-15 13:16:18 +00:00
Colin
c943442c94
modules/programs: sane-sandboxed: add --sane-sandbox-method none for benchmarking
2024-02-15 13:13:39 +00:00
Colin
02b7586ffa
programs: komikku: add dbus to the sandbox to fix it
2024-02-15 11:58:08 +00:00
Colin
02dd629616
modules/programs: sane-sandboxed: rework so portal env vars arent set when sandbox is disabled
...
and by setting them only at launch time we aid introspectability/debugging
2024-02-15 11:57:36 +00:00
Colin
25dcb7f89a
programs: open-in-mpv: document that upstream merged my PR
2024-02-15 11:38:37 +00:00
Colin
88f1d63b6e
firefox: properly integrate xdg-desktop-portal for opening media
2024-02-15 11:36:50 +00:00
Colin
d36e269edd
programs: loupe: remove the dbus services to make it work with Firefox
2024-02-15 11:36:24 +00:00
Colin
40af8b95fd
pkgs.rmDbusServices: also remove dbus properties from .desktop files
2024-02-15 11:35:52 +00:00
Colin
582a003739
programs: waybar: fix battery indicator within sandbox
2024-02-15 10:35:24 +00:00
Colin
df60be8c61
open-in-mpv: sandbox with bwrap
2024-02-15 09:49:03 +00:00
Colin
e8b4c36442
programs: nautilus: specify inode/directory mime association
2024-02-15 09:48:26 +00:00
Colin
2f699737f5
firefox: fix open-in-mpv integration
...
two parts: add open-in-mpv's config to firefox's sandbox; patch open-in-mpv to forward to xdg-open
2024-02-15 09:14:57 +00:00
Colin
4a3d24be3f
waybar: migrate all config to "sane.programs"
2024-02-15 07:18:12 +00:00
Colin
10feb319fe
sway: lift waybar to own file and sandbox it
2024-02-15 02:33:40 +00:00
Colin
fde1e5d872
README: add a graphic
2024-02-15 01:01:31 +00:00
Colin
b2fcf6fdfd
programs: messengers (fractal, signal, dino, tuba): add media libraries to the sandbox
2024-02-15 00:49:24 +00:00
Colin
dcc2eb265d
programs: re-enable sandbox for tumiki-fighters and losslesscut (X applications)
2024-02-15 00:09:40 +00:00
Colin
5f1036118f
modules/programs: sandboxing: add a "whitelistX" option
2024-02-15 00:09:16 +00:00
Colin
8ac4869f10
gpodder-adaptive: fix meta.position and thereby fix NUR eval
...
idk why it broke. seems that attrset members (passthru.*) don't preserve their position anymore
2024-02-14 23:39:18 +00:00
Colin
226425bbef
nixpkgs: 2024-02-13 -> 2024-02-14; sops-nix -> 2024-02-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/013603a52da98fe4abf15a5700479a58fa5899a5' (2024-02-13)
→ 'github:nixos/nixpkgs/52e165035c897a7b41ff26bc235f8d841e9d3850' (2024-02-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c' (2024-02-13)
→ 'github:nixos/nixpkgs/c0a130d16b170f4820c3d2ed294a7aaabf451bfd' (2024-02-14)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/695275c349bb27f91b2b06cb742510899c887b81' (2024-02-12)
→ 'github:Mic92/sops-nix/48afd3264ec52bee85231a7122612e2c5202fa74' (2024-02-13)
```
2024-02-14 22:50:47 +00:00
Colin
518c3afd07
programs: sandbox: disable losslesscut/tumiki-fighters sandbox until i can figure out Xwayland
2024-02-14 14:37:59 +00:00
Colin
90dee85664
programs: sort alphabetically
2024-02-14 14:28:22 +00:00
Colin
26fc283fd9
programs: losslesscut: sandbox
2024-02-14 14:26:56 +00:00
Colin
d0430ce1e9
programs: pavucontrol/pwvucontrol: enable audio devices inside the sandbox
2024-02-14 14:26:56 +00:00
Colin
368a52b91e
programs: speedtest-cli: sandbox with bwrap
2024-02-14 14:26:56 +00:00
Colin
d90dacee1f
programs: grimshot: sandbox with bwrap
2024-02-14 14:17:41 +00:00
Colin
a6e2b3bc5c
programs: xdg-terminal-exec: disable sandbox
2024-02-14 14:11:35 +00:00
Colin
8863a3c674
programs: wob: sandbox with bwrap
2024-02-14 14:10:20 +00:00
Colin
fa8d6dbb9f
programs: wob: fix config substitution
2024-02-14 14:04:54 +00:00
Colin
e5e79a6b60
programs: FileMimeInfo: disable sandbox
2024-02-14 13:54:21 +00:00
Colin
95f7eeeb5c
programs: libnotify: sandbox with bwrap
2024-02-14 13:49:48 +00:00
Colin
29d638c68b
programs: dig: sandbox with bwrap
2024-02-14 13:47:44 +00:00
Colin
7d22a5466f
programs: zsh: fix "switch" function to be friendly to sandboxing
2024-02-14 13:45:56 +00:00
Colin
b747742e23
flake: implement "deploy.self" app as replacement for nixos-rebuild switch
2024-02-14 13:45:15 +00:00
Colin
5907d9fa42
Revert "xdg-desktop-portal-gtk: build without support for notifications"
...
This reverts commit c9e02bfd8a
.
disable notifications at this level did not cause fractal (gtk app) to
send its notifications to swaync. instead, it still tried to deliver to
the Portal, where the Portal wasn't expecting anything and just returned
an error to fractal.
setting `GNOTIFICATION_BACKEND = "freedesktop"` seems to be the correct
way to get gtk apps to behave as desired with their notifications.
2024-02-14 11:09:37 +00:00
Colin
67fe8d4666
swaync: propagate `GNOTIFICATION_BACKEND = "freedesktop"` to all users
2024-02-14 11:09:20 +00:00
Colin
22ca253ae0
modules/programs: better document the `env` option
2024-02-14 11:08:43 +00:00
Colin
c9e02bfd8a
xdg-desktop-portal-gtk: build without support for notifications
2024-02-14 10:51:18 +00:00
Colin
03b58b3cab
programs: vim: support system copy/paste inside of sandbox
2024-02-14 09:11:31 +00:00
Colin
ae01c17c05
programs: splatmoji: fix to work inside a sandbox again
2024-02-14 09:11:12 +00:00
Colin
677e6e679b
programs: sandbox {s,}waylock lockscreen
2024-02-14 08:48:03 +00:00
Colin
3eb47a9a8d
programs: swaylock: *partially* sandbox with capsh
2024-02-14 05:46:36 +00:00
Colin
f11e443678
programs: waylock: *partially* sandbox with capsh
2024-02-14 05:46:28 +00:00
Colin
9faf1bb52c
README: document the sandboxing feature of my "programs" module
2024-02-14 05:24:48 +00:00
Colin
e599724811
README: use consistent tab width (2 spaces)
2024-02-14 05:18:43 +00:00
Colin
c0b03950dc
README: format links to local files in a way that markdown will render them
2024-02-14 05:16:59 +00:00
Colin
8f8ec090c4
programs: add "waylock"
2024-02-14 05:01:33 +00:00
Colin
e174eaeff0
programs: loupe: fix sandboxing
2024-02-14 04:32:10 +00:00
Colin
8b32f2f231
modules/programs: add support for 'autodetectCliPaths = parent'
2024-02-14 04:31:59 +00:00
Colin
f12b7afa1e
programs: mimeo: dont sandbox
2024-02-14 01:51:26 +00:00
Colin
080bd856ec
programs: sandboxing: only permit wayland socket access to those specific apps which require it
2024-02-14 01:49:49 +00:00
Colin
548a95a7e1
modules/programs: sandboxing: unshare ipc/cgroup/uts by default
2024-02-14 01:48:59 +00:00
Colin
2d7c5b9fa5
programs: mpv: explicitly add Videos/servo, Books/servo to sandbox
2024-02-13 15:38:57 +00:00
Colin
e696cb96b6
nixpkgs: 2024-02-12 -> 2024-02-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f176844192a0b4ab719dffd91fcf356fc24ccbff' (2024-02-12)
→ 'github:nixos/nixpkgs/013603a52da98fe4abf15a5700479a58fa5899a5' (2024-02-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/b05b56d24858cfbc2064bda18d00a242bed5ddfb' (2024-02-12)
→ 'github:nixos/nixpkgs/40a7b182e0a00245d69f6b8c1dfd3ea4bfc6257c' (2024-02-13)
```
2024-02-13 12:54:00 +00:00
Colin
83cb29aeeb
xdg-utils: re-add `mimetype` package
2024-02-13 12:31:04 +00:00
Colin
34b148f6cc
modules/programs: allow specifying perlPackages members as programs, as i do with python3Packages, etc
2024-02-13 12:31:04 +00:00
Colin
44c2f8bcc0
cross: xdg-utils: build xdg-screensaver, and simplify a bit
2024-02-13 12:31:04 +00:00
Colin
9c18aa2765
cross: fix xdg-utils
2024-02-13 12:31:04 +00:00
Colin
4458a74e4c
nixpkgs: 2024-02-09 -> 2024-02-12; sops-nix -> 2024-02-12
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/b38903da74d4fa07bd7045e89bb31e6d4cc13548' (2024-02-09)
→ 'github:nixos/nixpkgs/f176844192a0b4ab719dffd91fcf356fc24ccbff' (2024-02-12)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/410b90f31644cc71ffc145261d76a351012aac66' (2024-02-09)
→ 'github:nixos/nixpkgs/b05b56d24858cfbc2064bda18d00a242bed5ddfb' (2024-02-12)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/2168851d58595431ee11ebfc3a49d60d318b7312' (2024-02-08)
→ 'github:Mic92/sops-nix/695275c349bb27f91b2b06cb742510899c887b81' (2024-02-12)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/bc6cb3d59b7aab88e967264254f8c1aa4c0284e9' (2024-02-08)
→ 'github:NixOS/nixpkgs/d8cd80616c8800feec0cab64331d7c3d5a1a6d98' (2024-02-10)
```
2024-02-13 12:31:04 +00:00
Colin
1a18ed533b
programs: don't include dbus in the sandbox by default
2024-02-13 11:58:33 +00:00
Colin
18eec98cae
programs: brightnessctl: switch to landlock
2024-02-13 11:58:33 +00:00
Colin
82c386a6a4
programs: tor-browser-bundle-bin -> tor-browser
...
they're the same (aliased), only my programs API expects 'tor-browser' specifically
2024-02-13 11:58:33 +00:00
Colin
634dc318cd
programs: spotify: remove old/unused firejail config
2024-02-13 11:15:30 +00:00
Colin
6eaaeeb91a
programs: remove audio from the sandbox by default
2024-02-13 11:14:38 +00:00
Colin
94be4a7551
programs: wob: fix service definition (Exec -> ExecStart)
2024-02-13 11:03:18 +00:00
Colin
b4a20da78a
programs: brightnessctl: sandbox
2024-02-13 10:55:44 +00:00
Colin
bb68506839
modules/programs: add separate "user" v.s. "system" options for whitelistDbus
2024-02-13 10:55:10 +00:00
Colin
77e2af0ed9
programs: krita: enable sandbox
2024-02-13 10:36:42 +00:00
Colin
126f3e4922
programs: sandboxing: restrict /run/user dir to just dbus/pipewire/pulse/wayland, by default
2024-02-13 10:28:30 +00:00
Colin
73afceb8c6
modules/programs: sandbox: add `whitelistWayland` option
2024-02-13 10:24:35 +00:00
Colin
371af5939e
programs: mpv: tighten the /run/user portion of the sandbox
2024-02-12 15:24:07 +00:00
Colin
27fd81ad80
modules/programs: add new options for whitelisting audio/dbus
2024-02-12 15:23:35 +00:00
Colin
d82b4b0f62
modules/programs: sane-sandboxed: reorder the --sane-sandbox-profile-dir arg so it takes precedence
2024-02-12 14:56:48 +00:00
Colin
7b28023e08
modules/programs: re-introduce the "withEmbeddedSandboxer" passthru attr
2024-02-12 14:27:48 +00:00
Colin
2b9db897a1
implement `sane.defaultUser` attr
2024-02-12 14:27:32 +00:00
Colin
6124cb9b36
modules/programs: sane-sandboxed: search for profiles in XDG_DATA_DIRS, not NIX_PROFILES
2024-02-12 13:16:48 +00:00
Colin
b0394d877d
modules/programs: rename allowedRootPaths -> allowedPaths
...
now that allowedHomePaths doesn't exist
2024-02-12 13:00:10 +00:00
Colin
14d8230821
modules/programs: sane-sandboxed: remove --sane-sandbox-home-path argument and plumbing
...
no longer needed, and mixing this with root paths is liable to cause troubles at this point, around symlink dereferencing/canonicalization/etc
2024-02-12 12:57:54 +00:00
Colin
e94e338040
programs: handbrake: remove unneeded Pictures/servo-macros from sandbox
2024-02-12 12:54:41 +00:00
Colin
354ce378f6
programs: assorted: convert /mnt/servo "extraPaths" into "extraHomePaths" where possible
2024-02-12 12:54:16 +00:00
Colin
a90b5b53db
modules/programs: sandboxing: dereference symlinks and also include those in the sandbox
2024-02-12 12:48:02 +00:00
Colin
eee3e138ff
modules/programs: sandboxing: allow specifying individual /run/user/$uid paths to expose to the sandbox
2024-02-12 12:18:59 +00:00
Colin
f61cd17e99
modules/programs: sandboxing: specialize profiles per-user by expanding $HOME
2024-02-12 12:08:58 +00:00
Colin
3e0b0a0f02
modules/programs: make-sandboxed: lift profile creation logic out to the toplevel
2024-02-12 11:52:33 +00:00
Colin
2ee34e9af3
modules/profiles: remove sandbox.embedProfile option
...
with upcoming refactors, this setting would force a different package to be installed per user, which doesn't mesh with the existing sane.programs infra
2024-02-12 11:35:59 +00:00
Colin
f9a998eb92
programs: koreader: remove "sandbox.embedProfile = true"
...
i guess this was set while i was debugging
2024-02-12 11:33:55 +00:00
Colin
7c05d221d6
modules/programs: split "make-sandbox-profile" out of "make-sandboxed"
2024-02-12 11:20:40 +00:00
Colin
93012664e5
modules/programs: simplify how sandbox profiles make it into system packages
2024-02-12 10:52:44 +00:00
Colin
c424f7ac3b
sane-sandboxed: load all profiles, not just the first one we find
...
this allows some amount of overriding, or splitting profiles between system and user dirs
2024-02-12 10:40:15 +00:00
Colin
088b6f1b9a
sane-sandboxed: load profiles via $NIX_PROFILES env var
2024-02-12 10:37:26 +00:00
Colin
96575acf3a
programs: sane-sandboxed: move parseArgsExtra to outer scope; improve docs
2024-02-12 10:28:14 +00:00
Colin
1e05119adc
mpv: fix loading of album art within sandbox
2024-02-12 08:59:46 +00:00
Colin
e81df0ac86
modules/programs: enforce that user services don't accidentally override PATH
2024-02-12 08:44:55 +00:00
Colin
b19492ba23
programs: mpv: add .config/mpv to sandbox paths
2024-02-12 08:26:51 +00:00
Colin
8b26fa1303
programs: wob: split the script into an actual package
2024-02-12 08:26:51 +00:00
Colin
c0883dc777
sway: refactor: store sway-portals.conf in the user dir instead of system-wide
...
it's a user service, so prefer to configure it via user/home conf dirs
2024-02-12 07:13:39 +00:00
Colin
6b3a71aadf
programs: xdg-desktop-portal: dont show app chooser for apps which are the default association
2024-02-12 07:12:04 +00:00
Colin
8d0d20757e
gui: fold xdg-desktop-portal.nix back into sway config
2024-02-12 01:38:05 +00:00
Colin
66ca822ac1
remove xdg-desktop-portal-gtk service; xdg-desktop-portal knows how to start that itself
2024-02-12 01:33:34 +00:00
Colin
db7a414030
xdg-desktop-portal(s): dont install globally
2024-02-12 01:16:17 +00:00
Colin
87050a0500
feeds: add "FullTimeNix" podcast :)
2024-02-12 00:09:49 +00:00
Colin
bf53e3628a
xdg-utils: cleanup
2024-02-11 23:57:50 +00:00
Colin
d35f938806
mime.nix: fix cross build
2024-02-11 23:44:55 +00:00
Colin
d719eb0f11
programs: gPodder: enable Videos/gPodder in sandbox
2024-02-11 23:37:16 +00:00
Colin
0861edd7f9
modules/programs: remove ~/.config/mimeo from sandbox defaults
2024-02-11 23:35:27 +00:00
Colin
b6bf8720c9
modules/programs: implement --sane-sandbox-portal flag for apps which want to use the portal to open other apps
2024-02-11 23:32:24 +00:00
Colin
0fbc10fce3
mime: store mime associations in ~/.local/share/applications instead of /run/current-system/sw/share/applications to facilitate sandboxing
2024-02-11 23:31:43 +00:00
Colin
772f1070e7
xdg-desktop-portal: configure myself, to unblock future portal-related work
2024-02-11 23:29:07 +00:00
Colin
50c6e406bc
programs: disable zecwallet-lite
2024-02-09 20:23:56 +00:00
Colin
41020b2c0d
nixpkgs: 2024-02-08 -> 2024-02-09
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/74098fff8838394e2cdf78012bbc7f5bf835197e' (2024-02-08)
→ 'github:nixos/nixpkgs/b38903da74d4fa07bd7045e89bb31e6d4cc13548' (2024-02-09)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/075bf9cffe5b04d39874747239022de9aec5cdcd' (2024-02-08)
→ 'github:nixos/nixpkgs/410b90f31644cc71ffc145261d76a351012aac66' (2024-02-09)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/23f61b897c00b66855074db471ba016e0cda20dd' (2024-02-04)
→ 'github:Mic92/sops-nix/2168851d58595431ee11ebfc3a49d60d318b7312' (2024-02-08)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/9a333eaa80901efe01df07eade2c16d183761fa3' (2024-01-22)
→ 'github:NixOS/nixpkgs/bc6cb3d59b7aab88e967264254f8c1aa4c0284e9' (2024-02-08)
```
2024-02-09 10:39:27 +00:00
Colin
590a239f7d
programs: gpodder: sandbox with bwrap
...
which we can do, now that xdg-open works correctly within sandboxes
2024-02-09 10:31:42 +00:00
Colin
bcbc57f5ef
programs: get xdg-open to work from within sandboxes
...
note that implementation may have a quirk that applications launched via the portal cannot themselves "xdg-open" through the portal, because of the environment variable manipulation.
not sure how best to address that.
2024-02-09 10:27:30 +00:00
Colin
0d3adcdc5c
modules: users: have user services inherit PATH from environment rather than forcibly overwriting it
2024-02-09 09:50:26 +00:00
Colin
d19907a38d
sway: enable OpenURI interface in xdg-desktop-portal
2024-02-09 05:57:02 +00:00
Colin
9ac0e0e4fc
modules/programs: put things in a pid namespace by default
2024-02-08 23:36:59 +00:00
Colin
c9af5bf9b4
programs: sandboxing: enable net isolation for most sandboxed programs
2024-02-08 21:51:32 +00:00
Colin
bc85169e3d
programs: sandboxer: allow disable net access
2024-02-08 21:07:34 +00:00
Colin
7b9b3344a0
nixpkgs: 2024-02-07 -> 2024-02-08
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/966fd30804ad0e400fa3502e9f848bfad63b1852' (2024-02-07)
→ 'github:nixos/nixpkgs/74098fff8838394e2cdf78012bbc7f5bf835197e' (2024-02-08)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/be4596f17b30403478c629b27d87fd914a2b9f8a' (2024-02-07)
→ 'github:nixos/nixpkgs/075bf9cffe5b04d39874747239022de9aec5cdcd' (2024-02-08)
```
2024-02-08 11:09:25 +00:00
Colin
f6ca6210f9
feeds: link to podcastindex.org
2024-02-07 21:47:19 +00:00
Colin
19cfc86d1a
nixpkgs: 2024-02-06 -> 2024-02-07
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/952bd699447d82d69f4b15d994d5dc232e7addfb' (2024-02-06)
→ 'github:nixos/nixpkgs/966fd30804ad0e400fa3502e9f848bfad63b1852' (2024-02-07)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8ad5408ea36be34ae262b04c8e913a95f8248fc7' (2024-02-06)
→ 'github:nixos/nixpkgs/be4596f17b30403478c629b27d87fd914a2b9f8a' (2024-02-07)
```
2024-02-07 09:45:02 +00:00
Colin
227d159c66
sway: map Super+Shift+PageUp/Down to next/prev track
2024-02-06 23:52:53 +00:00
Colin
a6becb8c42
sway: add Super+space to toggle media
2024-02-06 23:22:24 +00:00
Colin
2a5398beb3
sway: simplify brightness_up_cmd
...
sxmo just uses brightnessctl internally, plus a call to 'notify'
i don't really need the notification, and if i did i could implement wob support on both desktop and mobile
2024-02-06 23:10:01 +00:00
Colin
0f12ed68f7
sway: simplify config templating
2024-02-06 23:04:44 +00:00
Colin
0c050d1953
programs: fuzzel: fix overly-aggressive sandboxing
2024-02-06 20:10:29 +00:00
Colin
2fc1fe7510
modules/programs: make-sandboxed: fix that /share/* was being linked into top-level /; better way to enforce sandboxing of /share entries
2024-02-06 19:55:55 +00:00
Colin
8d705af7a0
nixpkgs: 2024-02-04 -> 2024-02-06
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/259981b0af5c285bb3cc7146de1da1b5af92236d' (2024-02-04)
→ 'github:nixos/nixpkgs/952bd699447d82d69f4b15d994d5dc232e7addfb' (2024-02-06)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/2be0b5db83fbea4a838f753994e8ebd35af91968' (2024-02-04)
→ 'github:nixos/nixpkgs/8ad5408ea36be34ae262b04c8e913a95f8248fc7' (2024-02-06)
```
2024-02-06 06:18:59 +00:00
Colin
e91ec2c35e
todo.md: task to consolidate ~/dev and ~/ref
2024-02-06 06:08:06 +00:00
Colin
5fbf66fb15
programs: loupe: sandbox with bwrap
2024-02-06 06:05:32 +00:00
Colin
97d50629e9
programs: handbrake: sandbox with landlock
2024-02-06 05:48:54 +00:00
Colin
5f8699fcef
rearrange /mnt structure for host-based subdirs
...
e.g. /mnt/servo/media, /mnt/desko/home, etc
2024-02-06 05:48:11 +00:00
Colin
7ce957c3af
gtk: set GSK_RENDERER=cairo to fix a bug somewhere in moby's render stack
2024-02-06 05:02:02 +00:00
Colin
d7612d5034
modules/programs: make-sandboxed: avoid deep-copying all of /share when sandboxing
...
saves like 1 GiB of closure. but i haven't thoroughly tested this
2024-02-06 05:02:02 +00:00
Colin
5ff7bf0c69
programs: fuzzel: sandbox
2024-02-06 02:34:46 +00:00
Colin
2495200b67
tidy: programs: wget: remove warning about the sandbox being untested
2024-02-06 01:34:40 +00:00
Colin
4c499629f5
programs: vvvvvv: sandbox with bwrap
2024-02-06 01:34:04 +00:00
Colin
7b9f54dd54
programs: superTux: sandbox with bwrap
2024-02-06 01:16:36 +00:00
Colin
bda932c3df
programs: supertuxkart: sandbox with bwrap
2024-02-06 01:10:39 +00:00
Colin
3f96f4af82
sway: refer to fewer programs in the config by absolute path
...
this aids in sandboxing and swapping stuff in/out at runtime
2024-02-05 23:40:18 +00:00
Colin
1c4e2f97fe
swaylock: mark sandboxing as unsupported
2024-02-05 23:36:35 +00:00
Colin
594a729968
feeds: remove balaji
2024-02-05 22:48:09 +00:00
Colin
5c8bb55cec
todo.md: better sandboxing around /mnt/servo-media
2024-02-05 22:33:42 +00:00
Colin
6eb2a3d67f
programs: handbrake: sandbox with bwrap
2024-02-05 22:28:15 +00:00
Colin
ddc41bc9d8
programs: pavucontrol/pwvucontrol: sandbox with bwrap
2024-02-05 22:15:48 +00:00
Colin
7d833ebf76
programs: kdenlive: sandbox with bwrap
2024-02-05 22:07:37 +00:00
Colin
bfc0eadfaa
programs: hitori: sandbox with bwrap
2024-02-05 21:52:57 +00:00
Colin
ff1cbcc16b
programs: gnome-clocks,gnome-calendar: sandbox with bwrap
2024-02-05 21:46:27 +00:00
Colin
fd81e35c31
todo.md: package blurble game!
2024-02-05 21:46:09 +00:00
Colin
9a8d8a20bd
programs: frozen-bubble: persist data and sandbox with bwrap
2024-02-05 21:32:58 +00:00
Colin
cd1d22e7b9
programs: gnome-calculator: sandbox with bwrap
2024-02-05 20:58:38 +00:00
Colin
2c0e93826d
programs: gimp: sandbox with bwrap
2024-02-05 20:53:05 +00:00
Colin
cab346f3ad
programs: delfin: sandbox with bwrap
2024-02-05 20:44:47 +00:00
Colin
568a72f6a4
gpodder-configured: remove unused derivation inputs
2024-02-05 20:22:27 +00:00
Colin
a2decaff9c
programs: bemenu: sandbox with landlock
2024-02-05 18:41:52 +00:00
Colin
23411ed973
todo.md: make dconf stuff less monolithic
2024-02-05 18:33:03 +00:00
Colin
8ef9f7a485
epiphany: persist dconf settings; reduce sandboxer errors
2024-02-05 18:31:38 +00:00
Colin
12846732b9
programs: blanket: sandbox with bwrap
2024-02-05 18:26:21 +00:00
Colin
e84079e84c
programs: firefox: allow sandbox access to ~/dev
2024-02-05 18:17:49 +00:00
Colin
45ffd9246d
programs: brave: sandbox with bwrap
2024-02-05 18:17:28 +00:00
Colin
ed3935318d
feeds: subscribe to non-paywalled Matt Levine
2024-02-05 16:41:38 +00:00
Colin
8052f62796
programs: sane-wipe browser: also clear epiphany artifacts
2024-02-05 16:31:19 +00:00
Colin
413903d03c
make-sandboxed: also embed profiles for the withEmbeddedSandboxer passthru pkg
2024-02-05 08:26:40 +00:00
Colin
6d1eae2200
programs: gnome-2048: sandbox with bwrap
2024-02-05 08:26:06 +00:00
Colin
4d51c34ad2
programs: allow `sane.strictSandboxing = "warn"`
2024-02-05 05:28:02 +00:00
Colin
bc50a8c489
nixpkgs: 2024-02-03 -> 2024-02-04; sops-nix -> 2024-02-04
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/94db8d8c016a54feeaaf2643e2ce42bf4cc29286' (2024-02-03)
→ 'github:nixos/nixpkgs/259981b0af5c285bb3cc7146de1da1b5af92236d' (2024-02-04)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/79a13f1437e149dc7be2d1290c74d378dad60814' (2024-02-03)
→ 'github:nixos/nixpkgs/2be0b5db83fbea4a838f753994e8ebd35af91968' (2024-02-04)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/73bf36912e31a6b21af6e0f39218e067283c67ef' (2024-01-28)
→ 'github:Mic92/sops-nix/23f61b897c00b66855074db471ba016e0cda20dd' (2024-02-04)
```
2024-02-04 22:55:03 +00:00
Colin
ee8e33b795
koreader: remove dead patching code
...
it still builds (in 3:00 minutes), huh
2024-02-04 22:08:12 +00:00
Colin
8afb6406a1
koreader: remove dead code/build inputs
2024-02-04 22:02:03 +00:00
Colin
7ac1ee66ad
koreader: use nixpkgs' luasocket and luasec
2024-02-04 21:30:30 +00:00
Colin
8a47eb92ed
koreader: use nixpkgs' lua-rapidjson
2024-02-04 21:30:30 +00:00
Colin
b87934d5f8
koreader: use nixpkgs lpeg and remove vendor-external-projects.patch
2024-02-04 20:37:10 +00:00
Colin
293eab8225
koreader: use modern openssl
2024-02-04 20:05:02 +00:00
Colin
abdbb83e10
koreader: replace vendored dependencies with their nixpkgs equivalents much more effectively
...
the old method was still causing everything to be re-compiled within koreader, rather than linking against the nix store.
decreases build time to about 3m on a desktop
2024-02-04 19:39:32 +00:00
Colin
4a96fa233a
koreader: 2023.10 -> 2024.01
2024-02-04 02:51:27 +00:00
Colin
4bd73ddca3
koreader-from-src: build even more from source
2024-02-03 23:58:41 +00:00
Colin
dc74bca06a
programs: vim: add private/knowledge to sandbox
2024-02-03 23:53:53 +00:00
Colin
42523b75a8
programs: gdb: disable sandboxing
2024-02-03 23:53:34 +00:00
Colin
79736a4a0a
koreader-from-src: tidy
2024-02-03 16:30:03 +00:00
Colin
111946eb1d
programs: vim, imagemagick: fix sandboxing to consider uncreated files
2024-02-03 14:07:53 +00:00
Colin
09f3bfc944
flake: make "nix run .#deploy" deploy to all hosts
2024-02-03 02:55:13 +00:00
Colin
b8fc75ebd6
nixpkgs: 2024-02-02 -> 2024-02-03
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/1bfd22b6448ac4d407510bd37fe16d87a9dcb41b' (2024-02-02)
→ 'github:nixos/nixpkgs/94db8d8c016a54feeaaf2643e2ce42bf4cc29286' (2024-02-03)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/eef63ea04722d812a09a5974ed18c9761088a6e1' (2024-02-02)
→ 'github:nixos/nixpkgs/79a13f1437e149dc7be2d1290c74d378dad60814' (2024-02-03)
```
2024-02-03 02:15:09 +00:00
Colin
8de015f098
flake: preDeploy: fix host/addr mixup
2024-02-03 02:15:05 +00:00
Colin
6da85f6d8f
flake: add a preDeploy target
2024-02-03 02:04:41 +00:00
Colin
2dc6da476b
flake: deploy app: remove the last call to nixos-rebuild
2024-02-03 01:42:54 +00:00
Colin
453f40d0a8
flake: sync photos from moby with "nix run .#sync.moby"
2024-02-03 00:54:04 +00:00
Colin
14b20fd9c2
programs: komikku: fix sandboxing
2024-02-03 00:52:17 +00:00
Colin
2df1b20f02
programs: epiphany: simplify the sandboxing
2024-02-03 00:44:23 +00:00
Colin
56e7e9a7cc
remove unused "default.nix.cmp" file
...
should have never been checked in
2024-02-03 00:18:33 +00:00
Colin
2f9fad503c
programs: fix sandboxing errors for programs which create files (notably: ffmpeg)
2024-02-03 00:17:54 +00:00
Colin
3439ca34b8
sane-sandboxed: add more autodetect options, and a "withEmbeddedSandboxer" package output (for dev)
2024-02-03 00:17:24 +00:00
Colin
24e6e6cacc
firefox-extensions.sidebery: downgrade 5.1.1 -> 5.0.0
...
release format is inconsistent; would need to build from-source to reliably use the latest version(s)
2024-02-02 23:26:14 +00:00
Colin
0ee9f2026c
sane-sandboxed: hopefully fix a problem with path normalization for paths with spaces
2024-02-02 22:56:43 +00:00
Colin
5e3c2636db
programs: make-sandboxed: handle packages which use relative links in bin (like spotify)
2024-02-02 22:38:36 +00:00
Colin
cd0a046776
dovecot: remove dead code
2024-02-02 20:47:55 +00:00
Colin
27edee0bbf
dovecot2: fix sieves
2024-02-02 20:47:20 +00:00
Colin
56734fe5da
mpv: add /dev/dri to the sandbox
2024-02-02 19:18:30 +00:00
Colin
832a572d56
firefox-extensions: bump to latest
2024-02-02 19:17:04 +00:00
Colin
3c96f6d418
programs: koreader: enable DRI in the sandbox, and use wrappedDerivation
2024-02-02 17:22:57 +00:00
Colin
86b23e8183
programs: fractal: enable DRI in sandbox
2024-02-02 17:19:35 +00:00
Colin
2bb9115f35
modules/programs: sandboxing: add "whitelistDri" option for gfx-intensive apps
2024-02-02 17:18:51 +00:00
Colin
065d045640
fix so sway inherits program env vars
2024-02-02 15:36:06 +00:00
Colin
d3eaa69261
lappy/desko: auto-start signal-desktop
2024-02-02 14:22:08 +00:00
Colin
6151eee8d5
programs (assorted): fix wantedBy = "default.target" to be more specific
...
now GUI apps aren't stuck in a restart loop until sway starts
in particular, signal-desktop can actually be autostarted
2024-02-02 14:21:57 +00:00
Colin
483a1d1780
sway: signal on launch to systemd that the graphical-session.target is ready
...
this allows auto-launching of other services which require a compositor (i.e. messaging apps)
2024-02-02 14:20:30 +00:00
Colin
567c7993b6
modules/programs: sandbox: allow mimeo config in any sandbox
2024-02-02 12:52:36 +00:00
Colin
f6eeab5650
nixpkgs: 2024-02-01 -> 2024-02-02
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/06002f375e1d20f1481abcb696a50f232202e7ac' (2024-02-01)
→ 'github:nixos/nixpkgs/1bfd22b6448ac4d407510bd37fe16d87a9dcb41b' (2024-02-02)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/fbba9b8f0b6364928f60ef1b97e686b569cdb64e' (2024-02-01)
→ 'github:nixos/nixpkgs/eef63ea04722d812a09a5974ed18c9761088a6e1' (2024-02-02)
```
2024-02-02 01:07:32 +00:00
Colin
2824671bde
tune nix deploy parameters (specifically for moby)
...
this is experimental; hard to understand immediately how significant are the effects
2024-02-02 00:50:25 +00:00
Colin
efcaef2c35
lappy/desko/servo: downgrade kernel 6.7 -> 6.6 (latest supported by zfs)
2024-02-01 16:21:46 +00:00
Colin
25707eb79e
servo: address deprecation warning: dovecot2.sieveScripts -> sieve.scripts
2024-02-01 15:47:56 +00:00
Colin
18679cd8c3
fix deprecation warnings: overrideScope' -> overrideScope
2024-02-01 15:44:46 +00:00
Colin
09923b60ea
moby: disable desko as nixcache
2024-02-01 15:41:43 +00:00
Colin
3100189172
purge supercap
...
i no longer have access to dispatch build jobs to it :((((
2024-02-01 15:36:37 +00:00
Colin
715ac42f13
remove samba from closure
...
current samba hangs during configurePhase. this is not the first time samba has failed to build. nor the third. purge it.
2024-02-01 15:28:40 +00:00
Colin
a9810e7343
re-ship linux 6.7 to lappy/desko/servo
...
now that landlock-sandboxer builds against the correct linux headers,
this can actually work.
2024-02-01 13:54:44 +00:00
Colin
4f352c5725
landlock-sandboxer: build against headers which match the sandboxer source
2024-02-01 13:53:39 +00:00
Colin
17f35a3619
linux-megous: 6.6.0 -> 6.7.2
2024-02-01 12:51:53 +00:00
Colin
89d4f3eec3
nixpkgs: 2024-01-29 -> 2024-02-01
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/aa476d3e0de89aeb67950a1bc76b4fd576c24505' (2024-01-29)
→ 'github:nixos/nixpkgs/06002f375e1d20f1481abcb696a50f232202e7ac' (2024-02-01)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a31b9bd76009c73a2f932fbdaa7145ac4a79544f' (2024-01-29)
→ 'github:nixos/nixpkgs/fbba9b8f0b6364928f60ef1b97e686b569cdb64e' (2024-02-01)
```
2024-02-01 11:32:36 +00:00
Colin
44419d71a5
lemmy-lemonade: init at 2023.10.29
2024-02-01 11:32:07 +00:00
Colin
02e597a862
fractal-nixified: 5 -> 6
2024-02-01 10:57:01 +00:00
Colin
00f995aec9
fixup landlock-sandboxer to work well for all systems
...
downgrade lappy/desko/servo back to default linux; zfs doesn't support latest
build landlock-sandboxer against the specific kernel being deployed; it's less noisy that way
2024-01-31 21:19:10 +00:00
Colin
368eb2c29b
programs: git: whitelist more repo roots
2024-01-31 21:17:48 +00:00
Colin
5f793523d1
ship linux 6.7 to lappy/desko/servo
2024-01-31 20:33:15 +00:00
Colin
33bee7ac2e
unl0kr: be a little more robust against bad password entry
2024-01-31 20:32:26 +00:00
Colin
84af8aca3c
unl0kr: remove debugging code
2024-01-31 20:10:57 +00:00
Colin
a0f00313a7
moby: disable signal-desktop autostart
2024-01-31 20:09:03 +00:00
Colin
6603115192
moby: disable getty auto-login
...
i think this interacts badly with unl0kr style logins, though
honestly kinda hard to tell if that was a fluke or real.
2024-01-31 19:47:24 +00:00
Colin
ac968e1589
sxmo: allow the option to disable greeter entirely
2024-01-31 19:46:37 +00:00
Colin
2d4fc4f274
landlock-sandboxer: build against latest compatible linux
2024-01-31 17:45:46 +00:00
Colin
1d72e13a98
sxmo: launch via unl0kr by default
2024-01-31 17:40:36 +00:00
Colin
d9667653e7
docs: sway: point out that one can launch sway directly from a TTY
2024-01-31 16:29:27 +00:00
Colin
8c6bf07102
todo.md: sync
2024-01-31 16:28:56 +00:00
Colin
634520a1e9
unl0kr: fix cross compilation
2024-01-31 16:23:55 +00:00
Colin
13be5a1731
unl0kr: fix LOGIN_TIMEOUT to be infinite
2024-01-31 15:43:30 +00:00
Colin
30288cd67f
user: add CAP_NET_ADMIN,CAP_NET_RAW even outside of systemd session
...
in fact, *only* outside of systemd session because they broke ambient caps in 255
2024-01-31 15:42:43 +00:00
Colin
87e2509af4
doc: cozy: mention that upstream has merged the patch i apply
2024-01-31 15:36:54 +00:00
Colin
8736ca478b
programs: firefox: allow access to servo image-macros
2024-01-31 15:36:09 +00:00
Colin
cb3960fb21
programs: git: fix access to ~/private/knowledge
2024-01-31 15:35:21 +00:00
Colin
6e24a1ff28
programs: re-enable sops
2024-01-31 15:30:15 +00:00
Colin
91eae95b32
modules.gui.gnome: fix build
2024-01-31 15:29:49 +00:00
Colin
f5c88853ee
sway: replace "greetd" with "unl0kr"-based login process
2024-01-31 15:20:27 +00:00
Colin
0009e5ca4c
programs: sandboxing: use wrapperType="wrappedDerivation" where applicable
2024-01-29 15:21:16 +00:00
Colin
0403d5c03e
nixpkgs: 2024-01-28 -> 2024-01-29
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/a86d1125195505d4ea8997b12507b9c623511256' (2024-01-28)
→ 'github:nixos/nixpkgs/aa476d3e0de89aeb67950a1bc76b4fd576c24505' (2024-01-29)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/f58fe0f36dbbef39b3f5ec8542a02dece7c9559b' (2024-01-28)
→ 'github:nixos/nixpkgs/a31b9bd76009c73a2f932fbdaa7145ac4a79544f' (2024-01-29)
```
2024-01-29 13:49:54 +00:00
Colin
db6ba61429
programs: sandbox more apps with wrapperType=wrappedDerivation
2024-01-29 13:45:57 +00:00
Colin
881d2f79ed
modules/programs: add "unchecked" passthru to aid debugging
2024-01-29 13:36:01 +00:00
Colin
47abdfb831
modules/programs: patch dbus-1 files to use sandboxed binaries
2024-01-29 13:09:43 +00:00
Colin
3831c6f087
TODO: fold
2024-01-29 13:07:44 +00:00
Colin
d3f7a036ce
ripgrep: move options out of assorted.nix into its own file
2024-01-29 12:57:56 +00:00
Colin
0454abacd9
komikku: sandbox
2024-01-29 12:56:08 +00:00
Colin
4f8d476ebf
modules/programs: patch old /nix/store paths in .desktop files
2024-01-29 12:56:08 +00:00
Colin
1cb2c5225f
programs: use wrapperType=wrappedDerivation where possible
2024-01-29 12:07:04 +00:00
Colin
7af970f38c
modules/programs: extend wrapperType="wrappedDerivation" to handle common share/ items
2024-01-29 11:59:38 +00:00
Colin
6f86e61a00
firefox: fix build
...
zip was giving some complaints... i'm not sure why, i think it still works
2024-01-29 09:57:35 +00:00
Colin
3ea3776281
nixpkgs: 2024-01-27 -> 2024-01-28
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/ef4dd61b7d53af44b060473308c50fa3b34d5681' (2024-01-27)
→ 'github:nixos/nixpkgs/a86d1125195505d4ea8997b12507b9c623511256' (2024-01-28)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c002c6aa977ad22c60398daaa9be52f2203d0006' (2024-01-27)
→ 'github:nixos/nixpkgs/f58fe0f36dbbef39b3f5ec8542a02dece7c9559b' (2024-01-28)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/4606d9b1595e42ffd9b75b9e69667708c70b1d68' (2024-01-24)
→ 'github:Mic92/sops-nix/73bf36912e31a6b21af6e0f39218e067283c67ef' (2024-01-28)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)
→ 'github:NixOS/nixpkgs/9a333eaa80901efe01df07eade2c16d183761fa3' (2024-01-22)
```
2024-01-29 09:57:35 +00:00
Colin
a7eb8dd6fa
nixpkgs: 2024-01-22 -> 2024-01-27
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/dceddd03df4f840ea28c65887c199495793fb322' (2024-01-22)
→ 'github:nixos/nixpkgs/ef4dd61b7d53af44b060473308c50fa3b34d5681' (2024-01-27)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8cccce637e19577815de54c5ecc3132dff965aee' (2024-01-22)
→ 'github:nixos/nixpkgs/c002c6aa977ad22c60398daaa9be52f2203d0006' (2024-01-27)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/ae171b54e76ced88d506245249609f8c87305752' (2024-01-21)
→ 'github:Mic92/sops-nix/4606d9b1595e42ffd9b75b9e69667708c70b1d68' (2024-01-24)
```
this breaks sway login for lappy. not obvious why.
2024-01-29 09:57:35 +00:00
Colin
c1a1f51ca2
git: fix git-upload-pack (used on the remote when doing git pull)
2024-01-29 09:57:27 +00:00
Colin
32824cfade
modules/programs: sandbox in a manner that's more compatible with link-heavy apps like busybox, git, etc
2024-01-29 09:56:30 +00:00
Colin
51fc61b211
sane-sandboxed: cleanup
2024-01-29 09:14:43 +00:00
Colin
7b9795ea3d
modules/programs: implement `embedWrapper` option
2024-01-29 09:13:49 +00:00
Colin
5f3e481fe4
sane-sandboxed: refactor and avoid passing duplicate/subpaths into the sandbox
2024-01-29 07:15:02 +00:00
Colin
86219d7006
sane-sandboxed: simplify: consolidate homePaths and rootPaths into just "paths"
2024-01-29 05:43:10 +00:00
Colin
381da74e6c
users: enable pam_cap for "login" program
2024-01-28 17:55:19 +00:00
Colin
24c70c3683
feeds: switch acoup.blog to the database type feed
...
at some point my feed script became capable of understanding his RSS :)
2024-01-28 12:37:38 +00:00
Colin
bfec531fa2
sandbox a bunch more apps
2024-01-28 11:43:05 +00:00
Colin
de11edffa5
programs/assorted: remove more unused programs
2024-01-28 11:34:33 +00:00
Colin
294f167df0
sane-sandboxed: fix CLI escaping with capsh
2024-01-28 11:11:07 +00:00
Colin
e536e3c718
programs/assorted.nix: remove unused tree-sitter package
2024-01-28 11:03:09 +00:00
Colin
17d14dbac2
programs/assorted.nix: uninstall some programs i don't frequently use
2024-01-28 10:40:57 +00:00
Colin
94981ef335
vim: sandbox
2024-01-28 10:39:08 +00:00
Colin
3cd244be76
git: sandbox with bwrap
2024-01-28 10:36:19 +00:00
Colin
f100595257
modules/programs: properly forward autodetectCliPaths to the sandboxer
2024-01-28 10:31:07 +00:00
Colin
e84da827c2
sane-sandboxed: fix typo in add-pwd flag
2024-01-28 09:17:12 +00:00
Colin
42f9fa029d
modules/programs: fix that whitelistPwd wasnt passed into the sandbox profile
2024-01-28 09:04:27 +00:00
Colin
40fee97b06
modules/programs: make-sandboxed: disallowReferences to the fake sane-sandboxed used during checkPhase
2024-01-28 08:58:13 +00:00
Colin
3cc8292d8b
modules/programs: make-sandboxed: support packages with checkPhase by bypassing the sandbox
2024-01-28 07:45:08 +00:00
Colin
9261d30a34
modules/programs: reformatting
2024-01-28 05:58:08 +00:00
Colin
3eb3a8db5a
modules/programs: add a `whitelistPwd` option to grant the program access to the directory it was called from
2024-01-28 05:57:30 +00:00
Colin
97129268f0
modules/programs: sandbox: add "capshonly" as a valid sandbox.method
2024-01-28 05:57:11 +00:00
Colin
fa39a965ca
TODO: investigate sane.programs as a contributor to nixos-rebuild times
2024-01-28 05:55:32 +00:00
Colin
7da979503b
bubblewrap: explicitly disable sandboxing
2024-01-27 17:20:40 +00:00
Colin
3b32c26026
zsh: explicitly disable sandboxing
2024-01-27 17:20:24 +00:00
Colin
cad25306e7
alacritty: explicitly disable sandbox
2024-01-27 17:20:11 +00:00
Colin
4d7414c941
programs: introduce and use "autodetectCliPaths" nix config
2024-01-27 17:19:48 +00:00
Colin
b29b8bdec7
wireshark: specify capabilities via sandbox.capabilities config
2024-01-27 17:12:40 +00:00
Colin
a7d081bfcb
modules/programs: add a sane.strictSandboxing option
2024-01-27 17:11:07 +00:00
Colin
5ca208d07f
modules/programs: sandbox: add enable flag and capabilities structured config
2024-01-27 17:08:27 +00:00
Colin
6c605944c5
pkgs: firefox-extensions: update to latest
2024-01-27 15:50:47 +00:00
Colin
02b6e17449
nicotine-plus: disable
...
now i have no firejail programs; no more setuid wrapper in /run/wrappers :)
2024-01-27 15:37:43 +00:00
Colin
770db96ec6
go2tv: sandbox with bwrap
2024-01-27 15:31:08 +00:00
Colin
ff356fdd49
playerctl: sandbox with bwrap
2024-01-27 15:18:56 +00:00
Colin
eec89e2cc1
librewolf: sandbox with bwrap
2024-01-27 15:16:53 +00:00
Colin
d69d8f64f3
tor-browser: sandbox with bwrap; remove useHardenedMalloc patch
2024-01-27 15:04:22 +00:00
Colin
4ee2562202
programs: tidy: prefer "sandbox.extraHomePaths" over "fs" for external deps
2024-01-27 14:54:17 +00:00
Colin
08b1ece56e
programs: gnome-weather: sandbox with bwrap
2024-01-27 14:53:38 +00:00
Colin
26b978dcf2
modules/programs: sandbox: fix "inline" -> "inplace" typo
2024-01-27 14:42:25 +00:00
Colin
b22c2e094c
koreader: sandbox with bwrap
2024-01-27 14:39:22 +00:00
Colin
b40775f97c
koreader-from-src: document FTP configuration
2024-01-27 14:39:02 +00:00
Colin
a27a72646c
koreader-from-src: fix non-cross build
2024-01-27 14:38:52 +00:00
Colin
100ddad40e
wike: link to issue about state directory
2024-01-27 14:27:02 +00:00
Colin
d8b6d419b6
modules/programs: sandboxing: add `wrapperType = "wrappedDerivation"` to wrap without rebuilding the whole package
2024-01-27 14:26:41 +00:00
Colin
1bde38bf72
cozy: sandbox with bwrap
2024-01-27 13:11:22 +00:00
Colin
a06c81643c
sane-sandboxed: don't error if ~ files aren't available to be bound
2024-01-27 12:48:58 +00:00
Colin
15fd7bf4a5
sane-sandboxed: implement a "capshonly" backend
2024-01-27 12:39:36 +00:00
Colin
0a25ef544f
wike: sandbox with bwrap
2024-01-27 12:29:58 +00:00
Colin
a6b824d3c4
modules/programs/sandbox: add an "embedProfile" option to source sandbox settings from the package instead of the system
2024-01-27 12:23:25 +00:00
Colin
79ee47bada
firefox: get away with linking slightly less into the sandbox
2024-01-27 11:41:18 +00:00
Colin
be06e61bfb
programs: geary: fix sandboxing
...
this is an UGLY one. geary itself uses bwrap, and that fails if it's sandboxed AT ALL in landlock (i.e. even with just / landlocked as RW).
maybe this has to do with what landlock-sandboxer considers 'read/write' to be, and there's actually more file ops i need to enable on /
2024-01-27 11:28:08 +00:00
Colin
3b4884fcf1
sane-sandbox: fix secret binding
2024-01-27 11:26:10 +00:00
Colin
4319dc58eb
programs: landlock: restrict the capabilities of sandboxed processes
2024-01-27 09:49:51 +00:00
Colin
3122434908
programs: add an option to configure extra home paths to make accessible in the sandbox
2024-01-27 09:11:32 +00:00
Colin
dae7785ee2
wireshark: remove dead code
2024-01-27 09:04:08 +00:00
Colin
d54f8b1e93
programs: fix so environment variables make it onto user sessions
2024-01-27 09:02:55 +00:00
Colin
27f3b2bd76
firefox: allow ~/tmp and ~/Pictures access
2024-01-27 06:00:46 +00:00
Colin
b417f60769
sane-sandboxed: try binding /proc/self in landlock. still doesnt work well
2024-01-27 05:59:40 +00:00
Colin
df2d5b6d01
sane-sandboxed: fixup /dev/std* for wireshark
2024-01-27 05:12:43 +00:00
Colin
3e6278fa21
wireshark: sandbox with landlock instead of firejail
...
and remove the SUID wrapper, yay!
2024-01-27 04:44:21 +00:00
Colin
a66b257644
sane-sandboxed: better support for landlock and SANE_SANDBOX_PREPEND/APPEND
2024-01-27 04:43:42 +00:00
Colin
ef66d2ec72
sane-sandboxed: add support for landlock backend
2024-01-27 03:39:26 +00:00
Colin
e21dbd507d
landlock-sandboxer: init
2024-01-26 16:52:33 +00:00
Colin
64878bee67
sane-sandboxed: add SANE_SANDBOX_PREPEND, SANE_SANDBOX_APPEND env vars
2024-01-26 09:14:18 +00:00
Colin
557a080ffc
TODO.md: try landlocked for sandboxing, instead of bubblewrap
2024-01-26 09:13:46 +00:00
Colin
8ecb17ed3e
programs: enable libcap_ng/netcap
2024-01-26 09:13:20 +00:00
Colin
c4874c85b1
bubblewrap: debugging
2024-01-26 09:13:00 +00:00
Colin
563a75e9b2
users: launch entire systemd --user namespace with cap_net_admin, cap_net_raw
...
this should make sandboxing wireshark *much* easier, and same with things which require net namespaces, in the future
2024-01-25 15:05:35 +00:00
Colin
7f002b8718
programs: sane-sandboxed: implement --sane-sandbox-cap for capabilities setting
2024-01-24 06:34:11 +00:00
Colin
79e2bd2913
epiphany: sandbox with bwrap
...
this is the first app which *requires* DRI/DRM to function correctly. maybe this effects anything webkitgtk (like wike)?
2024-01-24 06:25:20 +00:00
Colin
95161b55cd
spot: sandbox with bwrap
2024-01-24 05:47:04 +00:00
Colin
d91759068c
element-desktop: sandbox with bwrap
2024-01-24 05:37:46 +00:00
Colin
c23c496066
programs: tuba: sandbox with bwrap
...
it complains "Fontconfig error: No writable cache directories"
seeeeeveral times. not sure if that's new or not. no obvious
consequences.
2024-01-24 05:34:10 +00:00
Colin
824630f7d1
programs: sandboxing: document /dev/dri a bit more
2024-01-24 05:28:27 +00:00
Colin
f8e8d23857
vlc: sandbox with bwrap instead of firejail
2024-01-24 05:19:20 +00:00
Colin
8484bb7978
docs: mime: document how to show the nix mime associations
2024-01-24 05:00:35 +00:00
Colin
57105c6861
sane-sandboxed: autodetect: handle file:/// URIs
2024-01-24 05:00:08 +00:00
Colin
3758044e7b
sane-sandboxed: better handle "--"
2024-01-24 04:59:24 +00:00
Colin
bfaf098c31
sane-sandboxed: fix handling of `--` (which previously smushed arguments)
2024-01-24 02:52:01 +00:00
Colin
0e99b296bc
animatch: remove the (unused) .config directory
2024-01-24 02:18:58 +00:00
Colin
089f86d5e4
programs: make /usr/bin/env available in the sandbox
...
enables KOReader to run
2024-01-24 01:48:02 +00:00
Colin
d0e1241bd1
animatch: fix to run on wayland w/o Xwayland, and enable bwrap sandbox
2024-01-24 01:43:33 +00:00
Colin
c1a0a08b76
gtkcord4: sandbox with bwrap
2024-01-24 00:12:12 +00:00
Colin
e8748ce0a0
servo: lemmy: pict-rs: port the media-enable-full-video -> media-video-allow-audio CLI flag
2024-01-23 17:12:13 +00:00
Colin
7cf9b342cc
gpodder: fixup GPODDER_DOWNLOAD_DIR to be more friendly to sandboxing
2024-01-23 16:44:47 +00:00
Colin
8739851f48
evince: port sandbox from firejail to bwrap
2024-01-23 16:44:13 +00:00
Colin
d945b43f6b
signal-desktop: switch sandbox from firejail -> bwrap
2024-01-23 16:42:48 +00:00
Colin
fcc3ea1e39
todo: update containerization tasks
2024-01-23 16:41:06 +00:00
Colin
7722acecee
sway: obtain deps via "config.sane.programs", so that i get the sandboxed version of e.g. splatmoji
2024-01-23 16:32:42 +00:00
Colin
bdd70f8fa2
sane-sandboxed: ignore the executable path when autodetecting media
2024-01-23 16:32:06 +00:00
Colin
571a0a9d06
gui: disable unused abaddon app
2024-01-23 16:30:06 +00:00
Colin
ccf4f66dd9
programs: dialect: sandbox with bubblewrap
2024-01-23 16:23:14 +00:00
Colin
b38e5403a5
splatmoji: sandbox
2024-01-23 16:01:27 +00:00
Colin
09af041745
g4music: ensure it can access the Music dir in its sandbox
2024-01-23 16:00:21 +00:00
Colin
cb5131746f
programs: audacity: sandbox with bubblewrap
2024-01-23 15:59:50 +00:00
Colin
2fbd0f8ee1
nixpatches: apply bonsai refactor PR
2024-01-23 15:50:32 +00:00
Colin
bfd5630e21
programs: sandbox: omit media dirs by default, and implement --sane-sandbox-autodetect for programs which are liable to load data from paths
2024-01-23 15:48:12 +00:00
Colin
026f5dee4d
programs: g4music: sandbox with bwrap
2024-01-23 15:06:45 +00:00
Colin
b59be8338a
firefox: fix up sandboxing of ssh/sops
2024-01-23 14:57:57 +00:00
Colin
ab4bbc2224
programs: remove explicit firejail installation; let sane.programs decide when to install it sys-wide
2024-01-23 14:57:33 +00:00
Colin
156fcd1bf2
aerc: enable bwrap sandbox
2024-01-23 14:57:33 +00:00
Colin
576d2c32f0
programs: support secrets even when sandboxed
2024-01-23 14:57:33 +00:00
Colin
bb63a594ab
conky: fixup needed paths for bwrap
2024-01-23 14:57:33 +00:00
Colin
25739ec2ba
programs: sane-sandboxed: avoid reading firejail profiles when the backend isnt firejail
...
this should provide a marginal perf gain
2024-01-23 14:57:33 +00:00
Colin
f148334b58
programs: port extraFirejailConfig to extraConfig
2024-01-23 14:57:33 +00:00
Colin
da537ea8ea
fractal: switch from firejail -> bwrap
2024-01-23 14:13:09 +00:00
Colin
18d224dc34
dino: switch from firejail to bwrap
2024-01-23 14:12:52 +00:00
Colin
3a6ee8708e
programs: sane-sandboxed: dont error if network mountpoints are offline
2024-01-23 13:13:31 +00:00
Colin
983bf93d8f
programs: sane-sandboxed: make the profile handle arguments with spaces
2024-01-23 12:47:25 +00:00
Colin
40cc8f5d1c
programs: sane-sandboxed: make more debuggable
2024-01-23 12:27:23 +00:00
Colin
cce03a5dc8
programs: sandbox: use --dev-bind-try for root paths; fixes mpv on moby
2024-01-23 12:18:32 +00:00
Colin
38fd171713
spotify: sandbox with bwrap instead of firejail
2024-01-23 12:12:56 +00:00
Colin
84c78d9256
conky: sandbox with bwrap instead of firejail
2024-01-23 12:11:22 +00:00
Colin
973203d85e
programs: mpv: sandbox with bwrap instead of firejail
2024-01-23 11:37:37 +00:00
Colin
f9174dd2aa
programs: firefox: sandbox with bwrap instead of firejail
2024-01-23 11:37:19 +00:00
Colin
98dfc3aa5a
programs: sandbox: allow all programs to access media
...
hopefully this is just a stopgap
2024-01-23 11:36:58 +00:00
Colin
27b56b1a12
programs: sane-sandbox: implement a cleaner debugshell and test API
2024-01-23 11:19:52 +00:00
Colin
6e9220d2bb
programs: allow programs to specify "sandbox.method = "bwrap"" for bubblewrap sandboxing
2024-01-23 10:44:13 +00:00
Colin
0ddcfcaa23
sane-sandboxed: retrieve profiles from /share/sane-sandboxed/profiles so they can be customized without mass rebuilds
2024-01-23 08:01:23 +00:00
Colin
a4cb6645b4
programs: indirect firejail access through sane-sandboxed
2024-01-23 04:02:31 +00:00
Colin
2492ed2ca7
programs: introduce a sane-sandboxed helper
...
not yet used, but will be soon
2024-01-23 02:29:33 +00:00
Colin
f49d2a1e0e
programs: split "makeSandboxed" into its own file
2024-01-23 01:23:14 +00:00
Colin
0dc3f4f7f2
modules/programs: move to subdir
...
this will help me factor out helpers
2024-01-23 01:02:04 +00:00
Colin
0bed4d0ada
mpv: disable firejail sandboxing (it fails on moby)
2024-01-23 01:01:21 +00:00
Colin
f3e8af3fdb
doc: libreoffice: mention "still" v.s. "fresh" variants
2024-01-23 01:00:34 +00:00
Colin
af542ec05f
docs: gnome-keyring: point out that system gnome-keyring doesn't inherit my sandboxing
2024-01-23 01:00:06 +00:00
Colin
399a1d2052
steam: use wrapped package as system steam
2024-01-23 00:59:23 +00:00
Colin
bb6e5611d4
docs: conky: point out that un-sandboxed conky is used by sxmo-utils
2024-01-23 00:58:56 +00:00
Colin
d5901afb8e
programs: firejail: specify profile via : (clarifies to firejail that its an identifier and not a path); invoke firejail via name instead of absolute path
2024-01-22 23:58:54 +00:00
Colin
c11f5a1401
wireshark: fix security.wrappers when wireshark is disabled
2024-01-22 23:58:04 +00:00
Colin
5b220f3fec
wireshark: enable firejail isolation
2024-01-22 13:12:10 +00:00
Colin
8bf41ea858
programs: fix missing newline in firejail config concatenation
2024-01-22 13:11:47 +00:00
Colin
df861a3ef0
programs: firejail: inject custom firejail config through /etc/firejail
...
this improves rebuild times, and makes it easier for packages to inject their own free-form config
2024-01-22 11:12:18 +00:00
Colin
d6754b6cac
evince: sandbox with firejail
2024-01-22 10:20:29 +00:00
Colin
b03d7f7fb0
geary: test the firejail profile; it's not ready
2024-01-22 10:04:18 +00:00
Colin
008b186479
audacity: test the firejail profile; it's not ready
2024-01-22 10:04:03 +00:00
Colin
914f9b3703
vlc: sandbox with firejail
2024-01-22 09:47:24 +00:00
Colin
ed7ec4a371
conky: sandbox with firejail
2024-01-22 09:31:00 +00:00
Colin
2d338201a5
signal-desktop: sandbox with firejail
...
TODO: fix URL opening / xdg-open
2024-01-22 09:30:34 +00:00
Colin
a8aad1f98f
dino: sandbox with firejail
...
TODO: fix URL opening / xdg-open
2024-01-22 09:30:13 +00:00
Colin
2d06b93118
fractal: sandbox with firejail
...
TODO: seems this broke link opening? (xdg-open?)
2024-01-22 09:28:50 +00:00
Colin
60547204a8
sane.programs: firejail: support wrapping "runCommand" packages
2024-01-22 09:16:25 +00:00
Colin
3d763a0021
tor-browser-bundle-bin -> tor-browser
...
upstream nixpgs just has tor-browser-bundle-bin as an alias for tor-browser
2024-01-22 08:13:37 +00:00
Colin
ad474873e2
dovecot: fix unparseable config
...
upstream/nixpkgs is doing some shit, ugh
2024-01-22 08:09:37 +00:00
Colin
dd35136ac0
firejail: fix so /run/wrappers are available inside a jail
2024-01-22 07:18:50 +00:00
Colin
cfe6e9c20a
nixpkgs: 2024-01-19 -> 2024-01-22
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/331c78971299375240001d946861951b6cc98176' (2024-01-19)
→ 'github:nixos/nixpkgs/dceddd03df4f840ea28c65887c199495793fb322' (2024-01-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/bbec4099302591a41304d360e3bab805e5ccc0be' (2024-01-19)
→ 'github:nixos/nixpkgs/8cccce637e19577815de54c5ecc3132dff965aee' (2024-01-22)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/87755331580fdf23df7e39b46d63ac88236bf42c' (2024-01-15)
→ 'github:Mic92/sops-nix/ae171b54e76ced88d506245249609f8c87305752' (2024-01-21)
```
2024-01-22 04:05:59 +00:00
Colin
0f3f0933b1
mpv: sandbox with firejail
2024-01-22 03:50:28 +00:00
Colin
f8440e3811
go2tv: allow more ports through the firewall
2024-01-22 03:50:04 +00:00
Colin
829460a076
todo: update firejail/sandboxing tasks
2024-01-22 02:04:32 +00:00
Colin
9ecd0adcbe
firefox: sandbox with firejail
...
TODO: get it so open-in-mpv launches an mpv that has access to ~/.config/mpv
i guess this is the 'firejail url problem'
2024-01-21 23:59:15 +00:00
Colin
ad92a2e158
programs: abort when no firejail profile is found for a program.
...
in the future, i can whitelist specific binaries to omit their firejail
profiles.
2024-01-21 04:32:49 +00:00
Colin
5f5891d241
programs: apply firejail profile to programs which are net isolated
2024-01-21 04:28:48 +00:00
Colin
cf475c4696
nicotine-plus: remove distro-specific symlink
2024-01-21 03:56:33 +00:00
Colin
992194a1f0
programs: achieve network sandboxing without "sane-vpn do"
2024-01-21 03:51:12 +00:00
Colin
bad6a7bfee
programs: implement "default vpn" with native nix code instead of sane-vpn
2024-01-21 01:04:31 +00:00
Colin
66d5e204be
vpn: enforce "id" restrictions
2024-01-21 00:57:46 +00:00
Colin
ce35330923
vpn.nix: factor into a proper module
...
this will allow for better integration with 'sane.programs'
2024-01-21 00:49:34 +00:00
Colin
bdab1aa7e3
firefox-extensions: update to latest
2024-01-20 21:30:15 +00:00
Colin
080c8dbe3d
sane-bt-search: try to install some logging for a sporadic error
2024-01-20 21:19:18 +00:00
Colin
a31fe44624
sane-bt-add: handle https:// URIs which forward to magnet:
2024-01-20 21:18:58 +00:00
Colin
59187a0ec0
programs: allow running binaries in a netns-style firejail
2024-01-20 11:11:12 +00:00
Colin
03fbf42680
servo: lemmy: pict-rs: fix broken CLI argument
2024-01-20 03:15:06 +00:00
Colin
f3b2a98874
firejail: fix cross compilation
2024-01-20 03:14:32 +00:00
Colin
2e9084c9ef
nixpkgs: 2024-01-14 -> 2024-01-19; sops-nix -> 2024-01-15
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/724e39ebb9b8eda97f17d423f66fbc5a991f4f8d' (2024-01-14)
→ 'github:nixos/nixpkgs/331c78971299375240001d946861951b6cc98176' (2024-01-19)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6c08fe3ccf437d8b26bec010fd925ddd6bb0d0d5' (2024-01-14)
→ 'github:nixos/nixpkgs/bbec4099302591a41304d360e3bab805e5ccc0be' (2024-01-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/70dd0d521f7849338e487a219c1a07c429a66d77' (2024-01-14)
→ 'github:Mic92/sops-nix/87755331580fdf23df7e39b46d63ac88236bf42c' (2024-01-15)
```
2024-01-20 03:14:32 +00:00
Colin
0907240fda
sane-vpn: implement the "do" command, to run a program in a netns
2024-01-19 22:55:26 +00:00
Colin
7d670facd4
feeds: sort
2024-01-19 21:38:45 +00:00
Colin
61e5704fd6
feeds: unsub LW
...
too verbose, and too many of y'all turned into authoritarians
2024-01-19 21:38:14 +00:00
Colin
fd0723169f
nix-serve: fix coredump loop
2024-01-19 21:34:45 +00:00
Colin
a725d42bf5
ip_forward: consolidate the options to fix servo build
2024-01-19 21:34:18 +00:00
Colin
c03cea2d4e
net/vpn.nix: cleanup dead code
2024-01-19 09:58:13 +00:00
Colin
f43d6bff92
route VPN traffic such that i can configure any app to selectively use the VPN
...
e.g. firejail --net=br-ovpnd-us-mi --noprofile --dns=46.227.67.134 getent ahostsv4 uninsane.org
2024-01-19 09:54:01 +00:00
Colin
43a8ca90a7
feeds: add Cat and Girl
2024-01-16 19:12:25 +00:00
Colin
dac6046828
firefox-extensions: update to latest
2024-01-16 19:10:32 +00:00
Colin
e2a6ae22dc
sxmo-utils: 2024-12-28 -> 2024-01-01
2024-01-16 19:10:08 +00:00
Colin
f2ee43d1ef
delfin: 0.2.1 -> 0.3.0
2024-01-16 19:09:50 +00:00
Colin
3d80b46570
lemoa: 0.5.0 -> 0.5.1
2024-01-16 19:09:38 +00:00
Colin
e7d383604a
signal-desktop-from-src: 6.42.0 -> 6.44.0
2024-01-16 19:09:25 +00:00
Colin
7d504892be
servo: dovecot: fix broken sieve
2024-01-16 06:28:25 +00:00
Colin
d7a2bf9d26
servo: remove networking.useDHCP=false override
...
seems likely that the change to systemd-networkd renamed the ethernet interface, and so eth0.useDHCP wasn't right. this change seems to restore networking
2024-01-16 06:09:19 +00:00
Colin
d6184a7b6d
sane-vpn: update to be compatible with newer systemd-network vpn implementation
2024-01-16 03:36:37 +00:00
Colin
851c15aa6d
vpn: port ovpnd connections to use systemd-network
...
this should allow better integration with e.g. systemd-run, in future
2024-01-16 03:20:40 +00:00
Colin
c45898f903
WIP: wg-dev
2024-01-15 04:15:17 +00:00
Colin
0efec20904
hosts/common/net/vpn: remove unused "extraOptions" argument
2024-01-15 03:52:31 +00:00
Colin
2f04b563d1
nixpkgs: 2024-01-11 -> 2024-01-14
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/06797d4df4baaa51b229081083a88b92dac3ff7c' (2024-01-11)
→ 'github:nixos/nixpkgs/724e39ebb9b8eda97f17d423f66fbc5a991f4f8d' (2024-01-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/51f399ec47c082d678261883095bb8ad552e6500' (2024-01-11)
→ 'github:nixos/nixpkgs/6c08fe3ccf437d8b26bec010fd925ddd6bb0d0d5' (2024-01-14)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/c0b3a5af90fae3ba95645bbf85d2b64880addd76' (2024-01-10)
→ 'github:Mic92/sops-nix/70dd0d521f7849338e487a219c1a07c429a66d77' (2024-01-14)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/70bdadeb94ffc8806c0570eb5c2695ad29f0e421' (2024-01-03)
→ 'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)
```
2024-01-15 01:32:07 +00:00
Colin
5b9c58dbc6
hosts/common: use servo-style dns on all machines
...
it'll be handy as i want to place individual applications inside VPNs/namespaces
2024-01-15 01:16:22 +00:00
Colin
a7964c4f0c
hosts/common: net: split upnp config into own file
2024-01-15 01:12:09 +00:00
Colin
006a7e9f72
consolidate net-related stuff into hosts/common/net/ directory
2024-01-15 01:11:13 +00:00
Colin
3856710faf
net: annotate the UPNP rule
2024-01-15 01:08:10 +00:00
Colin
6cbc0bedf3
ddns-he (HurricaneElectric): remove
...
it's unused for a year
2024-01-15 00:55:10 +00:00
Colin
fbc0c7615a
ddns-afraid (afraid.org): remove
...
it's unused for a year
2024-01-15 00:54:41 +00:00
Colin
34bcdb5128
firefox: disable kinetic scrolling
2024-01-14 20:34:14 +00:00
Colin
a5c6e41622
feeds: subscribe to POD OF JAKE
2024-01-14 05:20:28 +00:00
Colin
02e03227d8
servo: try to integrate peerswap with clightning, but it fails
2024-01-14 04:33:12 +00:00
Colin
faa0a7c9ea
peerswap: init at unstable-20240111
2024-01-14 02:55:32 +00:00
Colin
812a02bc6b
feeds: add The Dollop podcast
2024-01-14 00:49:29 +00:00
Colin
27898ecdc8
feeds: unsubscribe from Louis Rossman
...
his channel is kinda just the same idea played over and over
2024-01-14 00:36:52 +00:00
Colin
1c2324cca4
servo: clightning-sane: status command: show profits from fees
2024-01-13 16:43:49 +00:00
Colin
70f059eaac
feeds: subscribe to Jack Stauber
2024-01-13 16:43:41 +00:00
Colin
bac72be730
servo: clightning-sane: status command: show in/out payment sums
2024-01-13 15:53:48 +00:00
Colin
99858c1384
servo: clightning-sane: centralize metric reporting, fix so we blacklist our own channels less frequently
2024-01-13 04:47:20 +00:00
Colin
103a300e77
servo: clightning-sane: implement an autobalance subcommand
2024-01-13 03:04:24 +00:00
Colin
6b5cdd7508
servo: clightning-sane: log before we give up
2024-01-13 01:10:52 +00:00
Colin
2f1e354400
servo: clightning-sane: drop caches after so many failures
2024-01-12 23:54:06 +00:00
Colin
585a87130c
servo: clightning-sane: remove unused loop_once_with_retries method
2024-01-12 23:31:30 +00:00
Colin
0e68533776
servo: clightning-sane: introduce parallelism
2024-01-12 23:30:52 +00:00
Colin
882cc5bfd0
servo: clightning-sane: rename Balancer -> LoopRouter
2024-01-12 21:36:20 +00:00
Colin
91847a9a8e
servo: clightning-sane: factor "loop" action into own subroutine
2024-01-12 21:28:20 +00:00
Colin
5c649ff216
servo: clightning-sane: include peer_id in status --full
2024-01-12 20:56:00 +00:00
Colin
abdd224211
servo: clightning-sane: increase CLTV 9->18
2024-01-12 20:55:32 +00:00
Colin
0c72c59190
servo: clightning-sane: handle closed channels in status listing
2024-01-12 20:28:57 +00:00
Colin
432170a69e
servo: clightning-sane: rename ppm in/out to theirs/mine
2024-01-12 19:31:39 +00:00
Colin
805b37a9a5
servo: clightning-sane: add a --full option for more info
2024-01-12 19:24:50 +00:00
Colin
87a0bda011
servo: clightning-sane: perform rebalance operation in a loop
2024-01-12 19:17:07 +00:00
Colin
5d2c6e1978
servo: clightning-sane: mark channels which cant be rebalanced freely
2024-01-12 18:43:58 +00:00
Colin
abafbd811b
servo: clightning-sane: minor bugfixes
2024-01-12 18:30:49 +00:00
Colin
aca50d9946
servo: clightning-sane: add a "status" subcommand
2024-01-12 17:42:44 +00:00
Colin
bd4f4dab81
servo: clightning-sane: factor out a subcommands interface
2024-01-12 15:42:12 +00:00
Colin
aebd11ea82
alacritty: port config: yaml to toml
2024-01-12 03:24:55 +00:00
Colin
fa6906fdf9
cross: fix appstream/eyed3 failures from nixpkgs update
2024-01-12 03:24:55 +00:00
Colin
cec21375a5
servo: disable mautrix-signal
2024-01-12 03:24:55 +00:00
Colin
0428f64afa
nixpkgs: 2024-01-10 -> 2024-01-11
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/2f9e98ccf3283a34ce9301c7ee4ca18d219d829d' (2024-01-10)
→ 'github:nixos/nixpkgs/06797d4df4baaa51b229081083a88b92dac3ff7c' (2024-01-11)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/32afa5e024e45885dacadf1c8ad65e9ebc51a901' (2024-01-10)
→ 'github:nixos/nixpkgs/51f399ec47c082d678261883095bb8ad552e6500' (2024-01-11)
```
2024-01-12 03:24:55 +00:00
Colin
e0864edefc
nixpkgs: 2024-01-10 -> 2024-01-10
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0231e3ccf485b7b110f0e0e55be6a711cb0093fb' (2024-01-10)
→ 'github:nixos/nixpkgs/2f9e98ccf3283a34ce9301c7ee4ca18d219d829d' (2024-01-10)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a962df01db9bff000df83733bf6d7ef60a855057' (2024-01-10)
→ 'github:nixos/nixpkgs/32afa5e024e45885dacadf1c8ad65e9ebc51a901' (2024-01-10)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/0ded57412079011f1210c2fcc10e112427d4c0e6' (2024-01-08)
→ 'github:Mic92/sops-nix/c0b3a5af90fae3ba95645bbf85d2b64880addd76' (2024-01-10)
```
2024-01-12 03:24:55 +00:00
Colin
7460fd283c
nixpkgs: 2024-01-09 -> 2024-01-10
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/fcff3d7883a38ef71832899085ba365658c96867' (2024-01-09)
→ 'github:nixos/nixpkgs/0231e3ccf485b7b110f0e0e55be6a711cb0093fb' (2024-01-10)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/519c93eda20a7c361e6159d853bf33b1e6236141' (2024-01-09)
→ 'github:nixos/nixpkgs/a962df01db9bff000df83733bf6d7ef60a855057' (2024-01-10)
```
2024-01-12 03:24:55 +00:00
Colin
7a7dee1630
nixpkgs: 2023-12-29 -> 2024-01-09; sops-nix; uninsane-dot-org
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f50aae4fb10dd51bd6ffcce0eb96d02b608a9595' (2023-12-29)
→ 'github:nixos/nixpkgs/fcff3d7883a38ef71832899085ba365658c96867' (2024-01-09)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/04df6aa7bad237aeeb69f603e1f4ec1a2c28a4da' (2023-12-29)
→ 'github:nixos/nixpkgs/519c93eda20a7c361e6159d853bf33b1e6236141' (2024-01-09)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/e523e89763ff45f0a6cf15bcb1092636b1da9ed3' (2023-12-24)
→ 'github:Mic92/sops-nix/0ded57412079011f1210c2fcc10e112427d4c0e6' (2024-01-08)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/7790e078f8979a9fcd543f9a47427eeaba38f268' (2023-12-23)
→ 'github:NixOS/nixpkgs/70bdadeb94ffc8806c0570eb5c2695ad29f0e421' (2024-01-03)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=b21e6899490f25fa450fb9e3efa0c8774bcee0d3 ' (2023-12-31)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=4a1fa488e64e6c87c6c951e3fafb2684692f64d3 ' (2024-01-01)
```
2024-01-12 03:24:55 +00:00
Colin
913403aac6
servo: clightning-sane: tidy
2024-01-12 01:25:56 +00:00
Colin
432a66bf5f
servo: clightning: initialize a script for rebalancing with peers
2024-01-11 23:11:33 +00:00
Colin
e2a43ddfa0
servo: clightning: allow group members to run lightning-cli
2024-01-11 15:59:32 +00:00
Colin
b2ba204ca1
nixpatches: update hashes (?)
2024-01-11 15:58:44 +00:00
Colin
892b045342
pyln-client: init at 23.11.2
2024-01-11 00:38:08 +00:00
Colin
8644e6705a
servo: decrease ZFS cache size
2024-01-11 00:20:52 +00:00
Colin
3f60206eef
servo: clightning: tune config
2024-01-10 23:40:17 +00:00
Colin
568ead4bd7
servo: lightning: tune config
2024-01-10 21:01:36 +00:00
Colin
14241d54c9
flake: fix packages output to eval (even though its dumb and i just use hostPkgs.<machine>.<xyz>)
2024-01-10 11:48:20 +00:00
Colin
e4d75c5f38
servo: clightning: disable features which are incompatible with lnd
2024-01-10 11:18:54 +00:00
Colin
c42dda1bab
servo: clightning: document more parts of the config
2024-01-09 16:19:48 +00:00
Colin
3295ae3b74
servo: clightning: update config
2024-01-09 16:13:08 +00:00
Colin
e63438bedf
feeds: disable The Linux Experience
2024-01-09 00:45:18 +00:00
Colin
25422da9ba
servo: tune clightning config
2024-01-09 00:42:37 +00:00
Colin
37583d8c9c
clightning: tune fees, logging
2024-01-06 18:08:51 +00:00
Colin
62b3863722
servo: clightning: enable experimental features
2024-01-06 09:13:17 +00:00
Colin
b11f03bd18
servo: clightning: docs
2024-01-05 22:09:32 +00:00
Colin
63620fa058
servo: clightning: node personalization and docs
2024-01-04 21:55:13 +00:00
Colin
cecb114810
clightning: harden
2024-01-04 18:47:40 +00:00
Colin
4ce93f74c6
wob: add debug logging
2024-01-04 17:07:47 +00:00
Colin
09b806d7a7
go2tv: document youtube workarounds
2024-01-04 16:26:25 +00:00
Colin
2f31100c3f
servo: ship go2tv
2024-01-04 16:25:50 +00:00
Colin
ca3f97ec51
docs: go2tv: elaborate seeking limitations
2024-01-04 16:25:49 +00:00
Colin
7378d6c5b2
bitcoind: host behind tor
2024-01-04 16:25:49 +00:00
Colin
276de5d662
tor: fix /var/lib/tor directory permissions
2024-01-04 16:25:49 +00:00
Colin
6f449cf35f
clightning: document some places to find nodes for channels
2024-01-04 16:25:49 +00:00
Colin
daf046861c
wob: implement as part of sway instead of exclusive to sxmo
2024-01-04 13:08:20 +00:00
Colin
43498c62f9
clightning: integrate with tor
2024-01-03 18:29:16 +00:00
Colin
22f5853741
firefox: remove unused functions
2024-01-03 14:59:59 +00:00
Colin
fe217f6667
firefox: disable ctrl+shift+c shortcut more broadly
2024-01-03 14:59:27 +00:00
Colin
41ae86f40f
servo: enable clightning
2024-01-03 13:56:42 +00:00
Colin
6d52c8ecf8
servo: split tor/i2p into own files
2024-01-03 13:56:14 +00:00
Colin
75b649543a
firefox: enable ctrl-shift-c-should-copy extension
2024-01-03 13:42:58 +00:00
Colin
1261a6f452
firefox-extensions.ctrl-shift-c-should-copy: init at unstable-2023-03-04
2024-01-03 13:33:32 +00:00
Colin
041855dbc7
zsh: fix broken <del> and <ctrl>+<arrow> keybindings
2024-01-03 13:07:29 +00:00
Colin
3e52956a3a
servo: clightning: integrate, but do not enable
2024-01-02 18:32:34 +00:00
Colin
d8f4158bc6
servo: consolidate blockchains under cryptocurrencies directory
2024-01-02 18:16:58 +00:00
Colin
36638e80a3
bitcoin: add myself as an authenticated rpcuser
2024-01-02 18:11:46 +00:00
Colin
28d0a72c62
define (but dont activate) a clighting bitcoin service
2024-01-02 14:29:52 +00:00
Colin
6471524f4a
programs: zecwallet-lite: move to own file
2024-01-01 15:17:51 +00:00
Colin
61b2b8f2cd
nixpatches: cleanup
2024-01-01 14:46:37 +00:00
Colin
02aae4bb8b
conky: start upstreaming it
2024-01-01 14:38:08 +00:00
Colin
3efecb9560
sxmo_hook_block_suspend: re-introduce exponential backoff
2024-01-01 13:03:26 +00:00
Colin
8d0707699c
mpv/vlc: associate with flv video type
2024-01-01 11:48:18 +00:00
Colin
318774a2a0
sxmo_suspend: fix that "sxmo_jobs periodic_blink" would hang post-wakeup
2024-01-01 11:48:03 +00:00
Colin
b14e997a43
sxmo: remove sxmo_hook_screenoff.sh override
...
generally, i can get away with the defaults and patch my alternative into sxmo_suspend.sh more reliably/simply
2024-01-01 10:33:24 +00:00
Colin
b949438be5
sxmo_suspend.sh: stop, and resume, the sxmo LED blinking
...
then later i can remove the custom screenoff hook
2024-01-01 10:01:48 +00:00
Colin
6ee9e8e405
sxmo_hook_screenoff: decrease the blink frequency even more
...
if i was smarter i'd just disable the periodic blinking right before entering sleep
2024-01-01 07:24:08 +00:00
Colin
09ee8e6efc
sxmo_hook_block_suspend: forward only to the next script, not all next scripts
2024-01-01 07:01:09 +00:00
Colin
49527edaa9
sxmo_suspend.sh: fix rtcwake to use sudo
2024-01-01 06:38:43 +00:00
Colin
92d193ffe3
sxmo_hook_block_suspend: fix recursion counter
2024-01-01 06:19:30 +00:00
Colin
4805510073
sxmo-utils: ship with gojq
2024-01-01 06:15:31 +00:00
Colin
6fe195e2dd
sxmo: block suspend if go2tv is active
2024-01-01 04:56:39 +00:00
Colin
c54df8d9c4
hare-ev: 2023-10-31 -> 2023-12-04
2024-01-01 03:56:45 +00:00
Colin
6d8b6c61a2
feeds: sort
2024-01-01 03:56:25 +00:00
Colin
822653ec10
feeds: vitalik.ca -> vitalik.eth.limo
2024-01-01 03:48:06 +00:00
Colin
68502ca944
feeds: add webcurious.co.uk link aggregator
2024-01-01 03:46:52 +00:00
Colin
103d11a87c
net: fix broken firewall/ipset setup
2023-12-31 14:25:36 +00:00
Colin
0028c41bdc
uninsane-dot-org: update
2023-12-31 12:22:23 +00:00
Colin
a4fe002607
sway: always render KOReader titlebar
2023-12-30 11:57:33 +00:00
Colin
b54ab9391b
sxmo-utils: add Notejot app
2023-12-30 11:41:36 +00:00
Colin
0c7612c83f
sxmo-utils: 2023-12-17 -> 2023-12-28
...
this should fix spurious screenoff -> unlock transitions (thanks Aren!)
2023-12-30 11:31:36 +00:00
Colin
f9361af41c
go2tv: remove firewall fix and allow SSDP at the iptables layer
2023-12-30 06:16:17 +00:00
Colin
3cd3ebed51
nixpkgs -> latest
2023-12-30 05:34:23 +00:00
Colin
4ad209020a
disable chatty (doesnt cross compile)
2023-12-30 05:34:02 +00:00
Colin
556327740b
nixpkgs: 2023-12-26 -> 2023-12-29
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/0db7618e46243d3710ff2b8040aca5f6e0102900' (2023-12-26)
→ 'github:nixos/nixpkgs/bd7fd36fe22e0de1162f1623f1736517c1506164' (2023-12-29)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/d956588517edbcde71781bd8ac3a9947a9fc55a6' (2023-12-26)
→ 'github:nixos/nixpkgs/f46c267fc63f01c75fa9f6d9fb8345e6a1ed0063' (2023-12-29)
```
2023-12-29 15:52:32 +00:00
Colin
b0ddb1b31c
conky: use the same percent symbol even in battery_estimate
2023-12-28 17:43:34 +00:00
Colin
70ee98736a
conky/battery_estimate: handle the static state better
2023-12-28 17:35:33 +00:00
Colin
5de06cef35
conky: fix text substitutions
2023-12-28 17:07:29 +00:00
Colin
4f3706622c
conky/battery_estimate: render stylized
2023-12-28 03:05:27 +00:00
Colin
104e76de47
conky/battery_estimate: render h/m indicators as superscript
2023-12-28 01:53:43 +00:00
Colin
1df99978bb
conky/battery_estimte: select icon based on battery percentage
2023-12-28 01:11:51 +00:00
Colin
3846322f12
conky/battery_estimate: support new-style Thinkpad batteries
2023-12-28 00:41:23 +00:00
Colin
623b2c6611
conky/battery_estimate: add debugging
2023-12-28 00:35:48 +00:00
Colin
cb4d73f959
nixpkgs: 2023-12-23 -> 2023-12-26
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/2125288b9266cde9e3333a6787525bc151918742' (2023-12-23)
→ 'github:nixos/nixpkgs/0db7618e46243d3710ff2b8040aca5f6e0102900' (2023-12-26)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/d8aba6fe4067abdd8b1a7f398f2b90f21c608530' (2023-12-23)
→ 'github:nixos/nixpkgs/d956588517edbcde71781bd8ac3a9947a9fc55a6' (2023-12-26)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/f7db64b88dabc95e4f7bee20455f418e7ab805d4' (2023-12-18)
→ 'github:Mic92/sops-nix/e523e89763ff45f0a6cf15bcb1092636b1da9ed3' (2023-12-24)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/a19a71d1ee93226fd71984359552affbc1cd3dc3' (2023-12-17)
→ 'github:NixOS/nixpkgs/7790e078f8979a9fcd543f9a47427eeaba38f268' (2023-12-23)
```
2023-12-27 00:34:48 +00:00
Colin
58febf51bd
remove most useDHCP=false settings
...
networking.useDHCP was deprecated, and then later undeprecated: it's safe to keep it defaulted
2023-12-24 02:17:06 +00:00
Colin
b254379fb1
firefox-extensions: update to latest
2023-12-23 21:31:13 +00:00
Colin
835d933719
nixpkgs: 2023-12-22 -> 2023-12-23
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/21e572254ecbbb9d55be98841b279d21ee5754b6' (2023-12-22)
→ 'github:nixos/nixpkgs/2125288b9266cde9e3333a6787525bc151918742' (2023-12-23)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/66bda599f409f9834c6fd6abc602e452a5c16b61' (2023-12-22)
→ 'github:nixos/nixpkgs/d8aba6fe4067abdd8b1a7f398f2b90f21c608530' (2023-12-23)
```
2023-12-23 21:18:25 +00:00
Colin
31130d90bc
nixpatches: fix broken hash
2023-12-23 12:44:17 +00:00
Colin
237c493252
slskd: fix Restart option
2023-12-23 10:23:17 +00:00
Colin
18e7acd9e7
slskd: restart even on non-failure exit
2023-12-23 05:39:22 +00:00
Colin
906026e333
nixpkgs: 2023-12-21 -> 2023-12-22
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/63fbe1a992e6030fbf444ac9d6b629ec76ab86ad' (2023-12-21)
→ 'github:nixos/nixpkgs/21e572254ecbbb9d55be98841b279d21ee5754b6' (2023-12-22)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/490828bce1b0cdfe328adc7f6280a519d7e68ed4' (2023-12-21)
→ 'github:nixos/nixpkgs/66bda599f409f9834c6fd6abc602e452a5c16b61' (2023-12-22)
```
2023-12-22 19:07:32 +00:00
Colin
9e24fba5ee
document that loupe is an image viewer
2023-12-21 22:58:23 +00:00
Colin
12edd60969
nixpkgs: bump 2023-12-21
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/459873d8d6492b492ca7f9b03d5a50117099abfa' (2023-12-21)
→ 'github:nixos/nixpkgs/63fbe1a992e6030fbf444ac9d6b629ec76ab86ad' (2023-12-21)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/38bbf09b10659db891af01288bd99a5e8e8d7861' (2023-12-21)
→ 'github:nixos/nixpkgs/490828bce1b0cdfe328adc7f6280a519d7e68ed4' (2023-12-21)
```
2023-12-21 20:03:06 +00:00
Colin
0f429caaca
nixpkgs: 2023-12-20 -> 2023-12-21
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/7749fa1e8c5e2f6a003fd4d3a2ed52924c4a7217' (2023-12-20)
→ 'github:nixos/nixpkgs/459873d8d6492b492ca7f9b03d5a50117099abfa' (2023-12-21)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/9ee63abe2cbeea5bf15f319a0a5aaf0919fe22e8' (2023-12-20)
→ 'github:nixos/nixpkgs/38bbf09b10659db891af01288bd99a5e8e8d7861' (2023-12-21)
```
2023-12-21 18:41:55 +00:00
Colin
940f1140a3
disable webkit for erlang
2023-12-21 05:22:45 +00:00
Colin
dbb6773634
audacity: disable first-run splashscreen
2023-12-21 04:08:05 +00:00
Colin
245a0544bc
audacity: ship w/o the webkitgtk dependency
2023-12-21 03:10:38 +00:00
Colin
cbd65f0816
argyllcms: build without qemu
2023-12-21 01:44:36 +00:00
Colin
f8ea711f6a
cross compilation: remove dead code
2023-12-21 00:20:42 +00:00
Colin
ace94cf4d6
cross: use newer jbig2dec fix; send dconf upstream
2023-12-20 22:32:07 +00:00
Colin
829fde4336
bonsai: grab from upstream PR
2023-12-20 09:24:41 +00:00
Colin
ba8774d6e5
hare-ev: remove (upstreamed)
2023-12-20 09:21:11 +00:00
Colin
7597853cda
nixpkgs: 2023-12-19 -> 2023-12-20
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/7467ab39493e17abc28c7f66179feb0a69a3dbd4' (2023-12-19)
→ 'github:nixos/nixpkgs/7749fa1e8c5e2f6a003fd4d3a2ed52924c4a7217' (2023-12-20)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/63dd8e1d2e81aaecb7de9b70ca143a607b19a3b9' (2023-12-19)
→ 'github:nixos/nixpkgs/9ee63abe2cbeea5bf15f319a0a5aaf0919fe22e8' (2023-12-20)
```
2023-12-20 09:08:42 +00:00
Colin
21077c0e34
cross: document rustPlatform cross compilation woes
2023-12-20 08:00:40 +00:00
Colin
b6a45656af
gui: add planify app
2023-12-19 22:31:14 +00:00
Colin
33d2f0895f
signal-desktop-from-src: 6.40.0 -> 6.42.0
2023-12-19 20:53:33 +00:00
Colin
5cd92279b7
firefox-extensions: update to latest
2023-12-19 19:40:24 +00:00
Colin
4085f60018
firefox-extensions.bypass-paywalls-clean: 3.4.6.0 -> 3.4.7.0
2023-12-19 19:40:08 +00:00
Colin
3faee78717
docs: cross: update upstreaming status
2023-12-19 19:39:38 +00:00
Colin
e96e07ac21
lemoa: todo: fold
2023-12-19 19:39:11 +00:00
Colin
0c34aec8ec
lemoa: 0.4.0 -> 0.5.0
2023-12-19 18:08:16 +00:00
Colin
9d04037bec
hare-ev: remove unnecessary rec
2023-12-19 17:44:04 +00:00
Colin
6af44bfd86
delfin: add an updateScript
2023-12-19 17:43:07 +00:00
Colin
5ceefa4d6d
nixpkgs: 2023-12-18 -> 2023-12-19; uninsane-dot-org -> 2023-12-18
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/ab47e6046f991dc98641ffbd9f881afcd304cfca' (2023-12-18)
→ 'github:nixos/nixpkgs/7467ab39493e17abc28c7f66179feb0a69a3dbd4' (2023-12-19)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/f61b7ce80fcc95be72c5c4fea19fba928072af8b' (2023-12-18)
→ 'github:nixos/nixpkgs/63dd8e1d2e81aaecb7de9b70ca143a607b19a3b9' (2023-12-19)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/21f2b8f123a1601fef3cf6bbbdf5171257290a77' (2023-12-17)
→ 'github:Mic92/sops-nix/f7db64b88dabc95e4f7bee20455f418e7ab805d4' (2023-12-18)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=ee722a13732b8d03bae56be8147333d144a02126 ' (2023-12-10)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=41354f754107376f5c9265eae89d07275f0305de ' (2023-12-18)
• Removed input 'uninsane-dot-org/flake-utils'
• Removed input 'uninsane-dot-org/flake-utils/systems'
```
2023-12-19 16:44:22 +00:00
Colin
f618925190
gui: ship openscad
2023-12-19 08:04:20 +00:00
Colin
68ae723543
nixos-prebuild: disable
2023-12-19 01:58:59 +00:00
Colin
e4123759f5
nginx: only auto-index /share
2023-12-19 00:12:27 +00:00
Colin
5e727a83b3
slskd: disable debug logging
2023-12-18 18:09:58 +00:00
Colin
dc288d9aa7
sane_ssdp: reduce verbosity
2023-12-18 18:00:12 +00:00
Colin
8d49c423ca
transmission: disable debug logging
2023-12-18 17:58:04 +00:00
Colin
c056564c9c
nixpkgs: 2023-12-17 -> 2023-12-18
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/ec02adf37f19c5dcd891ebf9f175ebb1c4fba80a' (2023-12-17)
→ 'github:nixos/nixpkgs/ab47e6046f991dc98641ffbd9f881afcd304cfca' (2023-12-18)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/91a00709aebb3602f172a0bf47ba1ef013e34835' (2023-12-17)
→ 'github:nixos/nixpkgs/f61b7ce80fcc95be72c5c4fea19fba928072af8b' (2023-12-18)
```
2023-12-18 16:39:25 +00:00
Colin
efb2815fa5
uninsane.org: simplify the /share routing (and generalize it to other subdirectories)
2023-12-18 06:03:49 +00:00
Colin
577d149728
sxmo-utils: 2023-12-09 -> 2023-12-17
2023-12-18 00:05:14 +00:00
Colin
45c2bfaaeb
nixpkgs: 2023-12-16 -> 2023-12-17
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/029c707186e2b00f9e98f590b9a019320ccc21d7' (2023-12-16)
→ 'github:nixos/nixpkgs/ec02adf37f19c5dcd891ebf9f175ebb1c4fba80a' (2023-12-17)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/ceb8e4efd95627c0a86f106ba2afcd207ad5c6b3' (2023-12-16)
→ 'github:nixos/nixpkgs/91a00709aebb3602f172a0bf47ba1ef013e34835' (2023-12-17)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/d806e546f96c88cd9f7d91c1c19ebc99ba6277d9' (2023-12-10)
→ 'github:Mic92/sops-nix/21f2b8f123a1601fef3cf6bbbdf5171257290a77' (2023-12-17)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/b8f33c044e51de6dde3ad80a9676945e0e4e3227' (2023-12-09)
→ 'github:NixOS/nixpkgs/a19a71d1ee93226fd71984359552affbc1cd3dc3' (2023-12-17)
```
2023-12-18 00:02:23 +00:00
Colin
16d4c9cdf2
nixpkgs: 2023-12-15 -> 2023-12-16
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/9ad53b7aaf2b9e9e0d7e36ff4f8a779bf9b0195f' (2023-12-15)
→ 'github:nixos/nixpkgs/029c707186e2b00f9e98f590b9a019320ccc21d7' (2023-12-16)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8a205497ba6f6938b7b516c184b7cf326ab15548' (2023-12-15)
→ 'github:nixos/nixpkgs/ceb8e4efd95627c0a86f106ba2afcd207ad5c6b3' (2023-12-16)
```
2023-12-17 21:26:41 +00:00
Colin
1063a89541
powerbutton/lid-switch: tune the desired actions
2023-12-17 21:08:16 +00:00
Colin
fd0f709d50
git: remove a/ b/ prefixes from diffs
2023-12-17 20:48:31 +00:00
Colin
5edd10c332
move kiwix data to /var/lib/kiwix and persist
2023-12-16 03:05:15 +00:00
Colin
5c36ee79be
kiwix: wikipedia snapshot: 2022-05 -> 2023-11
2023-12-16 01:54:34 +00:00
Colin
b2bf9d63a3
mpv: don't assume xdg-terminal-exec is on PATH
2023-12-16 00:43:43 +00:00
Colin
e297df011d
xdg-terminal-exec: remove (it exists upstream now)
2023-12-16 00:41:51 +00:00
Colin
bcac00d766
mpv: uosc: add a "cast" option to the menu
2023-12-16 00:39:36 +00:00
Colin
c256d7ded5
koreader: implement copy-to-clipboard
2023-12-15 20:53:04 +00:00
Colin
7ba39ea831
koreader: document how to configure
2023-12-15 20:05:06 +00:00
Colin
28f90e4421
sxmo: lengthen voldown hold time before revealing terminal
2023-12-15 19:12:26 +00:00
Colin
5d66a1e6a5
hare-json: remove. it's been upstreamed as hareThirdParty.hare-json
2023-12-15 17:59:09 +00:00
Colin
1522eccfb3
nixpkgs: 2023-12-14 -> 2023-12-15
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/248d12a902bfc36134176f31beba87b1fe30a3c1' (2023-12-14)
→ 'github:nixos/nixpkgs/9ad53b7aaf2b9e9e0d7e36ff4f8a779bf9b0195f' (2023-12-15)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/fd7914c96f7c006047e0154dd239aa2396478094' (2023-12-14)
→ 'github:nixos/nixpkgs/8a205497ba6f6938b7b516c184b7cf326ab15548' (2023-12-15)
```
2023-12-15 17:40:44 +00:00
Colin
728604e036
gui hosts: ship delfin
2023-12-15 08:44:32 +00:00
Colin
58d4f0d512
delfin: fix cross build
2023-12-15 08:43:10 +00:00
Colin
1f7fc8700e
delfin: fix icons
2023-12-15 08:30:20 +00:00
Colin
a933f8b512
delfin: persist server settings
2023-12-15 08:17:07 +00:00
Colin
83b83841d6
delfin: init at 0.2.1
2023-12-15 08:08:11 +00:00
Colin
ef8a8bc246
go2tv: document known-good format matrix
2023-12-15 03:22:03 +00:00
Colin
136ddda055
nautilus: enable the A/V pane
2023-12-15 02:57:25 +00:00
Colin
5fbf2166f1
moby: enable go2tv/catt
2023-12-15 02:33:18 +00:00
Colin
ba7bc3bd03
go2tv: docs: show that some mp4s work w/o transcoding
2023-12-15 02:32:44 +00:00
Colin
311412c5ee
go2tv: configure firewall as needed
2023-12-15 00:50:58 +00:00
Colin
d18e94ea87
feeds: subscribe to linmob.net
2023-12-14 22:20:30 +00:00
Colin
6a548366cd
sway: enable gvfs to support remote filesystems
2023-12-14 21:59:42 +00:00
Colin
54d2e875f6
koreader: disable image-based feeds; text only
2023-12-14 20:51:09 +00:00
Colin
c5cc0e90a3
wob: theme
2023-12-14 20:49:48 +00:00
Colin
50ce8da68c
sxmo: remove sxmo-set-permissions job. upstream refactored it to not exist and they use doas now instead
2023-12-14 19:17:38 +00:00
Colin
3449bfc2a9
sxmo: bonsai: tune timings: powerhold: 1000ms -> 900ms; volhold: 400ms -> 600ms
...
this should improve: (1) awkwardly long power hold until window is killed, (2) accidentally seeking the media player when i meant to only adjust volume
2023-12-14 19:12:08 +00:00
Colin
18d301d9dd
cross: dino: remove patch which has been upstreame into nixpkgs
2023-12-14 19:08:08 +00:00
Colin
357bf7f4ca
nixpkgs: 2023-12-13 -> 2023-12-14
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/022a4231437548b719eb9e5b8bae1a7f6117fa93' (2023-12-13)
→ 'github:nixos/nixpkgs/1aca249f1846b6bb7a156b809c312de58945c85a' (2023-12-14)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8556109c1f04574ad59dcb0c4882f44eb27ea581' (2023-12-13)
→ 'github:nixos/nixpkgs/8e23dec5ac5ebc36057e980d4e6a3eb6a44da74b' (2023-12-14)
```
2023-12-14 18:50:36 +00:00
Colin
f763448d6f
go2tv: docs: firewall
2023-12-14 10:56:07 +00:00
Colin
deb828e98a
programs: enable go2tv
2023-12-14 10:39:33 +00:00
Colin
cbca41accf
permit moby to ssh into my devices
2023-12-14 10:35:36 +00:00
Colin
ac22e07388
sxmo: bring wob service in-house
2023-12-14 10:33:33 +00:00
Colin
cb0d9e077b
programs: enable catt
2023-12-14 08:41:16 +00:00
Colin
58105e9b62
fix open-in-mpv extension
2023-12-14 07:26:50 +00:00
Colin
32fb79d43d
dino: auto-start
2023-12-14 01:57:32 +00:00
Colin
f129afdae8
flare-signal: document linking/registration issue
2023-12-14 01:56:54 +00:00
Colin
29cde5e724
firefox: support Element and Nheko URIs
2023-12-13 23:14:04 +00:00
Colin
3467a5df48
feeds: subscribe Origin Stories
2023-12-13 22:31:58 +00:00
Colin
694dd59e27
feeds: subscribe bitsaboutmoney
2023-12-13 22:29:22 +00:00
Colin
540b3e4af2
firefox: auto-dispatch mpv:// URI handlers
2023-12-13 21:41:06 +00:00
Colin
e0211646b2
firefox: extraNativeMessagingHosts -> nativeMessagingHosts
2023-12-13 21:34:59 +00:00
Colin
94dcb0f08a
firefox: ship open-in-mpv extension
2023-12-13 21:34:34 +00:00
Colin
0b38ed2f2a
firefox: docs: clarify fxCast behavior
2023-12-13 20:58:45 +00:00
Colin
15622251ef
firefox: define the fx_cast addon
2023-12-13 20:51:57 +00:00
Colin
4eb79a4a5c
gui: ship pwvucontrol
2023-12-13 20:43:16 +00:00
Colin
9f54413d46
pwvucontrol: support cross compilation
2023-12-13 20:02:48 +00:00
Colin
f467898a04
sync TODO
2023-12-13 17:41:31 +00:00
Colin
413c8a4fef
sponsorblock: re-disable the first-launch nag
2023-12-13 17:37:48 +00:00
Colin
d4440736dd
nixpkgs: 2023-12-12 -> 2023-12-13
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/a3eee1a84ec0aadb7f567175d79574d63dcecff2' (2023-12-12)
→ 'github:nixos/nixpkgs/022a4231437548b719eb9e5b8bae1a7f6117fa93' (2023-12-13)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/47bca5bb0209496389f3a70d2e388c5531831d60' (2023-12-12)
→ 'github:nixos/nixpkgs/8556109c1f04574ad59dcb0c4882f44eb27ea581' (2023-12-13)
```
2023-12-13 16:27:18 +00:00
Colin
bb1ceaed12
gui: disable newsflash
...
it doesn't cross compile. also, gnome-feeds would be a better implementation if i can get the package updated
2023-12-13 16:27:18 +00:00
Colin
51a90136ea
sxmo-utils: default preferSystemd to true
...
this probably removes some duplicate sxmo-utils packages from my install
2023-12-13 16:27:18 +00:00
Colin
e7cfa19897
sxmo-utils: use xdg-open in sxmo_open.sh
2023-12-13 16:27:18 +00:00
Colin
41411e005f
flare-signal-nixified: document experience with 10.1-xx seies
2023-12-13 08:10:50 +00:00
Colin
c22119f69b
flare-signal-nixified: enable primary device registration
2023-12-13 07:17:17 +00:00
Colin
354a4e523b
flare-signal-nixified: 0.10.1-beta.4 -> 0.10.1-beta.6
2023-12-13 07:01:16 +00:00
Colin
b34b8a249c
nixpatches: link but dont apply gnome-feeds update
2023-12-13 03:47:20 +00:00
Colin
508257da87
newsflash: enable podcasts/videos; document
2023-12-13 03:45:07 +00:00
Colin
fadcf7d7c1
mpv: youtube: associate with another URL variant
2023-12-13 03:44:57 +00:00
Colin
7f43360120
newsflash: enable
2023-12-13 03:06:08 +00:00
Colin
f9a8389f58
gui: switch from gthumb to loupe for image viewing
2023-12-13 02:29:43 +00:00
Colin
f77a18a655
cross: enable Loupe for cross compilation
2023-12-13 02:00:43 +00:00
Colin
7e4d6853f5
cross: glycin-loaders: simplify
2023-12-13 01:48:26 +00:00
Colin
5615c7cf6e
cross: glycin-loader: fix compilation
2023-12-13 01:40:36 +00:00
Colin
54c51a5636
fractal-latest: remove old comments
2023-12-12 21:02:09 +00:00
Colin
1119726c64
docs: koreader: dictionary installation
2023-12-12 20:56:46 +00:00
Colin
101a2bc3af
hare-ev: 2023-10-30 -> 2023-12-04
2023-12-12 20:45:46 +00:00
Colin
f4bfaf3581
firefox-extensions: update to latest
2023-12-12 20:44:56 +00:00
Colin
e8dfc1dc71
sxmo-utils: 2023-11-26 -> 2023-12-09
2023-12-12 20:44:27 +00:00
Colin
ef26b9085c
nixpatches: remove merged numpy patch
2023-12-12 20:37:55 +00:00
Colin
85d9c11733
sxmo: add an option to disable wob
2023-12-12 19:00:43 +00:00
Colin
6d41f1f1db
sxmo: re-enable audio
...
SXMO_NO_AUDIO disables too much. i just want to not launch the daemons, and customizing sxmo_hook_start is enough for that
2023-12-12 18:59:31 +00:00
Colin
f9434215db
nixpkgs: 2023-12-11 -> 2023-12-12
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/43f7188eba3bc2eb73031bf8f9ad1a02224b6be1' (2023-12-12)
→ 'github:nixos/nixpkgs/a3eee1a84ec0aadb7f567175d79574d63dcecff2' (2023-12-12)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/a8dac2fa64af92360f126d2e20f47cd4ccf1c905' (2023-12-11)
→ 'github:nixos/nixpkgs/47bca5bb0209496389f3a70d2e388c5531831d60' (2023-12-12)
```
2023-12-12 18:40:06 +00:00
Colin
83d402eb77
nixos-prebuild: fix typo
2023-12-12 18:39:46 +00:00
Colin
cec48e0270
nixpkgs: 2023-12-11 -> 2023-12-12
...
```
• Updated input 'nixpkgs-next-unpatched':
'github:nixos/nixpkgs/f81605387c494a302c16901ac6459e877c45f913' (2023-12-11)
→ 'github:nixos/nixpkgs/43f7188eba3bc2eb73031bf8f9ad1a02224b6be1' (2023-12-12)
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d' (2023-12-11)
→ 'github:nixos/nixpkgs/a59c7364955e5f32798d0314fbb6aae347ff064d' (2023-12-12)
```
2023-12-12 09:34:52 +00:00
Colin
322038ca21
flake.nix: expose the patched nixpkgs as an output, for debugging
2023-12-12 09:34:28 +00:00
Colin
6395e60f17
nixpatches: fix date check to be based on when upstream nixpkgs was updated, not this repo
2023-12-12 09:34:28 +00:00
Colin
7969eb12d6
cross: partially fix glycin-loaders
2023-12-12 09:34:28 +00:00
Colin
f942e2c5a9
nixpatches: revise numpy master merge date
2023-12-12 09:34:28 +00:00
Colin
089f676c4a
gui: switch back to gthumb; loupe does not cross compile yet
2023-12-12 08:44:08 +00:00
Colin
d2012b4e40
notejot: fix store typo
2023-12-12 07:55:18 +00:00
Colin
a319017567
gui: switch from gthumb to loupe
2023-12-12 07:38:13 +00:00
Colin
a669c9c88b
gui: add Loupe image viewer specialization
2023-12-12 07:36:21 +00:00
Colin
8391e500c9
gui: handheld: ship notejot
2023-12-12 07:31:00 +00:00
Colin
5f27c8fddf
servo: nixos-prebuild: cleanup garbage better
2023-12-12 06:47:47 +00:00
Colin
a4ae41e627
servo: nixos-prebuild: dont ship jobs to other builders
2023-12-12 06:44:08 +00:00
Colin
a5126ae8fb
cross: re-enable jbig2dec fix (turns out it is necessary)
2023-12-12 06:20:43 +00:00
Colin
f33776e0ed
flake: check.nur: simplify nixpkgs path
2023-12-12 03:53:54 +00:00
Colin
189eccb01e
nixpatches: improve patch conditionality
2023-12-12 03:22:25 +00:00
Colin
4336d68e6f
flake: fix CLI argument quoting
2023-12-12 02:16:06 +00:00
Colin
4f45adb063
gui: disable slic3r
2023-12-12 02:16:06 +00:00
Colin
e6b16624c3
ntfy-waiter: fix port typo in service description
2023-12-12 02:15:01 +00:00
Colin
e87d2f545c
sftpgo: fix systemd after/wants typo
2023-12-12 02:14:45 +00:00
Colin
69bc219efa
ports: fix systemd RandomizedDelaySec typo
2023-12-12 02:14:27 +00:00
Colin
e4f1cfb53f
servo: deploy a service which periodically rebuilds my nix config to populate the cache
2023-12-12 02:13:59 +00:00
Colin
f1e59061d7
flake: check.hostConfigs: build *-light first even for -next
2023-12-11 23:00:15 +00:00
Colin
cd312e41d4
flake: remove check.hostConfigs variants
2023-12-11 22:51:58 +00:00
Colin
1bd2d0dfc1
flake: remove separate nixpkgs-staging and staging-next
2023-12-11 22:33:38 +00:00
Colin
49235a4d83
flake: add check.hostConfigsNext
2023-12-11 22:23:14 +00:00
Colin
e7826e0648
flake: add host outputs for nixpkgs-staging and nixpkgs-staging-next
2023-12-11 22:15:35 +00:00
Colin
e7edb4739f
flake.nix: fix for better caching on non-cross builds
2023-12-11 21:24:33 +00:00
Colin
4a622c558e
signal-desktop-from-src: fix nodejs to 18.x
2023-12-11 21:07:42 +00:00
Colin
bfe69a4708
flake: fix patching process to assume less about nixpkgs internals
2023-12-11 21:07:17 +00:00
Colin
688b4edf13
mpv: handle shorthand youtu.be URLs too
2023-12-11 16:19:51 +00:00
Colin
7ca2e5f539
nixpkgs: 2023-12-10 -> 2023-12-11; uninsane-dot-org
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/64292b08dc5d1538d7ab88817a90b2713c34c8a0' (2023-12-10)
→ 'github:nixos/nixpkgs/e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d' (2023-12-11)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=8f7a3f3f7ce95f21131f94418c522062a8dc2055 ' (2023-12-09)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=ee722a13732b8d03bae56be8147333d144a02126 ' (2023-12-10)
```
2023-12-11 06:23:43 +00:00
Colin
4c5fb74c7d
feeds: subscribe to kosmosghost
2023-12-11 04:55:47 +00:00
Colin
ad82bb2630
mimeo: fix infinite loop when dispatching non-specialized http/s URLs
2023-12-11 04:52:49 +00:00
Colin
008a6192d4
mpv: associate with https://youtube.com/ ...
2023-12-11 04:52:49 +00:00
Colin
f4d4c7a92a
sxmo-utils: remove gojq and just use normal jq
2023-12-11 04:44:45 +00:00
Colin
0a41192eb1
sxmo-utils: remove gojq requirement
2023-12-11 03:27:58 +00:00
Colin
f044fcb584
gnome-frog: fix cross compilation
2023-12-11 03:27:46 +00:00
Colin
9e2c0a7112
megapixels: simplify zbar fix
2023-12-11 03:27:29 +00:00
Colin
d2e1441d1f
sane-clone: grab package data from ~/nixos instead of nixpkgs
...
this way i can clone my own packages
2023-12-10 17:28:30 +00:00
Colin
abbd28a634
git: add an "amend" alias
2023-12-10 17:01:58 +00:00
Colin
b309402784
nixpkgs: update; sops-nix: 2023-12-04 -> 2023-12-10
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/852e0ea0e8e1bd174bf1af9706f6b855319a5f1d' (2023-12-10)
→ 'github:nixos/nixpkgs/64292b08dc5d1538d7ab88817a90b2713c34c8a0' (2023-12-10)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/e91ece6d2cf5a0ae729796b8f0dedceab5107c3d' (2023-12-04)
→ 'github:Mic92/sops-nix/d806e546f96c88cd9f7d91c1c19ebc99ba6277d9' (2023-12-10)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/dc01248a9c946953ad4d438b0a626f5c987a93e4' (2023-12-03)
→ 'github:NixOS/nixpkgs/b8f33c044e51de6dde3ad80a9676945e0e4e3227' (2023-12-09)
```
2023-12-10 16:50:24 +00:00
Colin
a7d3ac95aa
nginx: uninsane.org: redirect common feed URIs to the canonical feed
2023-12-10 16:31:30 +00:00
Colin
255da2b976
docs: gtkcord4: explain how to disable notif sounds
2023-12-10 16:26:26 +00:00
Colin
8cdb4aa53d
docs: feedbackd: show how to trigger a sound
2023-12-10 16:25:13 +00:00
Colin
4d5b462b2c
swaync: add rules to help with debugging
2023-12-10 16:18:55 +00:00
Colin
f7a318c937
modules/users: fix services to specify PATH with correct precedence
2023-12-10 15:18:26 +00:00
Colin
eb5b9b083c
mpv-uosc-latest: remove (no longer needed)
...
nixpkgs mpv-uosc was recently updated, seems to work well out-of-the-box
2023-12-10 02:32:33 +00:00
Colin
e0d9a59d10
nixpkgs: 2023-12-09 -> 2023-12-10
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/61b691834e5ce9590c44690e73392ee7e001d45a' (2023-12-09)
→ 'github:nixos/nixpkgs/852e0ea0e8e1bd174bf1af9706f6b855319a5f1d' (2023-12-10)
```
2023-12-10 02:13:59 +00:00
Colin
119ac4cf95
cross: start upstreaming wob patch
2023-12-09 20:20:10 +00:00
Colin
f53d0e16ff
cross: start upstreaming dino patch
2023-12-09 20:11:36 +00:00
Colin
5321ccc980
uninsane-dot-org: mobile-linux-push-notifications: fix src-port -> dest-port typo
2023-12-09 18:28:28 +00:00
Colin
e8a6fa3506
uninsane-dot-org: mobile-linux-push-notifications: fix link typo
2023-12-09 18:22:58 +00:00
Colin
26e1cc2a7a
uninsane-dot-org: revise linux-mobile-notifications for sxmo integration
2023-12-09 18:16:32 +00:00
Colin
cec4b4b78e
sway: fix app_id for gtkcord4
2023-12-09 16:48:17 +00:00
Colin
7ce3cb79c9
switch from abaddon -> gtkcord4 as default discord client
2023-12-09 16:45:40 +00:00
Colin
4c553b1525
gtkcord4: fix to Default_keyring instead of login.keyring
2023-12-09 16:42:27 +00:00
Colin
84ec809fb5
gui: ship gnome.seahorse
2023-12-09 15:02:00 +00:00
Colin
f49e466ce8
flake: add a "hostSystems" target
2023-12-09 14:11:37 +00:00
Colin
402baa1011
uninsane-dot-org: 2023-12-03 -> 2023-12-09; nixpkgs
2023-12-09 14:01:51 +00:00
Colin
01de6f84cf
feeds: subscribe to Louis Rossmann
2023-12-09 08:14:16 +00:00
Colin
e1e9047664
nixpkgs: 2023-12-08 -> 2023-12-09
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c89d45747b4ba510caa6b2704b574484b6f93e96' (2023-12-08)
→ 'github:nixos/nixpkgs/d02151974acd5d2e1a47cee3245d97e130c3ecfa' (2023-12-09)
```
2023-12-09 05:51:01 +00:00
Colin
0be9831b0c
cross: update upstreaming status
2023-12-08 22:49:18 +00:00
Colin
1db9d4d10b
roles/build-machine: re-enable big-parallel
2023-12-08 20:20:55 +00:00
Colin
ccef9d1414
nixpkgs: update
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/f63903a90faf6cce169eb2bcc93fb45c457b1d31' (2023-12-08)
→ 'github:nixos/nixpkgs/c89d45747b4ba510caa6b2704b574484b6f93e96' (2023-12-08)
```
2023-12-08 20:14:44 +00:00
Colin
8b09599c5e
sane-sync-music: update files if mtime differs
...
*presumably* most tagging software updates the mtime when tags change, but i didn't actually check
2023-12-08 15:07:12 +00:00
Colin
368099e95a
cross: ostree: apply Mindavi's PR feedback
2023-12-08 15:00:29 +00:00
Colin
34342b7f48
sync.moby: reduce job count
2023-12-08 14:52:11 +00:00
Colin
fcc7ebf5c1
sync.desko: fix mountpoint typo
2023-12-08 12:24:00 +00:00
Colin
114bdb30e8
flake: sync-*: refactor
2023-12-08 10:25:01 +00:00
Colin
4caf61387e
sane-sync-music: add --compress and --compat options
2023-12-08 10:24:48 +00:00
Colin
ab020327f4
nixpkgs: 2023-12-07 -> 2023-12-08
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/449c6fb06be60edd4233bb9fe748a0754df185b1' (2023-12-07)
→ 'github:nixos/nixpkgs/f63903a90faf6cce169eb2bcc93fb45c457b1d31' (2023-12-08)
```
2023-12-08 04:26:09 +00:00
Colin
bacad0f111
sane-sync-music: add a --force-copy flag
2023-12-07 19:00:51 +00:00
Colin
9619c6d2e1
sane-sync-music: refactor to facilitate future tweaks
2023-12-07 18:49:01 +00:00
Colin
07c7050335
docs: sane-sync-music: document a bug
2023-12-07 18:17:21 +00:00
Colin
24a6fba008
sane-tag-music: remove prefer-path flag to force
2023-12-07 18:08:41 +00:00
Colin
51c53b2103
sane-tag-music: allow manually specifying tags via CLI
2023-12-07 18:08:41 +00:00
Colin
4ae01aa353
sane-tag-music: auto-create id3 tags for MP3 files
2023-12-07 18:08:41 +00:00
Colin
0db1e3728a
sway: dont ship custom gtk icons
...
the GNOME 45 update makes it so default adwaita icons are reliable on moby
2023-12-07 17:56:56 +00:00
Colin
83c7657951
sane-tag-music: better handle track names for compilation albums
2023-12-07 17:29:10 +00:00
Colin
e20386299f
sane-tag-music: add a --force flag
2023-12-07 17:29:10 +00:00
Colin
d6e43effde
sane-tag-music: better handle verbose track names
2023-12-07 17:29:10 +00:00
Colin
bbe8f4a852
sane-tag-music: support opus, aac (limited)
2023-12-07 17:29:10 +00:00
Colin
8c98e38053
sane-tag-music: better handling of "Various Artists"
2023-12-07 17:29:10 +00:00
Colin
96a36d4d6b
sane-tag-music: support ogg files
2023-12-07 17:29:10 +00:00
Colin
366a9cea0d
fractal: ship optimized build
2023-12-07 16:39:36 +00:00
Colin
e810774202
fractal,flare: note that release is incompatible with cross compilation
2023-12-07 16:39:36 +00:00
Colin
f2de781cbc
nixpkgs: update
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/17411d69e415b5f4910f9a66f89dc6a1866cb410' (2023-12-07)
→ 'github:nixos/nixpkgs/449c6fb06be60edd4233bb9fe748a0754df185b1' (2023-12-07)
```
2023-12-07 16:39:36 +00:00
Colin
7f08ad01db
sane-tag-music: handle more character encoding edgecases
2023-12-07 15:52:28 +00:00
Colin
2c66d8cad0
sane-tag-music: don't crash when file opening fails
2023-12-07 15:51:51 +00:00
Colin
fc4803f3fd
sane-tag-music: fix bug that song would be extracted into a list of chars
2023-12-07 15:51:17 +00:00
Colin
5a6d1dd3c2
sane-tag-music: don't write empty tags
2023-12-07 13:55:45 +00:00
Colin
ba42ff7469
sane-tag-music: support mp3
2023-12-07 13:55:45 +00:00
Colin
a6cc698c69
signal-desktop-from-src: simplify build process
2023-12-07 13:49:07 +00:00
Colin
19b0a62fee
flake: support cross deployments from non-binfmt machines
2023-12-07 13:49:07 +00:00
Colin
1a6ce11b07
disable binfmt emulation on my build machines
2023-12-07 13:49:07 +00:00
Colin
49d8578b83
signal-desktop-from-src: build without emulation
2023-12-07 13:49:07 +00:00
Colin
53c0cd570a
update todos: moby: install games
2023-12-07 13:49:07 +00:00
Colin
4d84bdafed
koreader: cross-compile without binfmt
2023-12-07 13:49:07 +00:00
Colin
059cd38e7b
cross: comment out the firefox hacks
...
they're unused and broken anyway
2023-12-07 13:49:07 +00:00
Colin
8f89d11435
cross: fix wob compilation
2023-12-07 13:49:07 +00:00
Colin
243f78ff0e
nixpkgs: 2023-12-06 -> 2023-12-07
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/2bea1bc0f98bb316e26d1a5a17df58fce54ca8c4' (2023-12-06)
→ 'github:nixos/nixpkgs/17411d69e415b5f4910f9a66f89dc6a1866cb410' (2023-12-07)
```
2023-12-07 13:49:07 +00:00
Colin
21be1b392e
servo: switch external storage to zfs pool
2023-12-07 08:57:26 +00:00
Colin
8b71e6ac5a
sane-stop-all-servo: update with newer services
2023-12-07 05:36:09 +00:00
Colin
f5f6298284
re-enable flare-signal
2023-12-06 19:27:47 +00:00
Colin
c8370bc290
cross: tried to get cinny to cross-compile, not quite there
2023-12-06 19:26:18 +00:00
Colin
abc0ac88d3
flare-signal-nixified: cross-compile without emulation
2023-12-06 19:25:09 +00:00
Colin
9da604c0af
fractal-nixified: fix build
2023-12-06 19:22:45 +00:00
Colin
801da9d321
cross: add a `cantBinfmt` option to force a package to be built on a non-binfmt machine
2023-12-06 19:20:39 +00:00
Colin
ac3b0b873b
transmission: increase speed limits
2023-12-06 18:03:08 +00:00
Colin
9beee146f2
feeds: sort Youtube feeds
2023-12-06 16:49:40 +00:00
Colin
2d06401f3c
feeds: subscribe to Tom Scott
2023-12-06 16:19:37 +00:00
Colin
2db56f2499
feeds: subscribe to TheB1M
2023-12-06 16:18:03 +00:00
Colin
63ea6d7002
feeds: subscribe to Exurb1a
2023-12-06 16:16:29 +00:00
Colin
3e2523cc2c
feeds: subscribe to Cold Fusion
2023-12-06 16:15:25 +00:00
Colin
ad3f5e305e
feeds: subscribe to Vox
...
don't @ me
2023-12-06 16:13:08 +00:00
Colin
aa5b9e3db3
user services: wrap with user PATH
...
notably, this alllows Fractal to open links with the preferred browser
2023-12-06 16:09:07 +00:00
Colin
46123719e9
feeds: subscribe to Vihart
2023-12-06 16:09:07 +00:00
Colin
16bce990c6
feeds: subscribe to PolyMatter
2023-12-06 16:09:07 +00:00
Colin
d55e387187
feeds: subscribe to Vsauce
2023-12-06 16:09:06 +00:00
Colin
e75c3375dc
feeds: subscribe to Channel5 News
2023-12-06 16:08:50 +00:00
Colin
b1c7cb367a
feeds: subcsribe to hbomberguy
2023-12-06 15:47:39 +00:00
Colin
d63d660ec2
feeds: subscribe to ContraPoints
2023-12-06 15:45:43 +00:00
Colin
f24a0a84b5
gpodder: ship on all systems
...
it's more useful on desko/lappy now that i can ship Youtube feeds.
2023-12-06 15:36:41 +00:00
Colin
9704dcc997
feeds: add support for video; subscribe to videos in gpodder
2023-12-06 15:36:05 +00:00
Colin
80875d6312
feeds: subscribe to Technology Connections
2023-12-06 15:35:38 +00:00
Colin
79f4c9f98c
flare-signal-nixified: support defaultCrateOverrides
2023-12-06 14:22:16 +00:00
Colin
e2735e151e
cross: make `buildInQemu` more flexible to non-stdenv builders
2023-12-06 14:08:46 +00:00
Colin
afb4a88830
moby: enable dialect
2023-12-06 14:00:34 +00:00
Colin
84dc8cfd23
cross: build dialect so that it doesn't depend on build binaries at runtime
2023-12-06 13:56:39 +00:00
Colin
6ef52677ee
nixpkgs: 2023-12-05 -> 2023-12-06
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/3532bd963c2a1417e7d5d9a13b90f3ab8e6b6538' (2023-12-05)
→ 'github:nixos/nixpkgs/2bea1bc0f98bb316e26d1a5a17df58fce54ca8c4' (2023-12-06)
```
2023-12-06 01:45:09 +00:00
Colin
73c0e9a742
cross: update error message for fractal
2023-12-05 17:02:33 +00:00
Colin
7ff259073e
swaync: decrease mpris icon size 64 -> 48px
2023-12-05 17:01:57 +00:00
Colin
2bf10c60ee
swaynotificationcenter: fix mpris icon height even when it fails to load an icon
2023-12-05 16:57:24 +00:00
Colin
72f4b43b54
sxmo: better input mappings
2023-12-05 15:12:08 +00:00
Colin
e1ced7a7fe
sxmo_hook_inputhandler.sh: remove unused VOL_INCR_2 variable
2023-12-05 10:08:16 +00:00
Colin
f41b1cf3b5
sxmo: enable powertoggle -> volup/down for seeking even when screen is on
...
it's not currently mapped to anything else, so...
2023-12-05 10:04:01 +00:00
Colin
70693c2052
sxmo: simplify shortcuts
...
remove power -> volup DE menu map -- it's accessible via sysmenu now
replace power -> voldown terminal map with just voldown hold
2023-12-05 10:02:19 +00:00
Colin
f61d7d0f7d
sxmo: decrease power-button timeout
2023-12-05 08:54:18 +00:00
Colin
3d7ea75bfc
sxmo: simplify XDG_SESSION_TYPE fix
2023-12-05 08:50:19 +00:00
Colin
f350d7949c
sxmo: fix missing XDG_SESSION_TYPE env var
2023-12-05 08:06:14 +00:00
Colin
10c21714ef
tangram: build without emulation
2023-12-05 06:02:38 +00:00
Colin
2dbae69d50
komikku: build without emulation
2023-12-05 05:16:40 +00:00
Colin
4cc5eed884
feeds: subscribe to srslywrong.com
2023-12-05 04:25:25 +00:00
Colin
9967868e80
nixpkgs: update
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/d90955124ff3af2d469bf10000b09b9d7dfc5240' (2023-12-04)
→ 'github:nixos/nixpkgs/3532bd963c2a1417e7d5d9a13b90f3ab8e6b6538'
```
2023-12-05 02:04:40 +00:00
Colin
bb79752101
cross: gnome-online-accounts: disable unnecessary needsBinfmt
...
perhaps this was fixed in gnome 44 -> gnome 45
2023-12-04 17:50:12 +00:00
Colin
ebd24e5999
cross: evolution-data-server: build w/o binfmt/qemu
2023-12-04 17:50:12 +00:00
Colin
7a3fa88559
cross: gnome.mutter: build without binfmt/qemu
2023-12-04 17:50:12 +00:00
Colin
cff4fdc5f5
feeds: unsubscribe from Daniel Huberman
2023-12-04 12:36:10 +00:00
Colin
e7fc52ff20
cross: build neovim w/o binfmt/qemu
2023-12-04 11:26:28 +00:00
Colin
b061aff76e
IOCTL_... errrors: track mesa 23.3.1 PR which SHOULD fix them?
2023-12-04 11:07:59 +00:00
Colin
b14214761b
cross: get jbig2dec to build without binfmt/qemu
2023-12-04 11:07:53 +00:00
Colin
9bd684a971
cross: waybar: build without binfmt/qemu
2023-12-04 08:57:57 +00:00
Colin
89286be9e1
cross: tidy: remove explicit "final."
2023-12-04 07:42:11 +00:00
Colin
991a6a7552
cross: build libpanel w/o binfmt/qemu
2023-12-04 07:26:56 +00:00
Colin
04af5558b5
ibus: cross compile without binfmt/qemu
2023-12-04 06:59:00 +00:00
Colin
3ee487ca94
cross: fix flatpak to not require binfmt/qemu
2023-12-04 05:05:26 +00:00
Colin
20352ff170
calls: cross compile without binfmt/qemu
2023-12-04 04:24:53 +00:00
Colin
819894ccbf
dino: compile without binfmt/qemu
2023-12-04 04:02:07 +00:00
Colin
aa46c4cb8f
chatty: remove redundant evolution-data-server override: its done in overlays/preferences.nix
2023-12-04 02:09:52 +00:00
Colin
1c75977da7
firefox-extensions: update bypass-paywalls-clean, ublacklist, ublock-origin
2023-12-04 01:47:35 +00:00
Colin
c099483305
cross: mark as needsBinfmtOrQemu those packages which can build in either
2023-12-04 01:47:35 +00:00
Colin
959e200837
cross: remove upstreamed vulkan-tools fix
2023-12-04 00:38:54 +00:00
Colin
d9f0bdb089
nixpkgs, sops-nix, uninsane-dot-org -> 2023-12-04
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/0616776a5e4072e9455e3966d1fce58feefa7a58' (2023-12-03)
→ 'github:nixos/nixpkgs/d90955124ff3af2d469bf10000b09b9d7dfc5240' (2023-12-04)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/e19071f9958c8da4f4347d3d78790d97e98ba22f' (2023-12-02)
→ 'github:Mic92/sops-nix/8bca48cb9a12bbd8766f359ad00336924e91b7f7' (2023-12-03)
• Updated input 'sops-nix/nixpkgs-stable':
'github:NixOS/nixpkgs/dfb95385d21475da10b63da74ae96d89ab352431' (2023-11-25)
→ 'github:NixOS/nixpkgs/dc01248a9c946953ad4d438b0a626f5c987a93e4' (2023-12-03)
• Updated input 'uninsane-dot-org':
'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=8a4273489d945f21d7e0ca6aac952460c7d4c391 ' (2023-11-09)
→ 'git+https://git.uninsane.org/colin/uninsane?ref=refs/heads/master&rev=f865fdd262e249bb1b829900f99cbb67f21a0365 ' (2023-12-03)
```
2023-12-04 00:34:27 +00:00
Colin
b50d723158
servo: nginx: remove "root" in uninsane share path
2023-12-03 15:53:29 +00:00
Colin
14739af1b9
servo: nginx: dont follow symlinks in the /share directory
2023-12-03 15:51:01 +00:00
Colin
747511c6a8
waybar: link to a better playerctl integration
2023-12-03 15:19:55 +00:00
Colin
c96f9cd4de
ibus: 1.5.29-rc1 -> 1.5.29
...
TODO: cleanup this patch and then send to nixpkgs :)
2023-12-03 14:41:56 +00:00
Colin
31da2f10c9
sane-wipe: support dino
2023-12-03 14:40:14 +00:00
Colin
9e51d7f150
sane-wipe-*: consolidate into one sane-wipe binary
2023-12-03 14:25:35 +00:00
Colin
b1b1f8d659
cross: vulkan-tools: link to upstream PR
2023-12-03 14:02:57 +00:00
Colin
0c0e7881b1
signal-desktop: document a known bug
2023-12-03 13:58:30 +00:00
Colin
6c2f07aab1
cross: disable gnome-2048 fix in light of vala fix being upstreamed (still in staging)
2023-12-03 13:46:01 +00:00
Colin
84d2b31c51
cross: fix vulkan-tools compilation
2023-12-03 13:29:44 +00:00
Colin
2f23d916f5
sxmo: disable xwayland
2023-12-03 13:03:57 +00:00
Colin
d413f4a782
gtkcord4: partially re-enable
2023-12-03 13:01:52 +00:00
Colin
c2080cfe1e
sway: position Signal on the correct desktop even when run without Xwayland
2023-12-03 13:00:29 +00:00
Colin
c687d059c5
signal-desktop: support wayland even when running as a service
2023-12-03 13:00:29 +00:00
Colin
a131358c36
signal-desktop: support wayland
2023-12-03 13:00:29 +00:00
Colin
0ba012fd7c
guis: ship vulkan-tools
2023-12-03 13:00:29 +00:00
Colin
b43a693a1e
nginx: render directory listings for uninsane.org/share
2023-12-03 09:00:45 +00:00
Colin
6f4072efdd
servo: enable bitcoind
2023-12-03 08:49:24 +00:00
Colin
908984c285
cross: mark mutter as needs binfmt
2023-12-03 02:10:34 +00:00
Colin
8772aaec65
zfs: dont ship on moby
2023-12-03 00:58:49 +00:00
Colin
f3d605bb63
cross: fix fractal-nixified dep which needs binfmt
2023-12-03 00:40:08 +00:00
Colin
6741e0b9e1
nixpkgs: -> tip; sops-nix: 2023-11-27 -> 2023-12-02
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/eb18da27b9cb7e2006574cd962f8a22baf2955f1' (2023-12-02)
→ 'github:nixos/nixpkgs/0616776a5e4072e9455e3966d1fce58feefa7a58' (2023-12-03)
• Updated input 'sops-nix':
'github:Mic92/sops-nix/b1edbf5c0464b4cced90a3ba6f999e671f0af631' (2023-11-27)
→ 'github:Mic92/sops-nix/e19071f9958c8da4f4347d3d78790d97e98ba22f' (2023-12-02)
```
2023-12-03 00:22:07 +00:00
Colin
a9f932408c
servo: add zfs dataset
2023-12-02 17:38:00 +00:00
Colin
a00e6984d9
nixpkgs: 2023-12-01 -> 2023-12-02
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/7c12c8615307e2677a5f769e27ddb0ab4e36a940' (2023-12-01)
→ 'github:nixos/nixpkgs/eb18da27b9cb7e2006574cd962f8a22baf2955f1' (2023-12-02)
```
2023-12-02 00:12:16 +00:00
Colin
b4738438b1
nixpkgs: 2023-11-30 -> 2023-12-01
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/8d0f0ca32319439fe9940b1de917dbbdcb8e6f3d' (2023-11-30)
→ 'github:nixos/nixpkgs/7c12c8615307e2677a5f769e27ddb0ab4e36a940' (2023-12-01)
```
2023-12-01 16:19:05 +00:00
Colin
416c2f2f39
feeds: remove Hard Fork
2023-12-01 15:35:15 +00:00
Colin
589f86010f
fix that servo had too low of a inotify watch limit for wan.txt path unit to work
2023-12-01 13:18:05 +00:00
Colin
76a7c19996
waybar-sxmo-status: fix volume
2023-12-01 12:51:55 +00:00
Colin
3fa676e169
sxmo: waybar: include the volume sxmo status (i.e. microphone/headphones)
2023-12-01 08:45:31 +00:00
Colin
3193028c48
sxmo_hook_start: dont start the statusbar items
2023-12-01 07:56:43 +00:00
Colin
ba823e8283
sxmo: waybar: provide status more granularly
2023-12-01 07:43:20 +00:00
Colin
55f4ef9a4f
firefox-extensions.metamask: 11.6.2 -> 11.6.3
2023-12-01 04:33:03 +00:00
Colin
200b0dcf7c
sxmo: better integrate the status components into waybar
...
maybe i'll remove all the sxmo-specific logic eventually: it seems generalizable
2023-12-01 03:28:32 +00:00
Colin
181f9597c2
Merge branch 'dev'
2023-12-01 01:52:12 +00:00
Colin
e55c264c29
activationScripts: fix error messages which would occur on boot, for scripts which only want to run during upgrades
2023-12-01 01:51:37 +00:00
Colin
dfbae7e7b5
notify user when nixos deploy/activation completes
2023-12-01 01:29:37 +00:00
Colin
98fa50d0eb
nixpkgs: 2023-11-29 -> 2023-11-30
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/6711380ae7874005d707d7d03830bd5eee40b43b' (2023-11-29)
→ 'github:nixos/nixpkgs/8d0f0ca32319439fe9940b1de917dbbdcb8e6f3d' (2023-11-30)
```
2023-11-30 23:53:17 +00:00
Colin
9503658dec
sane-tag-music: handle tracks with soundcloud ID at end of title
2023-11-30 13:59:08 +00:00
Colin
3c9bf681b2
sane-tag-music: better handle compilation albums
2023-11-30 13:23:55 +00:00
Colin
c1b20675c1
sane-tag-music: handle more path schemas
2023-11-30 12:53:04 +00:00
Colin
5703caac19
remove unused scripts/ensure-perms script
2023-11-30 12:53:04 +00:00
Colin
7abf7459f9
signal-desktop-from-src: 6.38.0 -> 6.40.0
2023-11-30 09:58:25 +00:00
Colin
b14c6ecd5b
firefox-extensions: update to latest
2023-11-30 09:47:09 +00:00
Colin
455127219d
flake: rename check.host-configs -> check.hostConfigs
2023-11-30 01:40:50 +00:00
Colin
e235014bde
cross: lift defaultCrateOverrides patches to toplevel
2023-11-30 01:40:02 +00:00
Colin
ed1bf899b6
fractal: annotate crates which require binfmt for cross compilation
2023-11-30 01:36:53 +00:00
Colin
36c7f77a98
nixpkgs: 2023-11-28 -> 2023-11-29
...
```
• Updated input 'nixpkgs-unpatched':
'github:nixos/nixpkgs/c9702bf40b036c0f1d3d5b0aaf3eee2bf920124c' (2023-11-28)
→ 'github:nixos/nixpkgs/6711380ae7874005d707d7d03830bd5eee40b43b' (2023-11-29)
```
2023-11-30 00:50:35 +00:00
Colin
996b4f8366
sane-tag-music: update tags even if file had no existing tags
2023-11-29 13:05:05 +00:00
Colin
39d94b34d7
sane-tag-music: better handle singles
2023-11-29 12:57:16 +00:00
Colin
6edc6841bf
sane-tag-music: support directory/tree operations
2023-11-29 12:52:35 +00:00
Colin
b2806bd649
sxmo: ship codemadness-frontends 0.6
2023-11-29 12:31:36 +00:00
Colin
936118b8cb
sane-tag-music: init
2023-11-29 12:29:58 +00:00
Colin
120f251590
sxmo-utils: enable sxmo_youtube.sh script
2023-11-29 10:16:00 +00:00
Colin
d9962e1b03
codemadness-frontends: fix cross compilation
2023-11-29 10:15:39 +00:00
Colin
1396eb2c58
codemadness-frontends: init at 0.8
2023-11-29 09:51:42 +00:00