fix: reintroduce firejail
This commit is contained in:
parent
c00ca43565
commit
a67898ceab
1 changed files with 56 additions and 1 deletions
|
|
@ -88,7 +88,62 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
# Firejail
|
# Firejail
|
||||||
# TODO: add this back
|
programs.firejail = {
|
||||||
|
enable = true;
|
||||||
|
wrappedBinaries = {
|
||||||
|
vesktop = {
|
||||||
|
executable = "${pkgs.vesktop}/bin/vesktop";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/vesktop.profile";
|
||||||
|
extraArgs = [
|
||||||
|
"--ignore=dbus-system"
|
||||||
|
"--ignore=nodbus"
|
||||||
|
|
||||||
|
"--dbus-user.talk=org.freedesktop.Notifications"
|
||||||
|
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
|
||||||
|
|
||||||
|
"--dbus-user.talk=org.freedesktop.portal.Desktop"
|
||||||
|
"--dbus-user.talk=org.freedesktop.portal.ScreenCast"
|
||||||
|
"--dbus-user.talk=org.freedesktop.portal.Documents"
|
||||||
|
|
||||||
|
"--noblacklist=/run/user/[0-9]*/discord-ipc-*"
|
||||||
|
"--whitelist=/run/user/[0-9]*/discord-ipc-*"
|
||||||
|
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
"--noblacklist=~/Pictures"
|
||||||
|
"--noblacklist=~/Documents"
|
||||||
|
"--whitelist=~/Pictures"
|
||||||
|
"--whitelist=~/Documents"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
firefox = {
|
||||||
|
executable = "${pkgs.firefox}/bin/firefox";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
|
||||||
|
extraArgs = [
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
signal-desktop-bin = {
|
||||||
|
executable = "${pkgs.signal-desktop-bin}/bin/signal-desktop";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
|
||||||
|
extraArgs = [
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
"--noblacklist=~/Pictures"
|
||||||
|
"--noblacklist=~/Documents"
|
||||||
|
"--whitelist=~/Pictures"
|
||||||
|
"--whitelist=~/Documents"
|
||||||
|
"--dbus-user.talk=org.freedesktop.Notifications"
|
||||||
|
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
obsidian = {
|
||||||
|
executable = "${pkgs.obsidian}/bin/obsidian";
|
||||||
|
profile = "${pkgs.firejail}/etc/firejail/obsidian.profile";
|
||||||
|
extraArgs = [
|
||||||
|
"--env=GTK_THEME=Adwaita:dark"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# Enable the KDE Plasma Desktop Environment.
|
# Enable the KDE Plasma Desktop Environment.
|
||||||
# I keep this enabled even if I main Hyprland because of QT.
|
# I keep this enabled even if I main Hyprland because of QT.
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue