diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml index eded224..1900b0e 100644 --- a/.github/workflows/build-machines-and-homes.yml +++ b/.github/workflows/build-machines-and-homes.yml @@ -7,11 +7,11 @@ env: ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }} NIX_CONFIG: | show-trace = true - extra-substituters = https://cache.cy7.sh/main + extra-substituters = https://cdn.cy7.sh/main extra-trusted-public-keys = main:Ku31HoEWcBtfggge2VGj+QTkVrQuIwRIMGyfV/5VQP0= experimental-features = nix-command flakes - extra-experimental-features = nix-command flakes accept-flake-config = true + system-features = nixos-test benchmark big-parallel kvm TERM: ansi jobs: build-machines: @@ -37,41 +37,29 @@ jobs: remove-docker-images: 'true' build-mount-path: /nix - name: Install Nix - uses: nixbuild/nix-quick-install-action@master + uses: cachix/install-nix-action@v30 - name: Sync repository uses: actions/checkout@v4 with: persist-credentials: false - - name: Restore and cache Nix store - uses: nix-community/cache-nix-action@v5.1.0 - with: - # restore and save a cache using this key - primary-key: nix-${{ runner.os }}-${{ matrix.machine }}-${{ hashFiles('**/*.nix', 'flake.lock') }} - # if there's no cache hit, restore a cache by this prefix - restore-prefixes-first-match: nix-${{ runner.os }}-${{ matrix.machine }}- - # do purge caches - purge: true - # purge all versions of the cache - purge-prefixes: nix-${{ runner.os }}- - # created more than this number of seconds ago relative to the start of the `Post Restore` phase - purge-last-accessed: 86400 - # except the version with the `primary-key`, if it exists - purge-primary-key: never - # always save the cache - save-always: true - name: setup attic run: | nix profile install github:zhaofengli/attic attic login cy7 https://cache.cy7.sh "$ATTIC_TOKEN" - - name: build and cache + - name: build run: | package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" nix build -L "$package" + - name: cache + if: always() + run: | + package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" derivation="$(nix path-info --derivation "$package")" cache="$(nix-store --query --requisites --include-outputs "$derivation")" - attic push main --stdin <<< "$cache" + xargs attic push main <<< "$cache" build-homes: strategy: + fail-fast: false matrix: home: - yt@ytnix @@ -92,36 +80,24 @@ jobs: remove-codeql: 'true' remove-docker-images: 'true' build-mount-path: /nix - - uses: nixbuild/nix-quick-install-action@master + - name: Install Nix + uses: cachix/install-nix-action@v30 - name: Sync repository uses: actions/checkout@v4 with: persist-credentials: false - - name: Restore and cache Nix store - uses: nix-community/cache-nix-action@v5.1.0 - with: - # restore and save a cache using this key - primary-key: nix-${{ runner.os }}-${{ matrix.home }}-${{ hashFiles('**/*.nix', 'flake.lock') }} - # if there's no cache hit, restore a cache by this prefix - restore-prefixes-first-match: nix-${{ runner.os }}-${{ matrix.home }}- - # do purge caches - purge: true - # purge all versions of the cache - purge-prefixes: nix-${{ runner.os }}- - # created more than this number of seconds ago relative to the start of the `Post Restore` phase - purge-last-accessed: 86400 - # except the version with the `primary-key`, if it exists - purge-primary-key: never - # always save the cache - save-always: true - name: setup attic run: | nix profile install github:zhaofengli/attic attic login cy7 https://cache.cy7.sh "$ATTIC_TOKEN" - - name: build and cache + - name: build run: | package=".#homeConfigurations."${{ matrix.home }}".activationPackage" nix build -L "$package" + - name: cache + if: always() + run: | + package=".#homeConfigurations."${{ matrix.home }}".activationPackage" derivation="$(nix path-info --derivation "$package")" cache="$(nix-store --query --requisites --include-outputs "$derivation")" - attic push main --stdin <<< "$cache" + xargs attic push main <<< "$cache" diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index d23da13..1d23fe9 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -10,10 +10,9 @@ env: ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }} NIX_CONFIG: | show-trace = true - extra-substituters = https://cache.cy7.sh/main + extra-substituters = https://cdn.cy7.sh/main extra-trusted-public-keys = main:Ku31HoEWcBtfggge2VGj+QTkVrQuIwRIMGyfV/5VQP0= experimental-features = nix-command flakes - extra-experimental-features = nix-command flakes accept-flake-config = true TERM: ansi jobs: @@ -42,10 +41,11 @@ jobs: attic login cy7 https://cache.cy7.sh "$ATTIC_TOKEN" - run: nix build -L ${{ matrix.package }} - name: cache result + if: always() run: | derivation="$(nix path-info --derivation "${{ matrix.package }}")" cache="$(nix-store --query --requisites --include-outputs "$derivation")" - attic push main --stdin <<< "$cache" + xargs attic push main <<< "$cache" - name: prepare tarball to upload run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result - name: upload result diff --git a/flake.lock b/flake.lock index bd1a4e5..ddda4b4 100644 --- a/flake.lock +++ b/flake.lock @@ -92,11 +92,11 @@ "complement": { "flake": false, "locked": { - "lastModified": 1741378155, - "narHash": "sha256-rJSfqf3q4oWxcAwENtAowLZeCi8lktwKVH9XQvvZR64=", + "lastModified": 1741891349, + "narHash": "sha256-YvrzOWcX7DH1drp5SGa+E/fc7wN3hqFtPbqPjZpOu1Q=", "owner": "girlbossceo", "repo": "complement", - "rev": "1502a00d8551d0f6e8954a23e43868877c3e57d9", + "rev": "e587b3df569cba411aeac7c20b6366d03c143745", "type": "github" }, "original": { @@ -131,11 +131,11 @@ "rocksdb": "rocksdb" }, "locked": { - "lastModified": 1741642109, - "narHash": "sha256-vO66C3rCb4lz3NU012fZj8+5BaFGuOCq/BJqiOXpqSA=", + "lastModified": 1742266954, + "narHash": "sha256-PoVjZXR24r1WPyWWK+DZDAlVr4otn/BcxY7/jd8fehM=", "owner": "girlbossceo", "repo": "conduwuit", - "rev": "c4b05e77f3dd66636e26b64f8f4852703816c399", + "rev": "7bf92c8a3710eeff229bd86bc81a89daa94b66d5", "type": "github" }, "original": { @@ -146,11 +146,11 @@ }, "crane": { "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "lastModified": 1742317686, + "narHash": "sha256-ScJYnUykEDhYeCepoAWBbZWx2fpQ8ottyvOyGry7HqE=", "owner": "ipetkov", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "rev": "66cb0013f9a99d710b167ad13cbd8cc4e64f2ddb", "type": "github" }, "original": { @@ -361,11 +361,11 @@ ] }, "locked": { - "lastModified": 1741360584, - "narHash": "sha256-5UkuvKllBRhU943imyc0jHDXQDVhIFx5WWUr3qrLEWQ=", + "lastModified": 1742243551, + "narHash": "sha256-hp2tKtJHW/vbiIT4hRhP8cfZEACAWZ92lCdaO9WEi2E=", "owner": "deuxfleurs-org", "repo": "garage", - "rev": "c96be1a9a8aa3b51075678888b80c2414ead2909", + "rev": "6906a4ff12838da2a74bdaeb7e7cd05cd1d69699", "type": "github" }, "original": { @@ -448,6 +448,30 @@ "type": "github" } }, + "helix": { + "inputs": { + "flake-utils": [ + "flake-utils" + ], + "nixpkgs": "nixpkgs_4", + "rust-overlay": [ + "rust-overlay" + ] + }, + "locked": { + "lastModified": 1742479163, + "narHash": "sha256-YC0zdGyZMu7seA2Jm1mxtcxE4lSeVwvCPMfWzJ8+o/c=", + "owner": "helix-editor", + "repo": "helix", + "rev": "b7d735ffe66a03ab5970e5f860923aada50d4e4c", + "type": "github" + }, + "original": { + "owner": "helix-editor", + "repo": "helix", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -455,11 +479,11 @@ ] }, "locked": { - "lastModified": 1741701235, - "narHash": "sha256-gBlb8R9gnjUAT5XabJeel3C2iEUiBHx3+91651y3Sqo=", + "lastModified": 1742305478, + "narHash": "sha256-iYCinzZnnUeCkZ031qGRwPdwRsqW6o9Y0MgGpA7Zva4=", "owner": "nix-community", "repo": "home-manager", - "rev": "c630dfa8abcc65984cc1e47fb25d4552c81dd37e", + "rev": "fb74bb76d94a6c55632376c931fc108131260ee9", "type": "github" }, "original": { @@ -564,29 +588,17 @@ } }, "lix": { - "inputs": { - "flake-compat": [ - "flake-compat" - ], - "nix2container": "nix2container", - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-regression": "nixpkgs-regression", - "pre-commit-hooks": "pre-commit-hooks" - }, + "flake": false, "locked": { - "lastModified": 1741700536, - "narHash": "sha256-0OJER7bI6UsCFnKfKdLtgjpOTNccbN3N1dDriP4XRwA=", - "ref": "refs/heads/main", - "rev": "be1491fa6aef638e0147b81ff172131d6db668d9", - "revCount": 17635, - "type": "git", - "url": "https://git.lix.systems/lix-project/lix" + "lastModified": 1741888409, + "narHash": "sha256-gJ7QmlwsJ/QdwUjwTjifNo3v7OBQm2N6xa19l3mMWM4=", + "rev": "20edd45ae816c73504ddfb9c678756e003ceeafd", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/20edd45ae816c73504ddfb9c678756e003ceeafd.tar.gz?rev=20edd45ae816c73504ddfb9c678756e003ceeafd" }, "original": { - "type": "git", - "url": "https://git.lix.systems/lix-project/lix" + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/main.tar.gz" } }, "lix-module": { @@ -595,19 +607,17 @@ "flake-utils" ], "flakey-profile": "flakey-profile", - "lix": [ - "lix" - ], + "lix": "lix", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1738176840, - "narHash": "sha256-NG3IRvRs3u3btVCN861FqHvgOwqcNT/Oy6PBG86F5/E=", + "lastModified": 1741894565, + "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", "ref": "refs/heads/main", - "rev": "621aae0f3cceaffa6d73a4fb0f89c08d338d729e", - "revCount": 133, + "rev": "a6da43f8193d9e329bba1795c42590c27966082e", + "revCount": 136, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -727,11 +737,11 @@ ] }, "locked": { - "lastModified": 1741619381, - "narHash": "sha256-koZtlJRqi0/MD/AKd0KrXLA2NuBOVzlIyAJprjzpxZE=", + "lastModified": 1742174123, + "narHash": "sha256-pDNzMoR6m1ZSJToZQ6XDTLVSdzIzmFl1b8Pc3f7iV6Y=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "66537fb185462ba9b07f4e6f2d54894a1b2d04ab", + "rev": "2cfb4e1ca32f59dd2811d7a6dd5d4d1225f0955c", "type": "github" }, "original": { @@ -747,11 +757,11 @@ ] }, "locked": { - "lastModified": 1741597901, - "narHash": "sha256-nLUTgXXcFFz+3pd3Khz1H4jUECqX5+OapNPGioPJRQs=", + "lastModified": 1742204505, + "narHash": "sha256-sHBzuG9K/VrvOrcLd9GwoCLaQZDVedi/00YmFfdKq/A=", "owner": "nix-community", "repo": "nix-ld", - "rev": "8e0308dd7dd9cd3656866fb2387bc29052fd6d3a", + "rev": "bc1ecb8ca83507c764a3909f02f1acf53c033585", "type": "github" }, "original": { @@ -760,22 +770,6 @@ "type": "github" } }, - "nix2container": { - "flake": false, - "locked": { - "lastModified": 1724996935, - "narHash": "sha256-njRK9vvZ1JJsP8oV2OgkBrpJhgQezI03S7gzskCcHos=", - "owner": "nlewo", - "repo": "nix2container", - "rev": "fa6bb0a1159f55d071ba99331355955ae30b3401", - "type": "github" - }, - "original": { - "owner": "nlewo", - "repo": "nix2container", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1730531603, @@ -792,22 +786,6 @@ "type": "github" } }, - "nixpkgs-regression": { - "locked": { - "lastModified": 1643052045, - "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", - "type": "github" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1730741070, @@ -826,11 +804,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1741600792, - "narHash": "sha256-yfDy6chHcM7pXpMF4wycuuV+ILSTG486Z/vLx/Bdi6Y=", + "lastModified": 1742268799, + "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", "owner": "nixos", "repo": "nixpkgs", - "rev": "ebe2788eafd539477f83775ef93c3c7e244421d3", + "rev": "da044451c6a70518db5b730fe277b70f494188f1", "type": "github" }, "original": { @@ -874,11 +852,27 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1741692589, - "narHash": "sha256-t1BrOTAUIkRY4YlSspERzz5iaFbzJTIE6mhLmnWrDaA=", + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a7010334ad6d8082bb8aa5dd2e37bf3b98b1a713", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1742276595, + "narHash": "sha256-bsg9y3NoMGu0jgTI5XbxvzQFc9JtZB51i500WlVws80=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2b3795787eba0066a2bc8bba7362422e5713840f", "type": "github" }, "original": { @@ -899,11 +893,11 @@ "nuschtosSearch": "nuschtosSearch" }, "locked": { - "lastModified": 1741637833, - "narHash": "sha256-1uBkdOwxNmkdXXjoycnEBZUoHZ/22GitQRVXjZlsVK0=", + "lastModified": 1742255305, + "narHash": "sha256-XxygfriVXQt+5Iqh6AOjZL5Aes5dH2xzVKpHpL8pDQg=", "owner": "nix-community", "repo": "nixvim", - "rev": "bc34099731a7e3799c0d52ccdf4599409a2ef9b9", + "rev": "78f6166c23f80bdfbcc8c44b20f7f4132299a33f", "type": "github" }, "original": { @@ -967,22 +961,6 @@ "type": "github" } }, - "pre-commit-hooks": { - "flake": false, - "locked": { - "lastModified": 1733318908, - "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "6f4e2a2112050951a314d2733a994fbab94864c6", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -1035,14 +1013,14 @@ "flake-parts": "flake-parts_2", "flake-utils": "flake-utils", "garage": "garage", + "helix": "helix", "home-manager": "home-manager", "lanzaboote": "lanzaboote", - "lix": "lix", "lix-module": "lix-module", "nil": "nil", "nix-index-database": "nix-index-database", "nix-ld": "nix-ld", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-stable": "nixpkgs-stable_2", "nixvim": "nixvim", "nvim-github-theme": "nvim-github-theme", @@ -1077,11 +1055,11 @@ ] }, "locked": { - "lastModified": 1741660300, - "narHash": "sha256-0jldJ58sC5RjqwpwE+ER+RPMeX4Moz5im/evQ3SU/dU=", + "lastModified": 1742265167, + "narHash": "sha256-RB0UEF9IXIgwuuBFC+s9H4rDyvmMZePHlBAK4vRAwf4=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "ac2f556db0eb5cbba3c4f5f5989c46330f439b0b", + "rev": "87f0965f9f5b13fca9f38074eee8369dc767550d", "type": "github" }, "original": { @@ -1097,11 +1075,11 @@ ] }, "locked": { - "lastModified": 1741644481, - "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", + "lastModified": 1742239755, + "narHash": "sha256-ptn8dR4Uat3UUadGYNnB7CIH9SQm8mK69D2A/twBUXQ=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e653d71e82575a43fe9d228def8eddb73887b866", + "rev": "787afce414bcce803b605c510b60bf43c11f4b55", "type": "github" }, "original": { @@ -1147,11 +1125,11 @@ ] }, "locked": { - "lastModified": 1739829690, - "narHash": "sha256-mL1szCeIsjh6Khn3nH2cYtwO5YXG6gBiTw1A30iGeDU=", + "lastModified": 1742303424, + "narHash": "sha256-2R7cGdcA2npQQcIWu2cTlU63veTzwVZe78BliIuJT00=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "3d0579f5cc93436052d94b73925b48973a104204", + "rev": "b3b938ab8ba2e8a0ce9ee9b30ccfa5e903ae5753", "type": "github" }, "original": { @@ -1170,11 +1148,11 @@ ] }, "locked": { - "lastModified": 1741704640, - "narHash": "sha256-FSvtxhfB0PQtFOj8PMfcgUG1QVaQzjTZvAxLiqDysKI=", + "lastModified": 1742262692, + "narHash": "sha256-kCuy1Fld1vFmor6SZ48DdtiLv9/zUhW8lCaTA+Py+es=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "27f37976beb94100b18ab8407ff056654db68506", + "rev": "32de9a383db6b555ac92877dd8b5b986f4151de7", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 494ce4f..54a1b90 100644 --- a/flake.nix +++ b/flake.nix @@ -51,12 +51,6 @@ url = "git+https://git.lix.systems/lix-project/nixos-module"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; - inputs.lix.follows = "lix"; - }; - lix = { - url = "git+https://git.lix.systems/lix-project/lix"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.flake-compat.follows = "flake-compat"; }; nix-ld = { url = "github:nix-community/nix-ld"; @@ -98,6 +92,11 @@ flake-utils.follows = "flake-utils"; }; }; + helix = { + url = "github:helix-editor/helix"; + inputs.flake-utils.follows = "flake-utils"; + inputs.rust-overlay.follows = "rust-overlay"; + }; nvim-github-theme = { url = "github:projekt0n/github-nvim-theme"; @@ -113,17 +112,12 @@ nixConfig = { extra-substituters = [ "https://nix-community.cachix.org" - "https://cache.garnix.io" - "https://cything.cachix.org" - "https://cache.cy7.sh/main" + "https://cdn.cy7.sh/main" ]; extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "cything.cachix.org-1:xqW1W5NNL+wrM9wfSELb0MLj/harD2ZyB4HbdaMyvPI=" "main:Ku31HoEWcBtfggge2VGj+QTkVrQuIwRIMGyfV/5VQP0=" ]; - builders-use-substitutes = true; }; outputs = diff --git a/home/codium.nix b/home/codium.nix index 935866b..28c3a6e 100644 --- a/home/codium.nix +++ b/home/codium.nix @@ -22,6 +22,7 @@ emilast.logfilehighlighter tamasfe.even-better-toml golang.go + ms-python.python ]; userSettings = let diff --git a/home/nixvim/default.nix b/home/nixvim/default.nix index 94895c1..0ce28d6 100644 --- a/home/nixvim/default.nix +++ b/home/nixvim/default.nix @@ -71,41 +71,6 @@ key = ""; mode = "i"; } - # quick chat with copilot - { - key = "ccq"; - action.__raw = '' - function() - local input = vim.fn.input("Quick chat: ") - if input ~= "" then - require("CopilotChat").ask(input, { selection = require("CopilotChat.select").buffer }) - end - end - ''; - mode = [ - "n" - "v" - ]; - } - # ask perplexity a quick question - { - key = "ccs"; - action.__raw = '' - function() - local input = vim.fn.input("Perplexity: ") - if input ~= "" then - require("CopilotChat").ask(input, { - agent = "perplexityai", - selection = false, - }) - end - end - ''; - mode = [ - "n" - "v" - ]; - } ]; plugins.cmp = { @@ -198,8 +163,8 @@ }; rust_analyzer = { enable = true; - installRustc = true; - installCargo = true; + installRustc = false; + installCargo = false; }; eslint.enable = true; }; diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix index 5d60a6d..6ce06ec 100644 --- a/home/yt/ytnix.nix +++ b/home/yt/ytnix.nix @@ -60,7 +60,6 @@ unzip anki-bin trezorctl - trezor-agent q gdb fuzzel @@ -100,9 +99,10 @@ nix-output-monitor wl-clipboard-rs pixelflasher - element-desktop + cinny-desktop freetube gopls + rust-analyzer ]; home.sessionVariables = { @@ -113,13 +113,13 @@ RUSTC_WRAPPER = "${lib.getExe pkgs.sccache}"; SCCACHE_BUCKET = "sccache"; SCCACHE_REGION = "us-east-1"; - SCCACHE_ENDPOINT = "https://e3e97aac307d106a7becea43cef8fcbd.r2.cloudflarestorage.com"; + SCCACHE_ENDPOINT = "https://s3.cy7.sh"; SCCACHE_ALLOW_CORE_DUMPS = "true"; SCCACHE_S3_USE_SSL = "true"; SCCACHE_CACHE_MULTIARCH = "true"; SCCACHE_LOG = "warn"; AWS_DEFAULT_REGION = "us-east-1"; - AWS_ENDPOINT_URL = "https://e3e97aac307d106a7becea43cef8fcbd.r2.cloudflarestorage.com"; + AWS_ENDPOINT_URL = "https://s3.cy7.sh"; AWS_ACCESS_KEY_ID = "$(cat /run/secrets/aws/key_id)"; AWS_SECRET_ACCESS_KEY = "$(cat /run/secrets/aws/key_secret)"; @@ -152,4 +152,17 @@ }; programs.nix-index-database.comma.enable = true; + programs.helix = { + enable = true; + settings = { + theme = "github_dark"; + editor = { + line-number = "relative"; + lsp.display-messages = true; + }; + keys.insert = { + "C-[" = "normal_mode"; + }; + }; + }; } diff --git a/home/zsh/default.nix b/home/zsh/default.nix index 9b5bcc6..e599f0d 100644 --- a/home/zsh/default.nix +++ b/home/zsh/default.nix @@ -92,7 +92,7 @@ "s" = "sudo"; "nrs" = "sudo nixos-rebuild switch -L --flake . --log-format internal-json -v |& nom --json"; "nrt" = "sudo nixos-rebuild test -L --flake . --log-format internal-json -v |& nom --json"; - "hrs" = "home-manager switch -L --flake . |& nom --json"; + "hrs" = "home-manager switch -L --flake ."; "g" = "git"; "ga" = "git add"; "gaa" = "git add --all"; diff --git a/hosts/chunk/garage.nix b/hosts/chunk/garage.nix index 1620a67..81b4af3 100644 --- a/hosts/chunk/garage.nix +++ b/hosts/chunk/garage.nix @@ -16,7 +16,7 @@ db_engine = "lmdb"; disable_scrub = true; block_size = "10M"; - compression_level = 3; + compression_level = "none"; }; environmentFile = config.sops.secrets."garage/env".path; }; diff --git a/hosts/chunk/rclone.nix b/hosts/chunk/rclone.nix index a3faaa2..09f5b18 100644 --- a/hosts/chunk/rclone.nix +++ b/hosts/chunk/rclone.nix @@ -15,9 +15,16 @@ serviceConfig = { Type = "notify"; ExecStartPre = "/usr/bin/env mkdir -p /mnt/photos"; - ExecStart = "${lib.getExe pkgs.rclone} mount --config ${ - config.sops.secrets."rclone/config".path - } --cache-dir /var/cache/rclone --transfers=32 --checkers=32 --dir-cache-time 72h --vfs-cache-mode writes --vfs-cache-max-size 2G photos: /mnt/photos "; + ExecStart = '' + ${lib.getExe pkgs.rclone} mount \ + --config ${config.sops.secrets."rclone/config".path} \ + --cache-dir /var/cache/rclone \ + --transfers=32 \ + --dir-cache-time 30d \ + --vfs-cache-mode writes \ + --vfs-cache-max-size 2G \ + photos: /mnt/photos + ''; ExecStop = "${lib.getExe' pkgs.fuse "fusermount"} -u /mnt/photos"; }; }; @@ -37,10 +44,17 @@ --config ${config.sops.secrets."rclone/config".path} \ --allow-other \ --cache-dir /var/cache/rclone \ - --transfers=32 --checkers=32 \ - --vfs-cache-mode writes \ - --vfs-cache-max-size 5G \ + --transfers 32 \ + --vfs-cache-mode full \ + --vfs-cache-min-free-space 5G \ --dir-cache-time 30d \ + --no-checksum \ + --no-modtime \ + --vfs-fast-fingerprint \ + --vfs-read-chunk-size 4M \ + --vfs-read-chunk-streams 64 \ + --sftp-concurrency 128 \ + --sftp-chunk-size 255k \ rsyncnet:garage /mnt/garage ''; ExecStop = "${lib.getExe' pkgs.fuse "fusermount"} -u /mnt/garage"; diff --git a/hosts/common.nix b/hosts/common.nix index 0fb2fc6..7067008 100644 --- a/hosts/common.nix +++ b/hosts/common.nix @@ -10,18 +10,12 @@ "@wheel" ]; trusted-public-keys = [ - "niri.cachix.org-1:Wv0OmO7PsuocRKzfDoJ3mulSl7Z6oezYhGhR+3W2964=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" - "cything.cachix.org-1:xqW1W5NNL+wrM9wfSELb0MLj/harD2ZyB4HbdaMyvPI=" "main:Ku31HoEWcBtfggge2VGj+QTkVrQuIwRIMGyfV/5VQP0=" ]; - substituters = [ - "https://niri.cachix.org" + extra-substituters = [ "https://nix-community.cachix.org" - "https://cache.garnix.io" - "https://cything.cachix.org" - "https://cache.cy7.sh/main" + "https://cdn.cy7.sh/main" ]; }; channel.enable = false; @@ -35,9 +29,6 @@ persistent = true; options = "--delete-older-than 14d"; }; - extraOptions = '' - builders-use-substitutes = true - ''; registry.nixpkgs.flake = inputs.nixpkgs; }; diff --git a/modules/attic.nix b/modules/attic.nix index b24820b..c08afe1 100644 --- a/modules/attic.nix +++ b/modules/attic.nix @@ -18,10 +18,10 @@ in settings = { listen = "[::]:8091"; api-endpoint = "https://cache.cy7.sh/"; - allowed-hosts = [ "cache.cy7.sh" ]; + allowed-hosts = [ "cache.cy7.sh" "cdn.cy7.sh" ]; require-proof-of-possession = false; compression = { - type = "zstd"; + type = "none"; level = 3; }; database.url = "postgresql:///atticd?host=/run/postgresql"; @@ -39,9 +39,12 @@ in }; }; - services.caddy.virtualHosts."cache.cy7.sh".extraConfig = '' - import common - reverse_proxy localhost:8091 - ''; + services.caddy.virtualHosts."cache.cy7.sh" = { + serverAliases = [ "cdn.cy7.sh" ]; + extraConfig = '' + import common + reverse_proxy localhost:8091 + ''; + }; }; } diff --git a/modules/caddy.nix b/modules/caddy.nix index 6b46cb5..131edf3 100644 --- a/modules/caddy.nix +++ b/modules/caddy.nix @@ -21,7 +21,7 @@ in # (still need the @ to pass nix config check) "github.com/caddy-dns/cloudflare@v0.0.0-20240703190432-89f16b99c18e" ]; - hash = "sha256-jCcSzenewQiW897GFHF9WAcVkGaS/oUu63crJu7AyyQ="; + hash = "sha256-W09nFfBKd+9QEuzV3RYLeNy2CTry1Tz3Vg1U2JPNPPc="; }; logFormat = lib.mkForce "level INFO"; acmeCA = "https://acme-v02.api.letsencrypt.org/directory"; diff --git a/overlay/attic/default.nix b/overlay/attic/default.nix new file mode 100644 index 0000000..454d367 --- /dev/null +++ b/overlay/attic/default.nix @@ -0,0 +1,7 @@ +final: prev: { + attic-server = prev.attic-server.overrideAttrs { + patches = [ + ./prefetch-8-chunks.patch + ]; + }; +} diff --git a/overlay/attic/prefetch-8-chunks.patch b/overlay/attic/prefetch-8-chunks.patch new file mode 100644 index 0000000..eafc514 --- /dev/null +++ b/overlay/attic/prefetch-8-chunks.patch @@ -0,0 +1,23 @@ +diff --git a/server/src/api/binary_cache.rs b/server/src/api/binary_cache.rs +index 02e4857..b522154 100644 +--- a/server/src/api/binary_cache.rs ++++ b/server/src/api/binary_cache.rs +@@ -215,7 +215,7 @@ async fn get_nar( + let chunk = chunks[0].as_ref().unwrap(); + let remote_file = &chunk.remote_file.0; + let storage = state.storage().await?; +- match storage.download_file_db(remote_file, false).await? { ++ match storage.download_file_db(remote_file, true).await? { + Download::Url(url) => Ok(Redirect::temporary(&url).into_response()), + Download::AsyncRead(stream) => { + let stream = ReaderStream::new(stream).map_err(|e| { +@@ -262,7 +262,7 @@ async fn get_nar( + + // TODO: Make num_prefetch configurable + // The ideal size depends on the average chunk size +- let merged = merge_chunks(chunks, streamer, storage, 2).map_err(|e| { ++ let merged = merge_chunks(chunks, streamer, storage, 8).map_err(|e| { + tracing::error!(%e, "Stream error"); + e + }); + diff --git a/overlay/default.nix b/overlay/default.nix index 3a655fd..d8780e2 100644 --- a/overlay/default.nix +++ b/overlay/default.nix @@ -3,6 +3,7 @@ let overlays = [ ./zipline ./bitwarden + ./attic ]; importedOverlays = map (m: import m) overlays; in @@ -14,7 +15,7 @@ in pkgFrom = flake: pkg: flake.packages.${prev.system}.${pkg}; in { - conduwuit = pkgFrom inputs.conduwuit "static-x86_64-linux-musl-all-features-x86_64-haswell-optimised"; + conduwuit = pkgFrom inputs.conduwuit "default"; pixelflasher = nixpkgsFrom inputs.pixelflasher "pixelflasher"; attic-server = pkgFrom inputs.attic "attic-server"; attic = pkgFrom inputs.attic "attic"; @@ -23,6 +24,7 @@ in meta.mainProgram = "garage"; } ); + helix = pkgFrom inputs.helix "default"; } ) ] diff --git a/secrets/yt/aws.yaml b/secrets/yt/aws.yaml index 40f828a..0a48d33 100644 --- a/secrets/yt/aws.yaml +++ b/secrets/yt/aws.yaml @@ -1,6 +1,8 @@ aws: - key_id: ENC[AES256_GCM,data:9tWAMzUv4f6Ea27XsmYhO11NroYnLmED/FVrCCGO0Vc=,iv:YP1xRjVd1M1MB7IKVAw0Sdx0E4AokBrsaAcDLvTLHD4=,tag:SEmEr3NoZvch9LeaJHbCww==,type:str] - key_secret: ENC[AES256_GCM,data:AK+vER4T1p0AknKzsxZQJ0JTpfIstnnTWSAZ26zJSCwJYgRYwj8RF98CS7HM+KWvz5VNGENxhVdUnjlGkrTB4w==,iv:3o79gwp5b4KGsixW02qFWYFvpagY/hykbYJ/WNz6PB8=,tag:GW2T8ggKYHa1CQ6DRomJDQ==,type:str] + key_id: ENC[AES256_GCM,data:euyq+QtSXv1UR5eOJfvZARhm5L2AuzKIOk8=,iv:RseSyVArmrawNzlwjNh6FScJF2O+F4FBuIq47uMQQEA=,tag:bkZJeX3rUHb1yZu8dytgcg==,type:str] + key_secret: ENC[AES256_GCM,data:27BHAU5suCIiSKAf0+1yNa/VJ0umErb6Ry8HI+Zfv6LV+7eB+wk8H3kxdV4wmY2XayHsUrD4FZa30O0a9PdJgA==,iv:oI2X7PCXDZBkUOikHM8S7gHsnMtWp7jxBqdmfbUlrwU=,tag:9mZ3H2jobKqYmw6S4NNpjw==,type:str] + _r2_key_id: ENC[AES256_GCM,data:R0xwzUx+6l9SR3Fd93PfJw+WPV0ByzOKMxoJQtn4pEE=,iv:qHmr/HssM8U3znbGznSIOwkAhNaORkCkG9lqAmCKmfw=,tag:LhuiiKSq/VnNEulgrS71vg==,type:str] + _r2_key_secret: ENC[AES256_GCM,data:Dw5Gq1URjMpy9Bh1IBYf+/EnkvQA/4yAC4kdoACpCUuJQxdQphFKwWmxJX+Q/oztO1imWoGIxlZNNDr5QCqXaA==,iv:hGePo+Ffe48n1BXI1f2V12C9Gn1CC1nTwbSsfqUGQ3c=,tag:AIy/F3jPGz2WHge3Mk43Ag==,type:str] _garage_key_id: ENC[AES256_GCM,data:2lLS1nBhrwBkJh/ei7FwBoR6jOI6KCJkvOs=,iv:jwB7ZEaKOPIwghcGRs3qaICypoHgSxkFBOyB6e5hpYI=,tag:Iqwv3j1R1uLLUDKLhN1Atg==,type:str] _garage_key_secret: ENC[AES256_GCM,data:5iwwMfojHrR79cOIY+9O2oVY8v1cbPcECMSOMhWuGAdc2lfCogKBwLM4TFwBH9X1Vx56QvUoxCQ2uSyfOMLR7A==,iv:Q523ttz6ijmv8/JlVZuldFR4IabEKiVN4sGmJ9xDJU0=,tag:ZZ4LRG4DXOC7LY8hEjXYHQ==,type:str] sops: @@ -27,8 +29,8 @@ sops: UlYrTExEUVc0dURLR1czN3BnYzZ2VGMKCbAgM50jvs9VciA1Pb/VY+2I4x62LBGe j7eHkfTFc8Gnk/rZA9/ZJDLFr/FUPMQWK/NVoz6oLjO6oVFXqN6OqA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-02-27T02:50:27Z" - mac: ENC[AES256_GCM,data:FjlbCqqYHPn/FDPUR1flWgg6wwHhLJx1uKOedwkvsTxuPhlVJHghTHWYetdmplOQyEpOEbyv+iqKTGDYHzDdgU2jIZ0TKM66iHq+1yft4TatBu75/0N3I+SfZv97vKNehxN/zvIY3FQF4O8qVy9c1dZRmr7q27Wq2pdHSOe4Myg=,iv:YkUXcOwb6UZr0vXazbLrVeGTvBTtnwuEIY3O+GSrnNk=,tag:kQBh7urSnHoiV18TIGlPEg==,type:str] + lastmodified: "2025-03-16T16:45:13Z" + mac: ENC[AES256_GCM,data:DCx4uVuy53Gz9Ha2p/GjxTigKw/dJ0gvWIAII9AtKQCURu1OfiJ6Lp/ht6ndJwn25em11uppN371pQGxa8FRtLL+dX/YgoDmOw3Tgo3lc5VLBzalRqXHInOGHfgv9k1jHNq6zokKbBLDItBnUNOCvsLTXXenVRYdnkiuf3QPGhk=,iv:gBbbH/nJExK/dEXKHo+cCr+rxQ4uJQWweK0lYT7amsM=,tag:9GaCGFrcinqGfpibUNQ75w==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.4