| .. |
|
alsa-ucm-conf
|
alsa-ucm-pinephone-pmos: prefer the earpiece over the "internal speaker"
|
2024-05-27 14:13:56 +00:00 |
|
blast-ugjka
|
refactor: sandboxing: replace manual --sanebox-keep-namespace pid config with isolatePids = false
|
2024-05-29 12:56:46 +00:00 |
|
conky
|
sane-battery-estimate: sandbox
|
2024-05-28 09:41:04 +00:00 |
|
deadd-notification-center
|
deadd-notification-center: add to sane.programs
|
2024-03-08 04:06:18 +00:00 |
|
gnome-keyring
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
htop
|
htop: include "PRIORITY" column
|
2024-04-23 12:01:15 +00:00 |
|
koreader
|
koreader: fix sandboxing so that i can open links again
|
2024-04-24 01:02:02 +00:00 |
|
mimeo
|
applications: hide .desktop files which arent meant to be user-visible
|
2024-05-12 17:43:07 +00:00 |
|
mpv
|
mpv: relax sandboxing for the sake of subtitle downloading
|
2024-05-28 09:37:57 +00:00 |
|
rofi
|
login: remove systemd pam integration (so it doesnt try, and fail, to start the user manager)
|
2024-05-29 15:42:39 +00:00 |
|
sane-input-handler
|
moby: cleanup bonsai <-> sway circular dependency (slightly)
|
2024-05-30 12:43:09 +00:00 |
|
sway
|
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
|
2024-06-02 11:22:03 +00:00 |
|
sway-autoscaler
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
swaynotificationcenter
|
refactor: sandboxing: replace manual --sanebox-keep-namespace pid config with isolatePids = false
|
2024-05-29 12:56:46 +00:00 |
|
unl0kr
|
login: remove systemd pam integration (so it doesnt try, and fail, to start the user manager)
|
2024-05-29 15:42:39 +00:00 |
|
waybar
|
remove lingering references to sxmo
|
2024-05-27 00:38:30 +00:00 |
|
zsh
|
zsh: port to sane.programs
|
2024-05-18 08:10:34 +00:00 |
|
abaddon.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
aerc.nix
|
packages: reduce the number of packages which are using inplace sandbox wrapping
|
2024-02-28 17:35:40 +00:00 |
|
alacritty.nix
|
alacritty: configure font size per-host
|
2024-03-06 05:07:30 +00:00 |
|
animatch.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
assorted.nix
|
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
|
2024-06-02 11:22:03 +00:00 |
|
audacity.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
ausyscall.nix
|
ship ausyscall binary
|
2024-06-01 12:17:08 +00:00 |
|
bemenu.nix
|
login: remove systemd pam integration (so it doesnt try, and fail, to start the user manager)
|
2024-05-29 15:42:39 +00:00 |
|
bonsai.nix
|
moby: cleanup bonsai <-> sway circular dependency (slightly)
|
2024-05-30 12:43:09 +00:00 |
|
brave.nix
|
brave: fix sandboxing under pasta/netns
|
2024-05-26 13:05:44 +00:00 |
|
brightnessctl.nix
|
brightnessctl: disable unused dbus access
|
2024-06-01 12:09:51 +00:00 |
|
bubblewrap.nix
|
nits: update --replace uses to --replace-{fail,quiet} as appropriate
|
2024-03-24 12:49:18 +00:00 |
|
callaudiod.nix
|
callaudiod: fix to not start before dbus/pipewire are up (avoids coredump on boot)
|
2024-05-30 06:07:08 +00:00 |
|
calls.nix
|
calls/callaudiod: update documentation
|
2024-05-18 20:55:16 +00:00 |
|
cantata.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
|
catt.nix
|
programs: enable catt
|
2023-12-14 08:41:16 +00:00 |
|
celeste64.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
chatty.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
cozy.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
cups.nix
|
programs: ship cups
|
2024-04-14 03:33:55 +00:00 |
|
curlftpfs.nix
|
curlftpfs: document sandbox attempt
|
2024-04-23 09:08:05 +00:00 |
|
dbus.nix
|
dbus: dont consider the service "up" until the unix pipe actually appears
|
2024-05-30 11:04:02 +00:00 |
|
dconf.nix
|
programs: ensure things which depend on sound or wayland are ordered after it
|
2024-05-30 04:55:05 +00:00 |
|
default.nix
|
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
|
2024-06-02 11:22:03 +00:00 |
|
dialect.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
dino.nix
|
nixpkgs: 2024-04-28 -> 2024-05-08; nixpkgs-wayland, sops-nix
|
2024-05-09 05:26:23 +00:00 |
|
dissent.nix
|
nits: update --replace uses to --replace-{fail,quiet} as appropriate
|
2024-03-24 12:49:18 +00:00 |
|
dtrx.nix
|
feeds: podcasts: add Tech Tales
|
2024-04-19 21:46:03 +00:00 |
|
eg25-control.nix
|
hosts: networking: switch to using nixos NetworkManager/ModemManager/etc, just patched for hardening
|
2024-06-02 11:22:03 +00:00 |
|
element-desktop.nix
|
element-desktop: update electron_28 -> electron_29
|
2024-05-14 22:32:56 +00:00 |
|
engrampa.nix
|
engrampa: remove custom patch (upstream released a new version)
|
2024-03-24 07:46:22 +00:00 |
|
epiphany.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
errno.nix
|
errno: simplify
|
2024-06-01 14:48:55 +00:00 |
|
evince.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
fcitx5.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
feedbackd.nix
|
feedbackd: fix so it depends on pipewire before launch
|
2024-03-26 13:48:13 +00:00 |
|
firefox.nix
|
firefox: replace i-still-dont-care-about-cookies extension with a uBlock filter list
|
2024-05-27 07:43:55 +00:00 |
|
flare-signal.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
fontconfig.nix
|
remove lingering references to sxmo
|
2024-05-27 00:38:30 +00:00 |
|
fractal.nix
|
fractal-latest: purge (unused package)
|
2024-05-19 21:16:06 +00:00 |
|
frozen-bubble.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
fwupd.nix
|
modules/programs: require manual definition; don't auto-populate attrset
|
2024-02-28 13:35:09 +00:00 |
|
g4music.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
gajim.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
|
gdbus.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
geary.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
git.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
gnome-clocks.nix
|
gnome-clocks: fix sound an sandboxing artifacts
|
2024-05-14 01:21:37 +00:00 |
|
gnome-feeds.nix
|
programs: remove wantedBy from the fs, and make it implicit
|
2023-05-08 21:41:02 +00:00 |
|
gnome-maps.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
gnome-weather.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
go2tv.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
gpodder.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
grimshot.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
gst-device-monitor.nix
|
gst-device-monitor: bundle more gstreamer plugins to improve node detection
|
2024-05-20 09:59:08 +00:00 |
|
gthumb.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
gvfs.nix
|
gvfs: enable as part of nautilus, not sway
|
2024-04-13 20:29:24 +00:00 |
|
handbrake.nix
|
nixpkgs: 2024-05-26 -> 2024-05-31, nixpkgs-wayland -> 2024-05-31
|
2024-05-31 06:09:03 +00:00 |
|
helix.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
|
imagemagick.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
jellyfin-media-player.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
kdenlive.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
komikku.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
lemoa.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
less.nix
|
less: sandbox
|
2024-03-02 07:11:45 +00:00 |
|
lftp.nix
|
programs: ship lftp ftp client
|
2024-04-18 04:17:10 +00:00 |
|
libreoffice.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
loupe.nix
|
loupe: associate with avif filetype
|
2024-04-09 19:22:59 +00:00 |
|
mako.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
megapixels.nix
|
refactor: sandboxing: replace manual --sanebox-keep-namespace pid config with isolatePids = false
|
2024-05-29 12:56:46 +00:00 |
|
mepo.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
mmcli.nix
|
modemmanager: fix missing mmcli binary in service definition
|
2024-06-01 15:41:14 +00:00 |
|
mopidy.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
msmtp.nix
|
programs: ship msmtp sendmail implementation
|
2023-07-01 00:28:59 +00:00 |
|
nautilus.nix
|
gvfs: disable (it was broken)
|
2024-05-29 18:39:31 +00:00 |
|
neovim.nix
|
nixpkgs: 2024-05-16 -> 2024-05-23, nixpkgs-wayland, sops-nix, uninsane-dot-org
|
2024-05-24 02:57:53 +00:00 |
|
newsflash.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
nheko.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
|
nicotine-plus.nix
|
firejail: purge
|
2024-05-25 10:21:31 +00:00 |
|
nix-index.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
nmcli.nix
|
networkmanager/modemmanager: ship separate packages for the daemon and CLI tools
|
2024-05-31 23:26:16 +00:00 |
|
notejot.nix
|
notejot: fix sandboxing
|
2024-05-28 03:59:31 +00:00 |
|
ntfy-sh.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
objdump.nix
|
programs: ship objdump
|
2024-04-13 20:29:24 +00:00 |
|
obsidian.nix
|
mime: support multiple implementors of the same association, with different priorities
|
2023-07-15 10:11:31 +00:00 |
|
offlineimap.nix
|
secrets: rename "universal" -> "common" to match the language of hosts/
|
2023-05-14 08:52:43 +00:00 |
|
open-in-mpv.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
pipewire.nix
|
pipewire: build without systemd
|
2024-05-30 08:44:11 +00:00 |
|
planify.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
playerctl.nix
|
users/services: implement dbus readiness checks for s6-rc
|
2024-03-21 17:16:11 +00:00 |
|
portfolio-filemanager.nix
|
gvfs: disable (it was broken)
|
2024-05-29 18:39:31 +00:00 |
|
rhythmbox.nix
|
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
|
2023-11-08 15:33:15 +00:00 |
|
ripgrep.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
rtkit.nix
|
WIP: pipewire: trying to tune so lima doesnt crash
|
2024-04-24 09:20:13 +00:00 |
|
s6-rc.nix
|
s6-rc: fix persist.byStore.persist typo
|
2024-05-14 04:16:50 +00:00 |
|
sane-open.nix
|
sway: patch to use a narrower sandbox
|
2024-05-29 18:24:59 +00:00 |
|
sane-screenshot.nix
|
sane-screenshot: give it permissions to my screenshots dir (derp)
|
2024-03-02 06:14:05 +00:00 |
|
sane-scripts.nix
|
remove lingering references to sxmo
|
2024-05-27 00:38:30 +00:00 |
|
sane-theme.nix
|
sane-theme: disable sandbox
|
2024-05-30 16:54:10 +00:00 |
|
sanebox.nix
|
sanebox: tighter dependency handling, to not rely on @BACKEND_FALLBACK@
|
2024-05-25 10:26:36 +00:00 |
|
schlock.nix
|
swaylock, schlock: convert to services
|
2024-05-07 15:02:46 +00:00 |
|
seatd.nix
|
seatd: patch sandboxing for desko
|
2024-05-29 19:42:45 +00:00 |
|
sfeed.nix
|
remove lingering references to sxmo
|
2024-05-27 00:38:30 +00:00 |
|
shadow.nix
|
login: remove systemd pam integration (so it doesnt try, and fail, to start the user manager)
|
2024-05-29 15:42:39 +00:00 |
|
signal-desktop.nix
|
signal-desktop: remove NIXOS_OZONE_WL=1 hack (no longer required)
|
2024-05-15 00:10:00 +00:00 |
|
splatmoji.nix
|
splatmoji: actually install the .desktop files
|
2024-03-01 18:03:45 +00:00 |
|
spot.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
spotify.nix
|
programs: sandboxing: only permit wayland socket access to those specific apps which require it
|
2024-02-14 01:49:49 +00:00 |
|
steam.nix
|
steam: fix controllers to work in the sandbox
|
2024-03-03 20:03:20 +00:00 |
|
stepmania.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
strings.nix
|
packages: reduce the number of packages which are using inplace sandbox wrapping
|
2024-02-28 17:35:40 +00:00 |
|
sublime-music.nix
|
programs: allow running binaries in a netns-style firejail
|
2024-01-20 11:11:12 +00:00 |
|
supertuxkart.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
swayidle.nix
|
swaylock, schlock: convert to services
|
2024-05-07 15:02:46 +00:00 |
|
swaylock.nix
|
swaylock, schlock: convert to services
|
2024-05-07 15:02:46 +00:00 |
|
sysvol.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
tangram.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
tor-browser.nix
|
packages: reduce the number of packages which are using inplace sandbox wrapping
|
2024-02-28 17:35:40 +00:00 |
|
tuba.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
vlc.nix
|
assorted programs: specify sandbox.autodetectCliPaths variant more precisely than just true
|
2024-05-28 07:14:27 +00:00 |
|
waylock.nix
|
programs: make sandbox.wrapperType default to "wrappedDerivation" and remove everywhere i manually set that
|
2024-02-28 17:39:00 +00:00 |
|
wike.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
wine.nix
|
remove samba from closure
|
2024-02-01 15:28:40 +00:00 |
|
wireplumber.nix
|
wireplumber: undo the enableSystemd=false patch
|
2024-05-30 16:50:53 +00:00 |
|
wireshark.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
wvkbd.nix
|
users/services: simplify the before/after/wantedBy criteria, to match s6 concepts
|
2024-03-21 17:16:11 +00:00 |
|
xarchiver.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
xdg-desktop-portal-gtk.nix
|
sanebox: remove all profile-related features except for direct, path-based profile loading
|
2024-05-15 09:13:20 +00:00 |
|
xdg-desktop-portal-wlr.nix
|
xdg-desktop-portal-wlr: propery document its dependency on pipewire
|
2024-04-02 09:01:35 +00:00 |
|
xdg-desktop-portal.nix
|
login: remove systemd pam integration (so it doesnt try, and fail, to start the user manager)
|
2024-05-29 15:42:39 +00:00 |
|
xdg-terminal-exec.nix
|
applications: hide .desktop files which arent meant to be user-visible
|
2024-05-12 17:43:07 +00:00 |
|
xdg-utils.nix
|
xdg-utils: re-add mimetype package
|
2024-02-13 12:31:04 +00:00 |
|
zathura.nix
|
programs: set buildCost=1 for assorted low-priority programs
|
2024-05-13 22:45:33 +00:00 |
|
zeal.nix
|
programs: buildCost: introduce a new level between min and light
|
2024-05-13 22:45:33 +00:00 |
|
zecwallet-lite.nix
|
programs: zecwallet-lite: move to own file
|
2024-01-01 15:17:51 +00:00 |
|
zulip.nix
|
programs: ship zulip
|
2024-05-04 08:28:48 +00:00 |
