Colin 8029744c90 modules/programs: don't expose *all* of /run/secrets/home to every program ...

this was actually causing a lot of bwrap errors because that directory's not user-readable

turns out any program which already uses programs.xyz.secrets gets the /run/secrets mounts for free via symlink following

2024-03-02 18:51:39 +00:00

..

data

feeds: add "FullTimeNix" podcast :)

2024-02-12 00:09:49 +00:00

fs

assorted static-nix-shell packages: use srcRoot

2024-02-25 17:37:38 +00:00

lib

modules/programs: handle more symlink forms when calculating a program's sandbox closure

2024-02-24 11:47:39 +00:00

persist

modules/persist: ensure that the mountpoint for the private store is created at boot

2024-02-25 07:51:24 +00:00

programs

modules/programs: don't expose *all* of /run/secrets/home to every program

2024-03-02 18:51:39 +00:00

services

nix-serve: fix coredump loop

2024-01-19 21:34:45 +00:00

default.nix

warnings.nix: port to a proper module

2024-02-20 11:19:12 +00:00

dns.nix

trust-dns: rework the module to be more suitable for upstreaming

2023-07-02 08:21:33 +00:00

feeds.nix

feeds: add support for video; subscribe to videos in gpodder

2023-12-06 15:36:05 +00:00

ids.nix

ids: improve docs

2023-01-08 06:54:29 +00:00

image.nix

image: allow configuring the sector size

2023-11-08 16:42:25 +00:00

ports.nix

ports: fix systemd RandomizedDelaySec typo

2023-12-12 02:14:27 +00:00

root-on-tmpfs.nix

sane.persist.root-on-tmpfs -> sane.root-on-tmpfs

2023-11-09 00:15:04 +00:00

sops.nix

impermanence: split out sops setup

2022-12-30 04:31:24 +00:00

ssh.nix

fix "rescue" host to eval again

2024-02-28 14:19:45 +00:00

users.nix

types.string -> types.str

2024-02-21 00:25:44 +00:00

vpn.nix

sane-vpn: port away from systemd so that i can use it as an ordinary user (no sudo)

2024-02-20 22:21:02 +00:00

warnings.nix

types.string -> types.str

2024-02-21 00:25:44 +00:00

wowlan.nix

s/types.string/types.str/

2023-10-17 22:46:02 +00:00