| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Adds two generated 256x256 hicolor PNG icons under
~/.local/share/icons/hicolor/256x256/apps/ and wires them up:
* Icon=teams-{sii,xsight} -> launcher / waybar / sway use them
* --appIcon=<absolute path> -> electron tray icon picks them up
(teams-for-linux respects this flag)
The flatpak override script gains a --filesystem=xdg-data/icons:ro
binding for com.github.IsmaelMartinez.teams_for_linux so the absolute
icon path is reachable from inside the sandbox.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
usevia.app uses WebHID to talk to /dev/hidraw* directly. Two layers
were blocking it:
1. Host: no udev rule existed for ZSA boards, so /dev/hidraw nodes
were root-only. Add etc/udev/rules.d/50-zsa.rules covering the ZSA
VID 3297 (ErgoDox EZ / Moonlander / Voyager) with TAG+=uaccess so
logind grants the active session user access. Also include the two
bootloader VIDs used during firmware flashing for completeness.
2. Sandbox: the chromium flatpak only sees /dev/dri by default. Add a
--device=all override (flatpak has no finer-grained device knob).
The host udev rule still gates which hidraw nodes the user can
actually open, so this isn't a meaningful escalation.
Also wire `udevadm control --reload && udevadm trigger` into the etc
deploy script so rule changes apply without a reboot or replug.
|
| |
|
|
|
|
|
|
| |
flatpak refuses '/usr/share/fonts' ("Path /usr is reserved") and
auto-mounts host fonts to /run/host/fonts and ~/.local/share/fonts to
/run/host/user-fonts already. The override was a no-op. The remaining
emoji/nerd-glyph rendering issue in browsers is browser-side font
fallback, not flatpak sandboxing.
|
| |
|
|
|
|
|
|
| |
LibreWolf and ungoogled-chromium were rendering emoji and nerd-font
glyphs as tofu because flatpaks don't see /usr/share/fonts by default.
Apply a global override (no app argument) granting read-only access to
the system font dirs and the user's fontconfig. noto-fonts-emoji is
already in meta/fonts.txt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- wofi config: key_up/key_down accept Up,k / Down,j; Ctrl-u/Ctrl-d for
page jumps. Picker scripts auto-load this since they only pass --style.
- waybar webcam glyph: U+F0D5D (camera/photo, looked Instagram-y) ->
U+F0567 nf-md-video (handheld video camera).
- Clipboard picker migrated from fuzzel to wofi for consistency with the
notification picker. New driver dot_config/waybar/clip-picker.sh:
pick (Mod+p) Enter pastes, Alt-d deletes
delete (Mod+Shift+p) Enter deletes
No clipboard "read" indicator: Wayland has no API for observing reads.
- Emoji picker: bemoji on Mod+period, driven through wofi (so vim nav
applies there too) and configured to type + copy via wtype.
- LibreWolf flatpak: --device=all override so v4l2 webcams work. Flatpak
has no finer-grained device flag.
- KEYBINDS.md updated: Mod+p / Mod+Shift+p now describe wofi behavior;
Mod+period documented.
|
|
|
Defense-in-depth for the cross-sandbox handoff vector: when the
LibreWolf/Thunderbird flatpaks open a downloaded PDF or video via the
OpenURI portal, the receiving app currently runs natively with full
$HOME access — defeating part of the browser/mail isolation.
- meta/flatpak.txt: add org.pwmt.zathura, io.mpv.Mpv
- meta/wayland.txt: drop native zathura + zathura-pdf-mupdf
- meta/media.txt: keep native mpv (streamlink, /tmp/mpvsocket IPC,
fast yt-dlp) — flatpak mpv is *additional*, only as the mimeapps
default for video/audio to receive sandboxed handoffs
- dot_config/mimeapps.list: rewrite mpv.desktop -> io.mpv.Mpv.desktop,
zathura-pdf-mupdf.desktop -> org.pwmt.zathura.desktop, and replace
stale userapp-Thunderbird-* entries with org.mozilla.Thunderbird.desktop
- run_onchange_after_deploy-flatpak-overrides.sh.tmpl (new):
--filesystem=xdg-config/{zathura,mpv}:ro so the flatpaks read our
chezmoi-managed configs as a single source of truth
- README: media row + new deploy-script row
Manual one-shot on host: chezmoi apply -v.
The pteid bridge already iterates a flatpak app list, so cartão de
cidadão remains correctly registered for the Mozilla flatpaks. Native
mpv config (input-ipc-server) keeps working since each flatpak has its
own /tmp; no socket collision.
|
sommerfeld