opensnitch: add rules for many programs

adds rules for:
- systemd-timesyncd
- nsncd
- firefox
- nix
- steam
- electron (apps like obsidian and vesktop)
- prismlauncher
- speech dispatcher

modules/linux/opensnitch.nix

@@ -8,6 +8,117 @@
       LogLevel = 2;
       Stats.MaxEvents = 3;
     };
+
+    rules = {
+      "systemd-timesyncd" = {
+        "name" = "systemd-timesyncd";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.systemd}/lib/systemd/systemd-timesyncd";
+        };
+      };
+      "nsncd" = {
+        "name" = "nsncd";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.nsncd}/bin/nsncd";
+        };
+      };
+      "firefox" = {
+        "name" = "firefox";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.firefox}/bin/firefox";
+        };
+      };
+      "firefox-regexp" = {
+        "name" = "firefox2";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "regexp";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "/nix/store/[aA0-zZ9]*-firefox-.*/.*"; # im too lazy smh
+        };
+      };
+      "nix" = {
+        "name" = "nix";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.nix}/bin/nix";
+        };
+      };
+      "steam" = {
+        "name" = "steam";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "regexp";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "^/home/[aA0-zZ9]*/.local/share/Steam/(ubuntu12_[0-9][0-9]|linux[0-9][0-9])/steam.*";
+        };
+      };
+      "electron" = {
+        "name" = "electron";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.electron}/libexec/electron/electron";
+        };
+      };
+      "prismlauncher" = {
+        "name" = "prismlauncher";
+        "enabled" = true;
+        "action" = "allow";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.prismlauncher-unwrapped}/bin/prismlauncher";
+        };
+      };
+      "speech-dispatcher" = {
+        "name" = "speech-dispatcher";
+        "enabled" = true;
+        "action" = "block";
+        "duration" = "always";
+        "operator" = {
+          "type" = "simple";
+          "sensitive" = false;
+          "operand" = "process.path";
+          "data" = "${pkgs.speechd}/bin/speech-dispatcher";
+        };
+      };
+    };
   };
 
   environment.systemPackages = [