From 7ba974a044f950527cbe4bc09d5eaa83cde0900b Mon Sep 17 00:00:00 2001
From: SqrtMinusOne <thexcloud@gmail.com>
Date: Wed, 9 Aug 2023 17:55:50 +0500
Subject: [PATCH] feat(guix): try opensnitch

---
 .config/shepherd/init.scm | 22 ++++++++++++++++++++--
 Desktop.org               | 32 ++++++++++++++++++++++++++++++--
 2 files changed, 50 insertions(+), 4 deletions(-)

diff --git a/.config/shepherd/init.scm b/.config/shepherd/init.scm
index bb1daef..c71fa8a 100644
--- a/.config/shepherd/init.scm
+++ b/.config/shepherd/init.scm
@@ -104,6 +104,20 @@
     #:start (make-forkexec-constructor '("vnstatd" "-n"))
     #:stop (make-kill-destructor)))
 
+(define opensnitchd
+  (make <service>
+    #:provides '(opensnitchd)
+    #:respawn? #t
+    #:start (make-forkexec-constructor '("sudo" "opensnitchd"))
+    #:stop (make-kill-destructor)))
+
+(define opensnitch-ui
+  (make <service>
+    #:provides '(opensnitch-ui)
+    #:respawn? #t
+    #:start (make-forkexec-constructor '("sudo" "opensnitch-ui"))
+    #:stop (make-kill-destructor)))
+
 (register-services
  mpd
  sqrt-data-agent-mpd
@@ -119,7 +133,9 @@
  davmail
  ;; xmodmap
  nm-applet
- vnstatd)
+ vnstatd
+ opensnitchd
+ opensnitch-ui)
 
 (action 'shepherd 'daemonize)
 
@@ -136,4 +152,6 @@
                   davmail
                   ; xmodmap
                   nm-applet
-                  vnstatd))
+                  vnstatd
+                  opensnitchd
+                  opensnitch-ui))
diff --git a/Desktop.org b/Desktop.org
index 5c73169..5c50ddc 100644
--- a/Desktop.org
+++ b/Desktop.org
@@ -4046,6 +4046,30 @@ Run my [[file:Guix.org::*OpenVPN][OpenVPN setup]]. Not lauching this automatiall
     #:start (make-forkexec-constructor '("vnstatd" "-n"))
     #:stop (make-kill-destructor)))
 #+end_src
+** opensnitch
+[[https://github.com/evilsocket/opensnitch][opensnitch]] is a linux firewall.
+
+Install it via nix:
+#+begin_src bash :tangle no
+nix-env -I opensnitchd opensnitch-ui
+#+end_src
+
+#+begin_src scheme
+(define opensnitchd
+  (make <service>
+    #:provides '(opensnitchd)
+    #:respawn? #t
+    #:start (make-forkexec-constructor '("sudo" "opensnitchd"))
+    #:stop (make-kill-destructor)))
+
+(define opensnitch-ui
+  (make <service>
+    #:provides '(opensnitch-ui)
+    #:respawn? #t
+    #:start (make-forkexec-constructor '("sudo" "opensnitch-ui"))
+    #:stop (make-kill-destructor)))
+#+end_src
+
 ** Shepherd config
 For some reason, running start on a one-shot service started to hang shepherd, not sure why... Turining these off for now.
 
@@ -4066,7 +4090,9 @@ Register services:
  davmail
  ;; xmodmap
  nm-applet
- vnstatd)
+ vnstatd
+ opensnitchd
+ opensnitch-ui)
 #+end_src
 
 Daemonize shepherd
@@ -4089,7 +4115,9 @@ Run services
                   davmail
                   ; xmodmap
                   nm-applet
-                  vnstatd))
+                  vnstatd
+                  opensnitchd
+                  opensnitch-ui))
 #+end_src
 * Guix settings
 Other desktop programs I use are listed below.