aboutsummaryrefslogtreecommitdiffstatshomepage
Commit message (Expand)AuthorAgeFilesLines
* feat(nix): unify rootless podman across host and VMLibravatar sommerfeld47 hours4-40/+61
* chore(nix): flake.lock update (home-manager)Libravatar sommerfeld47 hours1-7/+7
* chore(nix): pin home-manager to release-26.05 (match nixpkgs)Libravatar sommerfeld47 hours1-1/+6
* chore(nix): flake.lock update (home-manager, tuicr)Libravatar sommerfeld9 days1-6/+6
* feat(nix/common): expose run-clang-tidy missing from nixpkgs clang-toolsLibravatar sommerfeld9 days1-1/+21
* refactor(meta/nvidia): drop linux-headers (covered by base kernels)Libravatar sommerfeld9 days1-1/+0
* feat(kernel): swap stock linux for linux-lts as fallback kernelLibravatar sommerfeld9 days5-33/+46
* feat(etc/resolved): forward single-label queries upstreamLibravatar sommerfeld9 days1-0/+8
* refactor(eer): install external-editor-revived via nix on the hostLibravatar sommerfeld9 days4-19/+38
* refactor(flatpak): route mpv and thunderbird via flatpak; drop system pkgsLibravatar sommerfeld9 days10-23/+29
* chore(nix): flake.lock update (tuicr)Libravatar sommerfeld9 days1-3/+3
* chore(thunderbird): switch flatpak app id to org.mozilla.thunderbirdLibravatar sommerfeld9 days8-21/+21
* refactor(suspend): drop SSH session inhibit; AC rule handles itLibravatar sommerfeld9 days1-20/+0
* refactor(suspend): gate suspend on AC, drop bespoke zellij inhibitLibravatar sommerfeld9 days8-126/+33
* fix(suspend): make zellij inhibit watcher resilient to local-only sessionsLibravatar sommerfeld9 days2-15/+59
* feat(suspend): re-enable suspend on s2idle, drop diagnostic scaffoldingLibravatar sommerfeld9 days11-51/+36
* fix(suspend): switch hardened to s2idle, keep console alive, archive pstoreLibravatar sommerfeld9 days2-1/+2
* fix(suspend): load intel_lpss_pci from initramfs (Arch wiki touchpad fix)Libravatar sommerfeld9 days3-6/+5
* feat(suspend): hardened-only init_on_free=0 + hang-detection cmdlineLibravatar sommerfeld9 days4-2/+9
* feat(suspend): disable system suspend until hardened kernel resume issue is f...Libravatar sommerfeld9 days5-21/+47
* fix(suspend): only inhibit for SSH-spawned zellij sessionsLibravatar sommerfeld9 days3-13/+37
* fix(iwd): revert MAC randomization — broke DHCPLibravatar sommerfeld9 days1-23/+0
* feat(suspend): hold inhibit lock while any zellij session existsLibravatar sommerfeld9 days5-5/+65
* feat(zsh): inhibit suspend while an SSH session is activeLibravatar sommerfeld9 days1-0/+17
* feat(suspend): bounce snx-rs around system sleepLibravatar sommerfeld9 days2-0/+48
* feat(podman): switch rootless storage driver to btrfsLibravatar sommerfeld9 days4-4/+19
* fix(hardened): restore podman compatibility on linux-hardenedLibravatar sommerfeld9 days2-0/+8
* docs(bootstrap): also suggest fallback UKI EFI entriesLibravatar sommerfeld9 days1-1/+7
* Revert "refactor(boot): drop linux-hardened-fallback UKI"Libravatar sommerfeld9 days1-1/+4
* refactor(boot): drop linux-hardened-fallback UKILibravatar sommerfeld9 days1-4/+1
* docs(bootstrap): mention optional linux-hardened EFI entryLibravatar sommerfeld9 days1-0/+4
* feat(sandbox): bwrap wrappers for mpv, yt-dlp, streamlinkLibravatar sommerfeld9 days5-0/+75
* feat(boot): add linux-hardened as parallel UKILibravatar sommerfeld9 days2-0/+21
* feat(iwd): per-SSID MAC randomisationLibravatar sommerfeld9 days1-0/+23
* feat(polkit): restrict systemd + udisks system actions to active local sessionsLibravatar sommerfeld9 days2-0/+26
* feat(sysctl): kernel info-disclosure + ICMP/IPv6 RA hardeningLibravatar sommerfeld9 days1-1/+39
* chore(nix): flake.lock update (home-manager, nixpkgs, tuicr)Libravatar sommerfeld9 days1-9/+9
* fix(nix): tuicr switched to packages.${system}.default schemaLibravatar sommerfeld9 days1-3/+1
* fix(nftables): waydroid DHCP/DNS ingress, drop manual NAT tableLibravatar sommerfeld2026-05-221-19/+9
* fix(sway): disable shortcut inhibitor for waydroid windowsLibravatar sommerfeld2026-05-221-0/+1
* fix(nftables): add MASQUERADE for waydroid0Libravatar sommerfeld2026-05-221-3/+19
* Revert "fix(sysctl): enable net.ipv4.ip_forward for NAT bridges"Libravatar sommerfeld2026-05-221-5/+0
* fix(sysctl): enable net.ipv4.ip_forward for NAT bridgesLibravatar sommerfeld2026-05-221-0/+5
* fix(net): positive-match physical NICs into bond0Libravatar sommerfeld2026-05-221-14/+9
* fix(net): keep waydroid0 out of bond0, allow it through nftablesLibravatar sommerfeld2026-05-222-2/+10
* feat(tuicr): side-by-side diff, mouse, space leaderLibravatar sommerfeld2026-05-221-0/+3
* feat(tuicr): configure gruvbox-dark themeLibravatar sommerfeld2026-05-222-0/+4
* fix(ssh): make agent.sock symlink concurrent-connection-safeLibravatar sommerfeld2026-05-222-13/+32
* feat(zsh): recover Arch site-functions + HELPDIR after removing system zshLibravatar sommerfeld2026-05-221-3/+18
* fix(nix,zsh): tuicr flake schema + restore XDG_DATA_DIRSLibravatar sommerfeld2026-05-223-2/+132
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-07 08:44:16 +0000