firejail: remove chat apps

modules/core/hardening.nix

@@ -34,22 +34,10 @@ in {
   # required to run chromium
   security.chromiumSuidSandbox.enable = true;
 
-  # enable firejail
-  programs.firejail.enable = true;
-
   # create system-wide executables firefox and chromium
   # that will wrap the real binaries so everything
   # work out of the box.
-  programs.firejail.wrappedBinaries = {
+  programs.firejail.enable = true;
-    firefox = {
-      executable = "${pkgs.lib.getBin pkgs.firefox}/bin/firefox";
-      profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
-    };
-    ungoogled-chromium = {
-      executable = "${pkgs.lib.getBin pkgs.ungoogled-chromium}/bin/chromium";
-      profile = "${pkgs.firejail}/etc/firejail/chromium.profile";
-    };
-  };
 
   # enable antivirus clamav and
   # keep the signatures' database updated

modules/desktop-extended/default.nix

@@ -11,14 +11,12 @@ in {
   hardware.logitech.wireless.enable = true;
 
   users.users."${psCfg.user.name}".packages = with pkgs; [
-    ungoogled-chromium
     wine
 
     gimp
     present-md
     inkscape
     gpxsee
-    digikam
     nix-output-monitor
     tigervnc
     nodejs
@@ -28,8 +26,6 @@ in {
     signal-desktop
     tdesktop
     element-desktop
-    cinny-desktop
-    irssi
 
     # Nix specific utilities
     alejandra
@@ -39,6 +35,25 @@ in {
     nvd
   ];
 
+  programs.firejail.wrappedBinaries = {
+    chromium = {
+      executable = "${pkgs.lib.getBin pkgs.ungoogled-chromium}/bin/chromium";
+      profile = "${pkgs.firejail}/etc/firejail/chromium.profile";
+    };
+    # signal-desktop = {
+    #   executable = "${pkgs.lib.getBin pkgs.signal-desktop}/bin/signal-desktop";
+    #   profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
+    # };
+    # telegram-desktop = {
+    #   executable = "${pkgs.lib.getBin pkgs.tdesktop}/bin/telegram-desktop";
+    #   profile = "${pkgs.firejail}/etc/firejail/telegram-desktop.profile";
+    # };
+    # element-desktop = {
+    #   executable = "${pkgs.lib.getBin pkgs.element-desktop}/bin/element-desktop";
+    #   profile = "${pkgs.firejail}/etc/firejail/element-desktop.profile";
+    # };
+  };
+
   fonts = {
     packages = with pkgs; [
       dejavu_fonts

modules/graphical/default.nix

@@ -88,7 +88,6 @@ in {
 
     users.users."${psCfg.user.name}".packages = with pkgs; [
       alacritty
-      firefox-wayland
       flameshot
       gnome.adwaita-icon-theme
       gnome.eog
@@ -103,6 +102,13 @@ in {
       wcwd
     ];
 
+    programs.firejail.wrappedBinaries = {
+      firefox = {
+        executable = "${pkgs.lib.getBin pkgs.firefox-wayland}/bin/firefox";
+        profile = "${pkgs.firejail}/etc/firejail/firefox.profile";
+      };
+    };
+
     home-manager.users."${psCfg.user.name}" = {
       home.file."xinitrc".source = ./.xinitrc;
       xdg.configFile."alacritty/alacritty.yml".source = yamlFormat.generate "alacritty.yml" (import ./alacritty.nix);

modules/persistence/default.nix

@@ -8,7 +8,6 @@
       "/var/lib/nixos"
       "/var/lib/systemd/coredump"
       "/etc/NetworkManager/system-connections"
-      "/etc/firejail"
     ];
 
     files = [