.. |
conky
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
koreader
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
mimeo
|
programs: mimeo: dont sandbox
|
2024-02-14 01:51:26 +00:00 |
sway-autoscaler
|
programs (assorted): fix wantedBy = "default.target" to be more specific
|
2024-02-02 14:21:57 +00:00 |
unl0kr
|
programs: unl0kr: sandbox
|
2024-02-20 13:29:56 +00:00 |
waybar
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
wob
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
zsh
|
programs: zsh: fix "switch" function to be friendly to sandboxing
|
2024-02-14 13:45:56 +00:00 |
abaddon.nix
|
programs (assorted): fix wantedBy = "default.target" to be more specific
|
2024-02-02 14:21:57 +00:00 |
aerc.nix
|
programs: sandboxing: enable net isolation for most sandboxed programs
|
2024-02-08 21:51:32 +00:00 |
alacritty.nix
|
alacritty: explicitly disable sandbox
|
2024-01-27 17:20:11 +00:00 |
animatch.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
assorted.nix
|
programs: sandbox oathtools
|
2024-02-21 00:03:48 +00:00 |
audacity.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
bemenu.nix
|
programs: bemenu: fix sandboxing
|
2024-02-15 14:33:20 +00:00 |
brave.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
bubblewrap.nix
|
bubblewrap: explicitly disable sandboxing
|
2024-01-27 17:20:40 +00:00 |
calls.nix
|
programs (assorted): fix wantedBy = "default.target" to be more specific
|
2024-02-02 14:21:57 +00:00 |
cantata.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
catt.nix
|
programs: enable catt
|
2023-12-14 08:41:16 +00:00 |
chatty.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
cozy.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
dconf.nix
|
programs: dconf: sandbox
|
2024-02-20 23:43:25 +00:00 |
default.nix
|
dconf: split into own sane.programs definition
|
2024-02-20 12:09:52 +00:00 |
dialect.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
dino.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
element-desktop.nix
|
programs: messengers (fractal, signal, dino, tuba): add media libraries to the sandbox
|
2024-02-15 00:49:24 +00:00 |
epiphany.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
evince.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
feedbackd.nix
|
programs: feedbackd: sandbox w/ bwrap
|
2024-02-16 03:49:59 +00:00 |
firefox.nix
|
programs: firefox/fractal: document portal filechooser limitations
|
2024-02-16 05:49:56 +00:00 |
flare-signal.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
fontconfig.nix
|
programs: fontconfig: sandbox
|
2024-02-15 18:26:45 +00:00 |
fractal.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
frozen-bubble.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
fwupd.nix
|
fwupd: define as a sane.program
|
2023-08-04 07:35:13 +00:00 |
g4music.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
gajim.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
geary.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
git.nix
|
programs: git: fix failing sandbox build
|
2024-02-16 03:16:46 +00:00 |
gnome-feeds.nix
|
programs: remove wantedBy from the fs, and make it implicit
|
2023-05-08 21:41:02 +00:00 |
gnome-keyring.nix
|
docs: gnome-keyring: point out that system gnome-keyring doesn't inherit my sandboxing
|
2024-01-23 01:00:06 +00:00 |
gnome-weather.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
go2tv.nix
|
programs: assorted: convert /mnt/servo "extraPaths" into "extraHomePaths" where possible
|
2024-02-12 12:54:16 +00:00 |
gpodder.nix
|
programs: gpodder: fix to work in sandbox (add dbus)
|
2024-02-16 06:07:46 +00:00 |
gthumb.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
gtkcord4.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
handbrake.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
helix.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
imagemagick.nix
|
imagemagick: don't add 'ghostscript' package to path
|
2024-02-17 15:45:50 +00:00 |
jellyfin-media-player.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
kdenlive.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
komikku.nix
|
programs: komikku: add dbus to the sandbox to fix it
|
2024-02-15 11:58:08 +00:00 |
lemoa.nix
|
programs: lemoa: sandbox
|
2024-02-16 05:32:22 +00:00 |
libreoffice.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
loupe.nix
|
programs: loupe: remove the dbus services to make it work with Firefox
|
2024-02-15 11:36:24 +00:00 |
mako.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
megapixels.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
mepo.nix
|
programs: mepo: sandbox
|
2024-02-17 15:08:21 +00:00 |
mopidy.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
mpv.nix
|
programs: mpv: explicitly add Videos/servo, Books/servo to sandbox
|
2024-02-13 15:38:57 +00:00 |
msmtp.nix
|
programs: ship msmtp sendmail implementation
|
2023-07-01 00:28:59 +00:00 |
nautilus.nix
|
programs: nautilus: assign a mime priority
|
2024-02-18 07:07:29 +00:00 |
neovim.nix
|
programs: neovim: fix nvim-treesitter typo
|
2024-02-20 10:23:52 +00:00 |
newsflash.nix
|
newsflash: enable podcasts/videos; document
|
2023-12-13 03:45:07 +00:00 |
nheko.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
nicotine-plus.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
nix-index.nix
|
programs: nix-index: sandbox
|
2024-02-16 11:39:05 +00:00 |
notejot.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
ntfy-sh.nix
|
programs: ntfy-sh: sandbox
|
2024-02-17 15:47:47 +00:00 |
obsidian.nix
|
mime: support multiple implementors of the same association, with different priorities
|
2023-07-15 10:11:31 +00:00 |
offlineimap.nix
|
secrets: rename "universal" -> "common" to match the language of hosts/
|
2023-05-14 08:52:43 +00:00 |
open-in-mpv.nix
|
open-in-mpv: remove my patch which has been upstreamed, previously required to use xdg-open
|
2024-02-18 04:52:27 +00:00 |
planify.nix
|
programs: planify: sandbox
|
2024-02-18 07:07:29 +00:00 |
playerctl.nix
|
programs: don't include dbus in the sandbox by default
|
2024-02-13 11:58:33 +00:00 |
portfolio-filemanager.nix
|
programs: portfolio-filemanager: sandbox
|
2024-02-18 07:07:29 +00:00 |
rhythmbox.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
ripgrep.nix
|
programs: ripgrep: sandbox with bwrap instead of landlock
|
2024-02-20 23:32:54 +00:00 |
sane-scripts.nix
|
programs: sane-secrets-*: sandbox
|
2024-02-20 23:31:39 +00:00 |
sfeed.nix
|
programs: sfeed: sandbox
|
2024-02-19 14:14:59 +00:00 |
signal-desktop.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
splatmoji.nix
|
programs: splatmoji: document the sandboxing approach
|
2024-02-16 03:46:48 +00:00 |
spot.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
spotify.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
steam.nix
|
steam: use wrapped package as system steam
|
2024-01-23 00:59:23 +00:00 |
stepmania.nix
|
rearrange /mnt structure for host-based subdirs
|
2024-02-06 05:48:11 +00:00 |
strings.nix
|
programs: strings: fix sandboxing
|
2024-02-16 15:32:41 +00:00 |
sublime-music.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
supertuxkart.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
swaylock.nix
|
sway: define without using nixos "programs.sway"
|
2024-02-15 14:25:27 +00:00 |
swaynotificationcenter.nix
|
programs: configure auto-launching programs to only start *after* graphical-session.target
|
2024-02-19 12:58:08 +00:00 |
tangram.nix
|
programs: explicitly depend on dconf instead of manually persisting dconf's dirs
|
2024-02-20 23:39:27 +00:00 |
tor-browser.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
tuba.nix
|
programs: messengers (fractal, signal, dino, tuba): add media libraries to the sandbox
|
2024-02-15 00:49:24 +00:00 |
vlc.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
waylock.nix
|
programs: sandbox {s,}waylock lockscreen
|
2024-02-14 08:48:03 +00:00 |
wike.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
wine.nix
|
remove samba from closure
|
2024-02-01 15:28:40 +00:00 |
wireshark.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
xarchiver.nix
|
programs: xarchiver: sandbox
|
2024-02-18 07:07:29 +00:00 |
xdg-desktop-portal-gtk.nix
|
xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us
|
2024-02-19 13:44:23 +00:00 |
xdg-desktop-portal-wlr.nix
|
xdg-desktop-portal-{gtk,wlr}: start via service manager, with ordered deps, instead of letting dbus activate it for us
|
2024-02-19 13:44:23 +00:00 |
xdg-desktop-portal.nix
|
xdg-desktop-portal: fix it to find all the portal configs again
|
2024-02-19 12:58:08 +00:00 |
xdg-utils.nix
|
xdg-utils: re-add mimetype package
|
2024-02-13 12:31:04 +00:00 |
zeal.nix
|
programs: zeal: disable sandboxing
|
2024-02-16 10:32:49 +00:00 |
zecwallet-lite.nix
|
programs: zecwallet-lite: move to own file
|
2024-01-01 15:17:51 +00:00 |