dsg/vmsilo
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
vmsilo/modules
History
Davíð Steinn Geirsson 75ffcde7f6 Harden host-netvm isolation, simplify services, refactor dbus-proxy 
Security: add nftables input chain to block VMs with netvm="host" from
connecting to host services (only established/related return traffic
allowed). Cap notification active_ids to 1000 entries to prevent
unbounded growth from leaked IDs.

Simplify: replace 4 writeShellScript cleanup wrappers with inline rm,
break up balloond ExecStart one-liner for readability.

Refactor dbus-proxy: extract ConnectionState struct to reduce
run_event_loop from 11 to 6 parameters, add shared pixel format module
(argb_to_rgba/rgba_to_argb) eliminating duplicate conversions in icon.rs
and notifications.rs. Run cargo fmt.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 12:09:44 +00:00
..
lib Sandbox virtiofsd services with namespace isolation and hardening 2026-03-25 11:48:20 +00:00
assertions.nix refactor: simplify options - new defaults, remove globals, restructure GPU 2026-03-23 18:35:36 +00:00
css-colors.nix feat(tray): add tray proxy for VM system tray integration 2026-02-17 23:29:42 +00:00
default.nix Add device tray for USB passthrough management 2026-03-24 17:26:31 +00:00
desktop.nix Replace Python processDesktopScript with desktop-file tool 2026-03-24 00:11:29 +00:00
netvm.nix Open firewall ports for DNS on netvm downstream interfaces 2026-03-19 15:26:07 +00:00
networking.nix Harden host-netvm isolation, simplify services, refactor dbus-proxy 2026-03-25 12:09:44 +00:00
options.nix Sandbox virtiofsd services with namespace isolation and hardening 2026-03-25 11:48:20 +00:00
overlay.nix Enable colored border for notifications from VMs 2026-03-21 19:18:29 +00:00
package.nix Disable Baloo file indexing by default 2026-03-23 16:07:29 +00:00
pci.nix refactor(nix-module): split config.nix into focused modules 2026-02-13 21:35:57 +00:00
scripts.nix Sandbox virtiofsd services with namespace isolation and hardening 2026-03-25 11:48:20 +00:00
services.nix Harden host-netvm isolation, simplify services, refactor dbus-proxy 2026-03-25 12:09:44 +00:00
tray.nix Use icon_pixmap for tray icon instead of icon_name theme lookup 2026-03-24 18:10:15 +00:00
usb.nix cleanup: remove vmsilo-start-* scripts, rename vmsilo-usb to vm-usb, fix vm-run output 2026-03-22 16:51:57 +00:00