discord blocking!
This commit is contained in:
parent
3a29e3975e
commit
48cb9f9e7c
3 changed files with 100 additions and 1 deletions
|
@ -8,11 +8,12 @@ let
|
||||||
inherit (config.grimmShared) enable tooling graphical;
|
inherit (config.grimmShared) enable tooling graphical;
|
||||||
inherit (lib)
|
inherit (lib)
|
||||||
optional
|
optional
|
||||||
optionals
|
|
||||||
getBin
|
getBin
|
||||||
getExe
|
getExe
|
||||||
concatLines
|
concatLines
|
||||||
getExe'
|
getExe'
|
||||||
|
escapeRegex
|
||||||
|
getVersion
|
||||||
mkIf
|
mkIf
|
||||||
;
|
;
|
||||||
|
|
||||||
|
@ -216,6 +217,87 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
vesktop_deny = mkIf (graphical) {
|
||||||
|
name = "vesktop-deny";
|
||||||
|
enabled = true;
|
||||||
|
action = "deny";
|
||||||
|
precedence = false;
|
||||||
|
duration = "always";
|
||||||
|
operator = {
|
||||||
|
type ="regexp";
|
||||||
|
sensitive = false;
|
||||||
|
operand = "process.command";
|
||||||
|
data = "/nix/store/[a-z0-9]{32}-electron-unwrapped-${escapeRegex (getVersion pkgs.electron)}/libexec/electron/electron.*${escapeRegex "${pkgs.vesktop}/opt/Vesktop/resources/app.asar"}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
vesktop_allow = mkIf (graphical) {
|
||||||
|
name = "vesktop-allow";
|
||||||
|
enabled = true;
|
||||||
|
action = "allow";
|
||||||
|
precedence = true;
|
||||||
|
duration = "always";
|
||||||
|
operator = {
|
||||||
|
type = "list";
|
||||||
|
operand = "list";
|
||||||
|
list = [
|
||||||
|
{
|
||||||
|
type ="regexp";
|
||||||
|
sensitive = false;
|
||||||
|
operand = "process.command";
|
||||||
|
data = "/nix/store/[a-z0-9]{32}-electron-unwrapped-${escapeRegex (getVersion pkgs.electron)}/libexec/electron/electron.*${escapeRegex "${pkgs.vesktop}/opt/Vesktop/resources/app.asar"}";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
type = "lists";
|
||||||
|
operand = "lists.domains_regexp";
|
||||||
|
data = ./discord_hosts;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
vesktop_daemon_deny = mkIf (graphical) {
|
||||||
|
name = "vesktop-daemon-deny";
|
||||||
|
enabled = true;
|
||||||
|
action = "deny";
|
||||||
|
precedence = false;
|
||||||
|
duration = "always";
|
||||||
|
operator = {
|
||||||
|
type ="regexp";
|
||||||
|
sensitive = false;
|
||||||
|
operand = "process.command";
|
||||||
|
data = "/nix/store/[a-z0-9]{32}-electron-unwrapped-${escapeRegex (getVersion pkgs.electron)}/libexec/electron/electron.*${escapeRegex "--utility-sub-type=network.mojom.NetworkService"}.*--user-data-dir=/home/.+/\.config/vesktop.+";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
vesktop_daemon_allow = mkIf (graphical) {
|
||||||
|
name = "vesktop-daemon-allow";
|
||||||
|
enabled = true;
|
||||||
|
action = "allow";
|
||||||
|
precedence = true;
|
||||||
|
duration = "always";
|
||||||
|
operator = {
|
||||||
|
type = "list";
|
||||||
|
operand = "list";
|
||||||
|
list = [
|
||||||
|
{
|
||||||
|
type ="regexp";
|
||||||
|
sensitive = false;
|
||||||
|
operand = "process.command";
|
||||||
|
data = "/nix/store/[a-z0-9]{32}-electron-unwrapped-${escapeRegex (getVersion pkgs.electron)}/libexec/electron/electron.*${escapeRegex "--utility-sub-type=network.mojom.NetworkService"}.*--user-data-dir=/home/.+/\.config/vesktop.+";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
type = "lists";
|
||||||
|
operand = "lists.domains_regexp";
|
||||||
|
data = ./discord_hosts;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
avahi = mkIf (config.services.avahi.enable) {
|
avahi = mkIf (config.services.avahi.enable) {
|
||||||
name = "avahi";
|
name = "avahi";
|
||||||
enabled = true;
|
enabled = true;
|
||||||
|
|
11
common/tooling/opensnitch/discord_hosts/hosts.list
Normal file
11
common/tooling/opensnitch/discord_hosts/hosts.list
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
cloudflare.com
|
||||||
|
discordapp.com
|
||||||
|
discordapp.net
|
||||||
|
discord.gg
|
||||||
|
discord.com
|
||||||
|
vencord.dev
|
||||||
|
|
||||||
|
github.com
|
||||||
|
githubusercontent.com
|
||||||
|
scdn.co
|
||||||
|
spotify.com
|
6
overlays/vesktop.nix
Normal file
6
overlays/vesktop.nix
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
{ prev, ... }:
|
||||||
|
{
|
||||||
|
vesktop = prev.vesktop.override {
|
||||||
|
withTTS = false;
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue