nix-files/TODO.md at 3a942ad8a4cca457b602efcfa6fdc3a7bfe3a378

Colin 3a942ad8a4 add TODO: fix nur evaluation

2023-05-17 07:32:27 +00:00

BUGS:

allow any host to take the role of uninsane.org
- will make it easier to test new services?

validate duplicity backups!
encrypt more ~ dirs (~/archives, ~/records, ..?)
- best to do this after i know for sure i have good backups
have sane.programs be wrapped such that they run in a cgroup?
- at least, only give them access to the portion of the fs they need.
- Android takes approach of giving each app its own user: could hack that in here.
canaries for important services
- e.g. daily email checks; daily backup checks

firefox/librewolf: don't show browserpass/sponsorblock/metamask "first run" on every boot
moby: improve gPodder launch time
moby: replace jellyfin-desktop with jellyfin-vue?
- allows (maybe) to cache media for offline use
- "newer" jellyfin client
- not packaged for nix
find a nice desktop ActivityPub client
package Nix/NixOS docs for Zeal
- install doc-browser
- this supports both dash (zeal) and the datasets from https://devdocs.io (which includes nix!)
- install devhelp (gnome)
auto-mount servo
have xdg-open parse `repo:... URIs (or adjust them so that it can parse)

why does nixos-rebuild switch take 5 minutes when net is flakey?
- trying to auto-mount servo?
- something to do with systemd services restarting/stalling
- maybe wireguard & its refresh operation, specifically?
fix OOM for large builds like webkitgtk
- these use significant /tmp space.
- either place /tmp on encrypted-cleared-at-boot storage
  - which probably causes each CPU load for the encryption
- or set up encrypted swap
  - encrypted swap could remove the need for my encrypted-cleared-at-boot stuff