X-Git-Url: https://git.rmz.io/dotfiles.git/blobdiff_plain/fca32c6973b8018b929dfa72d3015c3199204968..6b26cd88e19a47b65fe17a429a70e18c9580d036:/mkosi/kodi/mkosi.nspawn

diff --git a/mkosi/kodi/mkosi.nspawn b/mkosi/kodi/mkosi.nspawn
index 09493bc..c3b14ff 100644
--- a/mkosi/kodi/mkosi.nspawn
+++ b/mkosi/kodi/mkosi.nspawn
@@ -1,21 +1,30 @@
 [Exec]
 PrivateUsers=no
-Capability=all
-SystemCallFilter=@default @raw-io @system-service @known
+
+[Network]
+Bridge=br0
 
 [Files]
 # binds host kodi home folder into nspawn
 Bind=/var/lib/kodi
 
+# media
+Bind=/mnt/fook/Movies
+Bind=/mnt/fook/Series
+Bind=/mnt/fook/games
+Bind=/mnt/fook/usenet
+Bind=/mnt/fook/torrents
+
 # device access
-Bind=/dev/bus/usb
-Bind=/dev/dri
-Bind=/dev/input
-Bind=/dev/lirc0
 Bind=/dev/tty0
 Bind=/dev/tty1
-Bind=/dev/vga_arbiter
-Bind=/lib/modules
+BindReadOnly=/dev/dri
+BindReadOnly=/dev/input
+BindReadOnly=/dev/uinput
+# libinput reads this to know about devices
+BindReadOnly=/run/udev
+BindReadOnly=/dev/lirc0
+BindReadOnly=/dev/vga_arbiter
 # pulse need to be started in system mode with the following module and option:
 # load-module module-native-protocol auth-authorize-anonymous
 BindReadOnly=/run/pulse