From 8ead8c14e3fbc895910e389bd0a7f0476b3d465a Mon Sep 17 00:00:00 2001 From: cy Date: Sat, 5 Apr 2025 12:57:19 -0400 Subject: [PATCH 01/11] rm element web --- home/codium.nix | 6 ++++++ home/kitty.nix | 1 + hosts/chunk/default.nix | 1 - hosts/chunk/element.nix | 33 --------------------------------- 4 files changed, 7 insertions(+), 34 deletions(-) delete mode 100644 hosts/chunk/element.nix diff --git a/home/codium.nix b/home/codium.nix index 117c9e0..706736d 100644 --- a/home/codium.nix +++ b/home/codium.nix @@ -24,6 +24,7 @@ golang.go ms-python.python christian-kohler.path-intellisense + # firefox-devtools.vscode-firefox-debug ]; userSettings = let @@ -74,6 +75,11 @@ "telemetry.enableTelemetry" = false; "telemetry.telemetryLevel" = "off"; "window.titleBarStyle" = "custom"; + # https://github.com/ChristianKohler/PathIntellisense#installation + "typescript.suggest.paths" = false; + "javascript.suggest.paths" = false; + + "path-intellisense.absolutePathToWorkspace" = true; # terminal stuff "terminal.integrated.cursorBlinking" = true; diff --git a/home/kitty.nix b/home/kitty.nix index 0021bb5..a77a432 100644 --- a/home/kitty.nix +++ b/home/kitty.nix @@ -21,6 +21,7 @@ # see https://github.com/sharkdp/bat/issues/1077#issuecomment-652785399 "scrollback_pager" = "bat --pager='less -FR +G'"; # "scrollback_lines" = 20000; + wheel_scroll_multiplier = 50; }; keybindings = { # kitty_mod is ctrl+shift by default diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 56bae51..5ddc4d5 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -18,7 +18,6 @@ ./grafana.nix ./conduwuit.nix ./immich.nix - ./element.nix ./forgejo.nix ./garage.nix ./tailscale.nix diff --git a/hosts/chunk/element.nix b/hosts/chunk/element.nix deleted file mode 100644 index 5a12e1e..0000000 --- a/hosts/chunk/element.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - pkgs, - config, - ... -}: -{ - virtualisation.oci-containers.containers.element = { - image = "vectorim/element-web"; - autoStart = true; - ports = [ "127.0.0.1:8089:8089" ]; - pull = "newer"; - networks = [ "element-net" ]; - environment = { - ELEMENT_WEB_PORT = "8089"; - }; - }; - - systemd.services.create-element-net = { - serviceConfig.Type = "oneshot"; - wantedBy = with config.virtualisation.oci-containers; [ - "${backend}-element.service" - ]; - script = '' - ${pkgs.podman}/bin/podman network exists element-net || \ - ${pkgs.podman}/bin/podman network create element-net - ''; - }; - - services.caddy.virtualHosts."element.cy7.sh".extraConfig = '' - import common - reverse_proxy localhost:8089 - ''; -} From f7157a11ed296160bf79b6a81b975311f68a55e7 Mon Sep 17 00:00:00 2001 From: cy Date: Sat, 5 Apr 2025 16:46:18 -0400 Subject: [PATCH 02/11] containers: enable daily autoPrune --- modules/containerization.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/containerization.nix b/modules/containerization.nix index fd39da9..2bcc8dd 100644 --- a/modules/containerization.nix +++ b/modules/containerization.nix @@ -30,6 +30,10 @@ in }; # answer on /var/run/docker.sock dockerSocket.enable = true; + autoPrune = { + enable = true; + dates = "daily"; + }; }; docker.enable = lib.mkIf (!cfg.usePodman) true; oci-containers.backend = lib.mkIf (!cfg.usePodman) "docker"; From 895052fb204cef0250128538d2f82c877008f8e0 Mon Sep 17 00:00:00 2001 From: cy Date: Sat, 5 Apr 2025 16:46:32 -0400 Subject: [PATCH 03/11] init karakeep (hoarder) --- .sops.yaml | 6 +++ hosts/chunk/default.nix | 17 +++---- modules/authelia.nix | 16 +++++++ modules/default.nix | 1 + modules/karakeep.nix | 81 ++++++++++++++++++++++++++++++++++ secrets/services/karakeep.yaml | 35 +++++++++++++++ 6 files changed, 145 insertions(+), 11 deletions(-) create mode 100644 modules/karakeep.nix create mode 100644 secrets/services/karakeep.yaml diff --git a/.sops.yaml b/.sops.yaml index 21d2151..5dca48c 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -135,4 +135,10 @@ creation_rules: - *yt - *cy - *chunk + - path_regex: secrets/services/karakeep.yaml + key_groups: + - age: + - *yt + - *cy + - *chunk diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 5ddc4d5..9c6289d 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -46,20 +46,14 @@ "rsyncnet/id_ed25519" = { sopsFile = ../../secrets/zh5061/chunk.yaml; }; - "attic/env" = { - sopsFile = ../../secrets/services/attic.yaml; - }; "garage/env" = { sopsFile = ../../secrets/services/garage.yaml; }; "tailscale/auth" = { sopsFile = ../../secrets/services/tailscale.yaml; }; - "zipline/env" = { - sopsFile = ../../secrets/services/zipline.yaml; - }; - "searx/env" = { - sopsFile = ../../secrets/services/searx.yaml; + "karakeep/env" = { + sopsFile = ../../secrets/services/karakeep.yaml; }; }; @@ -186,9 +180,10 @@ programs.git.enable = true; my.caddy.enable = true; - - # container stuff my.containerization.enable = true; - my.authelia.enable = true; + my.karakeep = { + enable = true; + dataDir = "/opt/karakeep"; + }; } diff --git a/modules/authelia.nix b/modules/authelia.nix index b882a42..8b06196 100644 --- a/modules/authelia.nix +++ b/modules/authelia.nix @@ -49,6 +49,11 @@ in webauthn = { enable_passkey_login = true; }; + identity_providers.oidc.claims_policies = { + # https://github.com/karakeep-app/karakeep/issues/410 + # https://www.authelia.com/integration/openid-connect/openid-connect-1.0-claims/#restore-functionality-prior-to-claims-parameter + karakeep.id_token = [ "email" ]; + }; identity_providers.oidc.clients = [ { client_id = "immich"; @@ -94,6 +99,17 @@ in audience = []; token_endpoint_auth_method = "client_secret_post"; } + { + client_id = "0SbsGvw5APYJ4px~dv38rCVgXtK2XWrF1QvyuaFz48cgsNm-rAXkSgNOctfxS21IWOFSfsm5"; + client_name = "Karakeep"; + client_secret = "$pbkdf2-sha512$310000$4UanDZq.6oholJW3CmKwtQ$9e3hqR8qGU4LoneR/Y9jtJTx0iSzATI4iXymrs8QrmGw4JY1BPF4.IJ9Jbc.8cikU4qpfUIFO6r2dG7JHznCnw"; + public = false; + authorization_policy = "two_factor"; + redirect_uris = [ "https://keep.cy7.sh/api/auth/callback/custom" ]; + scopes = [ "openid" "profile" "email" ]; + userinfo_signed_response_alg = "none"; + claims_policy = "karakeep"; + } ]; }; secrets = { diff --git a/modules/default.nix b/modules/default.nix index db7bfa4..0d4638f 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,5 +10,6 @@ ./searx.nix ./attic.nix ./authelia.nix + ./karakeep.nix ]; } diff --git a/modules/karakeep.nix b/modules/karakeep.nix new file mode 100644 index 0000000..3e75f74 --- /dev/null +++ b/modules/karakeep.nix @@ -0,0 +1,81 @@ +{ config, lib, ... }: +let + cfg = config.my.karakeep; +in +{ + options.my.karakeep = { + enable = lib.mkEnableOption "karakeep"; + dataDir = lib.mkOption { + type = lib.types.path; + }; + port = lib.mkOption { + default = 3002; + description = "port for the web service"; + type = lib.types.port; + }; + domain = lib.mkOption { + default = "keep.cy7.sh"; + type = lib.types.str; + }; + environmentFile = lib.mkOption { + default = config.sops.secrets."karakeep/env".path; + type = lib.types.path; + }; + }; + + config = lib.mkIf cfg.enable { + virtualisation.oci-containers.containers = { + karakeep-web = { + image = "ghcr.io/karakeep-app/karakeep:release"; + pull = "newer"; + volumes = [ "${cfg.dataDir}:/data" ]; + ports = [ "${toString cfg.port}:3000"]; + dependsOn = [ + "karakeep-chrome" + "karakeep-meilisearch" + ]; + environment = { + MEILI_ADDR = "http://karakeep-meilisearch:7700"; + BROWSER_WEB_URL = "http://karakeep-chrome:9222"; + DATA_DIR = "/data"; + NEXTAUTH_URL = "https://${cfg.domain}"; + DISABLE_PASSWORD_AUTH = "true"; + OAUTH_WELLKNOWN_URL = "https://auth.cy7.sh/.well-known/openid-configuration"; + OAUTH_CLIENT_ID = "0SbsGvw5APYJ4px~dv38rCVgXtK2XWrF1QvyuaFz48cgsNm-rAXkSgNOctfxS21IWOFSfsm5"; + OAUTH_PROVIDER_NAME = "Authelia"; + OAUTH_ALLOW_DANGEROUS_EMAIL_ACCOUNT_LINKING = "true"; + }; + # needs NEXTAUTH_SECRET + environmentFiles = [ "${cfg.environmentFile}" ]; + }; + + karakeep-chrome = { + image = "ghcr.io/zenika/alpine-chrome:latest"; + pull = "newer"; + cmd = [ + "--no-sandbox" + "--disable-gpu" + "--disable-dev-shm-usage" + "--remote-debugging-address=0.0.0.0" + "--remote-debugging-port=9222" + "--hide-scrollbars" + ]; + }; + + karakeep-meilisearch = { + image = "getmeili/meilisearch:latest"; + volumes = [ "meilisearch:/meili_data" ]; + environment = { + MEILI_NO_ANALYTICS = "true"; + }; + # needs MEILI_MASTER_KEY + environmentFiles = [ "${cfg.environmentFile}" ]; + }; + }; + + services.caddy.virtualHosts.${cfg.domain}.extraConfig = '' + import common + reverse_proxy localhost:${toString cfg.port} + ''; + }; +} \ No newline at end of file diff --git a/secrets/services/karakeep.yaml b/secrets/services/karakeep.yaml new file mode 100644 index 0000000..cc09262 --- /dev/null +++ b/secrets/services/karakeep.yaml @@ -0,0 +1,35 @@ +karakeep: + env: ENC[AES256_GCM,data:SWc26EQaKR5d9hMDYzVHA/r7XfjwFZ0d44Co0IS6OayR24ej7yqLAtkNttROKoKFuYc0sHgN9bOy4MyX0s3qiSWYovIIUJgFiJjPQFYDAo+50WR4+5W5FgvYI6e42fcWrQhaCXWQrDyzch/zT2OITZsjXcQhT5E+IiPLVkaGOjGptE07GjM7ZXI4UxBzINFQOhxdfIO0km1o6Wq8GhJdWsz4exz4ahRslR+WjK/flV2GZVAj6EHSJ5sHohm74QlhxaShEbc/8IKP6R2gSjBFP7l8VvwFyIUD9sLzYGvS3iU=,iv:gSPQU0bZ+VRFbuaNDc90dW0ogWX2SMH7kewtq/u/11E=,tag:L0Y4EWSQUhcn2eHt+yZ7qQ==,type:str] +sops: + age: + - recipient: age1sy0at69err83qyml2vqu8xvwjccfws447aaadfvacj2qluw3p45s2mtrw8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIaWQ1Q1JwRHJxQjNjdTAx + TXRsWjVZOG1mNEptNVhscHBaK2I5MHhjdlFjCkNqOEhwT3hyOHpHQ2k0ZmowUXB4 + eks2dlpUS0V6VjBEYW9UWnhFOEw4VGsKLS0tIFo2a0FTRE5WdHBGVW5DOUFkaE9p + bitvUnJXSnB6UnV3VTEzSjlSYmEwVUEKHOwFCRu+SIyM0uJ6bNEAo+MMlsc8la6G + bLYdCoykcBu+uVXqn3BYTbrS5ylQMRYcbcPFJw5BVdmjIYF4LU5W6A== + -----END AGE ENCRYPTED FILE----- + - recipient: age10h6pg5qdpc4t0rpmksfv788a57f04n83zgqaezkjjn65nkhv547s0vxfdn + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrU2ZnNVAyeVdJeHlTSW1x + QUhKRzlNclVUWE1ucHFLZW5sL1lnUDhkd0Y4CjFuekNEOE1icDNqL1JyT0hEYW16 + Q2VyajJFWWtGUnBzOENGOEZHbWROZzAKLS0tIE8wMVc3TkV5Y1VyenIvOW02NDNq + cStTeUcvY1pJWEN2MzFEeThKT0JPc1EKXrtVG49a6YZVKiL1F8Xg3t3niTYv3LwN + NeAQ8srV0F6ckky7OCkvUp9GInZCWRzULXV/x+4IUb6C+KQaNm2vYA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1eg6sxflw6l44fp20sl068sampwd95fm0mnh4ssegrhtktgm50ptqcuspyn + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFdDdUSUlmMk5VcytyT01N + UmRaK2k5Wkh5SlhPT3QrczY2eW9vZk5KWFZBCnBteitnNFlHdWRaaTRxSWYvYmtG + ZnY5ZXlYa3Z5aENlRy9BQjVSU1F3UzQKLS0tIFpjN1dOaWNKaU9PaENyaXc1K3BU + K2orZ0Y2Z05LSUZ5WHQ4TnVVY0QwSzQKiUQT4aSxXnaq0kEMp+q5WnIUoGypEmZ+ + DQEhkB9yu/BrkjXH+HGQr1W5B4sJyb5rnl0+SQ+IypRIRyaX4CdFxg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-04-05T19:44:58Z" + mac: ENC[AES256_GCM,data:OmqsJI9BaICOTiH1cq4gZlNBbkAxn/pAOWBtkIjHdqpikABLG6fMY+sLpyeaovXjexIj9MZk7fPmV8dRZ5VNLHCqlYXK/cVoQBZ2HK+p/cGTAFelNAShu9NSgZdFmVgJJtOjVvFp8dtuY8VcQj861k/MPX0mNZt9pmXYdumjpNM=,iv:efHkp1KUctwtCjG9A8i5qs7nQfQqv2ya1yYlHHOt8pU=,tag:4lChpspl0oOUMiXzvGuA2Q==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.1 From 9c859e23e66543b6bbd586f4248fae59c7b228e9 Mon Sep 17 00:00:00 2001 From: cy Date: Sat, 5 Apr 2025 18:53:39 -0400 Subject: [PATCH 04/11] authelia: use random client_ids --- modules/authelia.nix | 6 +++--- secrets/services/hedgedoc.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/authelia.nix b/modules/authelia.nix index 8b06196..f231f50 100644 --- a/modules/authelia.nix +++ b/modules/authelia.nix @@ -56,7 +56,7 @@ in }; identity_providers.oidc.clients = [ { - client_id = "immich"; + client_id = "4EIrpRb9rnwHWjYWvlz2gYrtTmoOLF1D5gqXw28BvmOS0f-9T2p4CFwuctf4Co1hkpo2sd4Y"; client_name = "immich"; client_secret = "$argon2id$v=19$m=65536,t=3,p=4$Vny2G8EbSPafSwnIuq2Zkg$eF2om4WDEaqCFmrAG27h2mYl+cXxXyttPJ7gaPLs+f8"; public = false; @@ -70,7 +70,7 @@ in userinfo_signed_response_alg = "none"; } { - client_id = "forgejo"; + client_id = "_kuUEYxyfXjInJCniwugpw2Qn6iI-YW24NOkHZG~63BAhnAACDZ.xsLqOdGghj2DNZxXR0sU"; client_name = "Forgejo"; client_secret = "$argon2id$v=19$m=65536,t=3,p=4$O2O5r/7A8hc4EMvernQ4Dw$YOVqtwY3jv0HlcxmviPq2CRnD7Dw85V9KDtTSUQE7bA"; public = false; @@ -83,7 +83,7 @@ in token_endpoint_auth_method = "client_secret_basic"; } { - client_id = "hedgedoc"; + client_id = "b_ITCG0uNzy9lZ5nVC~Ny5R35te8I3hoQW1uraCbdxeiE9VuiCIelMmZZ7dAZLg_anTUWSQG"; client_name = "HedgeDoc"; client_secret = "$argon2id$v=19$m=65536,t=3,p=4$MFSXW3gjIZf0M3e8s8RJCg$6KWwksJe2vdUebPEdYc0Zy88fzGcHPrbStcqkiXl+Hg"; public = false; diff --git a/secrets/services/hedgedoc.yaml b/secrets/services/hedgedoc.yaml index eec4db4..0c693dc 100644 --- a/secrets/services/hedgedoc.yaml +++ b/secrets/services/hedgedoc.yaml @@ -1,5 +1,5 @@ hedgedoc: - env: ENC[AES256_GCM,data:hU4Ht9WkWknuYJ3yHZSm5o22wlssTNjPDZvgDi9DGEh8ULt2GzrEHfFHI9VcpyrbsLcw7HT5TuYrPibWMk4AEvqlZT/6UiyQFMso9mac6x7esf55RHTXr4F7gyC/eRDUE+mAzyhjB5xKaCUhaQpMOwA2t0zahtiaCzLvi/DXRo1jiB42Xt8Nwi1D+zRT3T/HYD8l7D+SZQQc6HC+WM/y7RIjEPcDeX/wTk+JqiGW++0D3GxCQgq6VOhw7EM4hs5aR659QVNICT9kJt9nxEsyU84nsws4MHzU53BvEY77rYZPvvrBSFJ+TnQJ0c/e8K2G9mgaEGkk/+Rmx3RbPQKuTNCzAJZ0m9g9XSwMHU/z5KkrxcI6xU1+JqpdL2Rx35JiNxbNNrlQSvXJFuGNSf0Z5l8RirKJL4HJXAsIPVZTxeJJ0rQflyb5hN63KH/vUTHJWucAFSRYwLHOgs4Yu7SKJjnWnrLYAK9K/eRprhe3Np3vTed13soZXjdB1Jz6lz3lUxZ4TpOb6E8rGt33GqACTp04DBkyUaxMg7fOQIi0riev9GcGNy1kQkDC5dOwWyQdSICIavBrL+4WRoK8xhsEMY8K58+TYfIm3XnWz6pSEl7OzdGNSFZJuwAPzGS065bCjHIlMxIUKlbx4rmGvecIGRLoa5a5XpFwVwPlH8IJ8LvDPXqyIBquL6IsoCNi+jVy7UV52WldqAAeC3+UJtD8LJj1FaWLkoshkSbcr5veZLtBnpOZsiPXtkn1qgRhCB0QjzNwz+AOJCamSn1R+i+JJN6Wja3mJytCrtoj0M6cc1beJBbam4PgxWd1CJE3zhstuqoktn9LdDZ3qNjPgRY3q4FPbjo53XvQQi/NgnPztMg2z7Rj8yeNtG+HjL2pfXIw9AXZwc19D+T7M5hR7jlD3117o+K2CeaC+wgfXPZ/xzIbhg==,iv:gvSOTStLJ5R4UaXj7gXQDCF4TAgway12yh1BtGz1Mvs=,tag:Jt+daURO+t8HME/m7tLEIw==,type:str] + env: ENC[AES256_GCM,data:9xnOlQrk1qCyiAHSjmu8dvj2/z/BrJlngNGAQnMwvLsL0pnyvvyJLnYWTDYix1a9o8OJUNLw6Qhq7KbY4uXfxsNZkfGdVHwvkvhySjR2rcX/r90txqHJUUIxE/TzdsBvonzQ0F85KfXhsi69gKHp016gCj+jNf6CCY+tOVpt71el4Z+jzqLHasuQET8GctKJRzHOfNfCx/X2kJeb7RQl3JFC6/VmYT45bUk7uFfveFD9ao03wJwLKi27wO1WDrfpOigFdvkmqpbWZjaILYHYmkdhdlhr7w330CiCmGHT/ssmSPcu5cYUc8tjYPgpYLjusiUzpE5jmut5GaNwZsY9hNuow/mUVnQ/tCDH0ChOq0DQisJ07VMYlRII9tMdcuT4IbjjwiRcYlORAHsTFUuo5DCaDp8a4mx846BGp1YMQsvqJQgOe4x15VMpeB/ptxm79qxcLZKZ3BkiJaKmDdWsVk9RfqVgsxqiq16Me2EQhknO2s/oBjGOaoIiT4NEuRFQl0BIPgIMD0lYzKx0uDaYyclID5W0DqMI+SrcBd+WH/BB9HPdZx92rFe34PzjZse0i6+5UZHXUu8au6CyLMqGkUlzkSFwVT5W7Lv2m9P3+6YjgPRMaYbg8b6kmavB6EtjiqWtTbMKr3nxPVYJc5FRImvebfFqiLy5MWoNV6Qe7TUGIk6QtX2OWBhQ1UB+IpR+180QH7yw7UpgJ9EM8dD2m2/smar5P0BjAaqAFib++GzoB0OfFtxJNUjrejQC11tRWBXYvcHWwa78VbKPul0xqiEMmsAZufMix4lD1EgutTf1CXfv7l0rUpLwkYbWIq2hT5UI53L0YWJDl7zlhi94ANdXV8z8kCvMeXm2Fwl/vIgJ9JuFeVeVYPpXwx2coLBwE6uI4SuFvY1d4ojvzY8KftcHWO7srVzpuwrwW+6gKLwPQyEazv+sRKXAGo0ffMO2/2KRgOu9zGwaOFaNDAZ6gYFDWbPz6TMfNWHzfLEFK5BlVAL8KDb78IODUBYcMr2CX1Y=,iv:LDkuJgxIbohEVf7wmdtOZ/vlPddMYa7uzHGkL+0MnUM=,tag:pnJiCJydjTmUbS761fPUPw==,type:str] sops: age: - recipient: age1eg6sxflw6l44fp20sl068sampwd95fm0mnh4ssegrhtktgm50ptqcuspyn @@ -20,7 +20,7 @@ sops: enlDZEI2NElkZkI3UmRyQUZqQWE5ZmcK2JlwNzVJNhGjyniIg9UY5tjgUKttkT3e 9C/xag3dQCiqzX1O3o5tdhYnxXw+VxVf+qTFyyuftg5iQPZNuvX6mA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-04T17:04:50Z" - mac: ENC[AES256_GCM,data:RRkdyrxwrFs3r0SaNred5zTpz5CKf043+KWkFSvPFh0RbvIVyxzJKyfL9r7erifEMhPRJ7Hz5GKE4RAPA9yRLkA9C+416sZKfwdopqAe6zSRt4zd0QOPMdc2z3+07+1SP2ay/ZYCn6jjIyoBaki3t0DMv7e9a/OzFv3WfyjG/rg=,iv:K41muQnynaGoZsBquNF0SNFgssLF9KGzBz8siagI+38=,tag:jkWbWBloSbUSJXl9jedAMQ==,type:str] + lastmodified: "2025-04-05T21:08:15Z" + mac: ENC[AES256_GCM,data:cPisYUoZWd/vd+wWzz3xTnftj1RdjK20dWFo+MKssm/eu7eCOWDIaZdcJg13gkTleBpMWQy/mG1drC6GLfGQiBmkS99UCPAoo0aLTBL4FbSm6FEXdbVjoOI7URu6Sj31drWCMAm+lXYymWsHwZJrNLhjsCTQsxTPvFq8oOdNlXo=,iv:KpmJoZ/BGEEhZ75jXfXxegNglm7k6mtleRuVud6tX2g=,tag:lsiqX+YSz4mGK6mw9gdKNg==,type:str] unencrypted_suffix: _unencrypted version: 3.10.1 From 2b39a5ab5354bb7f277b85b91406f8311bfc4faa Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 6 Apr 2025 10:52:27 -0400 Subject: [PATCH 05/11] workflow: nix copy compression zstd --- .github/workflows/build-machines-and-homes.yml | 4 ++-- .github/workflows/build-packages.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml index c955639..290761f 100644 --- a/.github/workflows/build-machines-and-homes.yml +++ b/.github/workflows/build-machines-and-homes.yml @@ -74,7 +74,7 @@ jobs: run: | package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=none' \ + --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ -u https://nix-community.cachix.org \ -u https://nixcache.web.cy7.sh \ $package @@ -143,7 +143,7 @@ jobs: run: | package=".#homeConfigurations."${{ matrix.home }}".activationPackage" nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=none' \ + --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ -u https://nix-community.cachix.org \ -u https://nixcache.web.cy7.sh \ $package diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index c188482..4f76a1d 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -62,7 +62,7 @@ jobs: if: '!cancelled()' run: | nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=none' \ + --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ -u https://nix-community.cachix.org \ -u https://nixcache.web.cy7.sh \ "${{ matrix.package }}" From a4bd232336012e5891decdd2369b3671c5205a31 Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 6 Apr 2025 11:09:09 -0400 Subject: [PATCH 06/11] garage: use 128M block_size and none compression --- hosts/chunk/garage.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/hosts/chunk/garage.nix b/hosts/chunk/garage.nix index 639bbd8..a36dc49 100644 --- a/hosts/chunk/garage.nix +++ b/hosts/chunk/garage.nix @@ -17,11 +17,12 @@ }; admin.api_bind_addr = "[::]:3903"; rpc_bind_addr = "[::]:3901"; + rpc_public_addr = "100.122.132.30:3901"; replication_factor = 1; db_engine = "lmdb"; disable_scrub = true; - block_size = "16M"; - compression_level = 3; + block_size = "128M"; + compression_level = "none"; }; environmentFile = config.sops.secrets."garage/env".path; logLevel = "warn"; From d9e6995b929c83c969904046c52a268168f922ff Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 6 Apr 2025 11:10:37 -0400 Subject: [PATCH 07/11] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'home-manager': 'github:nix-community/home-manager/bb036cb35383982066e01a6ac8d45597132cf5d5' (2025-04-04) → 'github:nix-community/home-manager/ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7' (2025-04-06) • Updated input 'nix-index-database': 'github:nix-community/nix-index-database/b3696bfb6c24aa61428839a99e8b40c53ac3a82d' (2025-03-30) → 'github:nix-community/nix-index-database/a36f6a7148aec2c77d78e4466215cceb2f5f4bfb' (2025-04-06) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/30705076a1748a2b2a1cf0539ea1665eef4d2f4a' (2025-04-04) → 'github:nixos/nixpkgs/06f3516b0397bd241bde2daefc8538fc886c5467' (2025-04-05) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/44a69ed688786e98a101f02b712c313f1ade37ab' (2025-04-02) → 'github:nixos/nixpkgs/7819a0d29d1dd2bc331bec4b327f0776359b1fa6' (2025-04-05) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/c4a8327b0f25d1d81edecbb6105f74d7cf9d7382' (2025-04-03) → 'github:oxalica/rust-overlay/9d00c6b69408dd40d067603012938d9fbe95cfcd' (2025-04-06) • Updated input 'sops-nix': 'github:Mic92/sops-nix/cff8437c5fe8c68fc3a840a21bf1f4dc801da40d' (2025-04-04) → 'github:Mic92/sops-nix/523f58a4faff6c67f5f685bed33a7721e984c304' (2025-04-06) • Updated input 'vscode-extensions': 'github:nix-community/nix-vscode-extensions/c8270f31af9c37e4fe5711567a6412460e94e9b7' (2025-04-04) → 'github:nix-community/nix-vscode-extensions/da51d4cab526bef885e8c95ab2b9455bfe0940d4' (2025-04-06) --- flake.lock | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/flake.lock b/flake.lock index 76a4f1e..ba20fb3 100644 --- a/flake.lock +++ b/flake.lock @@ -610,11 +610,11 @@ ] }, "locked": { - "lastModified": 1743783108, - "narHash": "sha256-Lg1cK7oGCNPOO1ts481m269WmdGNoigz8RNXLRE9Co0=", + "lastModified": 1743948087, + "narHash": "sha256-B6cIi2ScgVSROPPlTti6len+TdR0K25B9R3oKvbw3M8=", "owner": "nix-community", "repo": "home-manager", - "rev": "bb036cb35383982066e01a6ac8d45597132cf5d5", + "rev": "ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7", "type": "github" }, "original": { @@ -826,11 +826,11 @@ ] }, "locked": { - "lastModified": 1743306489, - "narHash": "sha256-LROaIjSLo347cwcHRfSpqzEOa2FoLSeJwU4dOrGm55E=", + "lastModified": 1743911143, + "narHash": "sha256-4j4JPwr0TXHH4ZyorXN5yIcmqIQr0WYacsuPA4ktONo=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "b3696bfb6c24aa61428839a99e8b40c53ac3a82d", + "rev": "a36f6a7148aec2c77d78e4466215cceb2f5f4bfb", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1743576891, - "narHash": "sha256-vXiKURtntURybE6FMNFAVpRPr8+e8KoLPrYs9TGuAKc=", + "lastModified": 1743813633, + "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "44a69ed688786e98a101f02b712c313f1ade37ab", + "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", "type": "github" }, "original": { @@ -989,11 +989,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1743775863, - "narHash": "sha256-gUnR9qcZK/O20oQFn1ijz7Nn66qG2Sp7JprDFl+oQBo=", + "lastModified": 1743862455, + "narHash": "sha256-I/QXtrqznq1321mYR9TyMPX/zCWb9iAH64hO+pEBY00=", "owner": "nixos", "repo": "nixpkgs", - "rev": "30705076a1748a2b2a1cf0539ea1665eef4d2f4a", + "rev": "06f3516b0397bd241bde2daefc8538fc886c5467", "type": "github" }, "original": { @@ -1151,11 +1151,11 @@ ] }, "locked": { - "lastModified": 1743682350, - "narHash": "sha256-S/MyKOFajCiBm5H5laoE59wB6w0NJ4wJG53iAPfYW3k=", + "lastModified": 1743906877, + "narHash": "sha256-Thah1oU8Vy0gs9bh5QhNcQh1iuQiowMnZPbrkURonZA=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c4a8327b0f25d1d81edecbb6105f74d7cf9d7382", + "rev": "9d00c6b69408dd40d067603012938d9fbe95cfcd", "type": "github" }, "original": { @@ -1171,11 +1171,11 @@ ] }, "locked": { - "lastModified": 1743756170, - "narHash": "sha256-2b11EYa08oqDmF3zEBLkG1AoNn9rB1k39ew/T/mSvbU=", + "lastModified": 1743910657, + "narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=", "owner": "Mic92", "repo": "sops-nix", - "rev": "cff8437c5fe8c68fc3a840a21bf1f4dc801da40d", + "rev": "523f58a4faff6c67f5f685bed33a7721e984c304", "type": "github" }, "original": { @@ -1267,11 +1267,11 @@ ] }, "locked": { - "lastModified": 1743731627, - "narHash": "sha256-gFvZTGlSGCl7MZ5MrihUf7pkIY0zwaUVhl/iUBto/3I=", + "lastModified": 1743904774, + "narHash": "sha256-dHnwYLz1b6ohGP2DjWKpDFEZ9WOm4vYuPXKUna08awU=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "c8270f31af9c37e4fe5711567a6412460e94e9b7", + "rev": "da51d4cab526bef885e8c95ab2b9455bfe0940d4", "type": "github" }, "original": { From cad11e55f10cd36d3bc2cdf9ab8eba5c8f747b1b Mon Sep 17 00:00:00 2001 From: cy Date: Mon, 7 Apr 2025 10:38:17 -0400 Subject: [PATCH 08/11] add new sk-ed25519 key --- hosts/chunk/default.nix | 4 +++- modules/caddy.nix | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 9c6289d..0509b8d 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -138,13 +138,15 @@ "podman" ]; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" ]; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" ]; # for forgejo users.users.git = { diff --git a/modules/caddy.nix b/modules/caddy.nix index 0eb2cb7..f3f8e14 100644 --- a/modules/caddy.nix +++ b/modules/caddy.nix @@ -49,7 +49,8 @@ in respond / 200 { body "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhUt9h5dCcrwOrZNKkStCX5OxumPzEwYXSU/0DgtWgP - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD" + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD + sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" } ''; }; From 2001228889ee08234fc04af6bfdb67696a09974b Mon Sep 17 00:00:00 2001 From: cy Date: Mon, 7 Apr 2025 10:38:44 -0400 Subject: [PATCH 09/11] ytnix: add systemd to nix-ld --- hosts/ytnix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix index ed91b61..ddf1364 100644 --- a/hosts/ytnix/default.nix +++ b/hosts/ytnix/default.nix @@ -274,7 +274,6 @@ enable = true; # nix run github:thiagokokada/nix-alien#nix-alien-find-libs ./ libraries = with pkgs; [ - # TODO: revisit what we actually need mesa extest stdenv.cc.cc @@ -330,6 +329,7 @@ pcre2 gsettings-desktop-schemas fzf + systemd ]; }; programs.evolution.enable = true; From e678d56cad4e58a2e111faa8cddd472e2fdfab5b Mon Sep 17 00:00:00 2001 From: cy Date: Mon, 7 Apr 2025 10:39:22 -0400 Subject: [PATCH 10/11] codium: rm path-intellisense cuz no work --- home/codium.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/home/codium.nix b/home/codium.nix index 706736d..1eb02a4 100644 --- a/home/codium.nix +++ b/home/codium.nix @@ -23,8 +23,6 @@ tamasfe.even-better-toml golang.go ms-python.python - christian-kohler.path-intellisense - # firefox-devtools.vscode-firefox-debug ]; userSettings = let @@ -75,11 +73,6 @@ "telemetry.enableTelemetry" = false; "telemetry.telemetryLevel" = "off"; "window.titleBarStyle" = "custom"; - # https://github.com/ChristianKohler/PathIntellisense#installation - "typescript.suggest.paths" = false; - "javascript.suggest.paths" = false; - - "path-intellisense.absolutePathToWorkspace" = true; # terminal stuff "terminal.integrated.cursorBlinking" = true; From 4e1ac1e3b623a48f68a61272c0ee355bf89a62d9 Mon Sep 17 00:00:00 2001 From: cy Date: Fri, 11 Apr 2025 12:43:44 -0400 Subject: [PATCH 11/11] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'conduwuit': 'github:girlbossceo/conduwuit/4e5b87d0cd16f3d015f4b61285b369d027bb909d' (2025-04-04) → 'github:girlbossceo/conduwuit/d8311a5ff672fdc4729d956af5e3af8646b0670d' (2025-04-09) • Updated input 'home-manager': 'github:nix-community/home-manager/ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7' (2025-04-06) → 'github:nix-community/home-manager/e43c6bcb101ba3301522439c459288c4a248f624' (2025-04-11) • Updated input 'nix-ld': 'github:nix-community/nix-ld/140451db1cadeef1e7e9e054332b67b7be808916' (2025-03-31) → 'github:nix-community/nix-ld/661e260728c51903cab5ad88b938fe4ce502be51' (2025-04-07) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/06f3516b0397bd241bde2daefc8538fc886c5467' (2025-04-05) → 'github:nixos/nixpkgs/6f061f35682410185d9a1582601e9241bfa6ad96' (2025-04-11) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/7819a0d29d1dd2bc331bec4b327f0776359b1fa6' (2025-04-05) → 'github:nixos/nixpkgs/f9ebe33a928b5d529c895202263a5ce46bdf12f7' (2025-04-10) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/9d00c6b69408dd40d067603012938d9fbe95cfcd' (2025-04-06) → 'github:oxalica/rust-overlay/5e64aecc018e6f775572609e7d7485fdba6985a7' (2025-04-11) • Updated input 'sops-nix': 'github:Mic92/sops-nix/523f58a4faff6c67f5f685bed33a7721e984c304' (2025-04-06) → 'github:Mic92/sops-nix/69d5a5a4635c27dae5a742f36108beccc506c1ba' (2025-04-08) • Updated input 'vscode-extensions': 'github:nix-community/nix-vscode-extensions/da51d4cab526bef885e8c95ab2b9455bfe0940d4' (2025-04-06) → 'github:nix-community/nix-vscode-extensions/f0555ec37883d2bddca658cad7bfe995bc195217' (2025-04-11) --- flake.lock | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/flake.lock b/flake.lock index ba20fb3..d414fa3 100644 --- a/flake.lock +++ b/flake.lock @@ -114,11 +114,11 @@ "rocksdb": "rocksdb" }, "locked": { - "lastModified": 1743780871, - "narHash": "sha256-xmDepDLHsIWiwpWYjhI40XOrV9jCKrYJQ+EK1EOIdRg=", + "lastModified": 1744169934, + "narHash": "sha256-5YyHmPUUrXXrczWayji9327knihVTKnmjX+vX6+p6d0=", "owner": "girlbossceo", "repo": "conduwuit", - "rev": "4e5b87d0cd16f3d015f4b61285b369d027bb909d", + "rev": "d8311a5ff672fdc4729d956af5e3af8646b0670d", "type": "github" }, "original": { @@ -610,11 +610,11 @@ ] }, "locked": { - "lastModified": 1743948087, - "narHash": "sha256-B6cIi2ScgVSROPPlTti6len+TdR0K25B9R3oKvbw3M8=", + "lastModified": 1744380363, + "narHash": "sha256-cXjAUuAfQDPSLSsckZuTioQ986iqSPTzx8D7dLAcC+Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7", + "rev": "e43c6bcb101ba3301522439c459288c4a248f624", "type": "github" }, "original": { @@ -846,11 +846,11 @@ ] }, "locked": { - "lastModified": 1743410259, - "narHash": "sha256-tjdkPPkRT1Mj72yrpN8oUxYw9SaG8wOQWD3auS1bvSs=", + "lastModified": 1744019307, + "narHash": "sha256-momo+rjA7KRbeujKxHK5dkZsWztPL0+wzyF28epVAdI=", "owner": "nix-community", "repo": "nix-ld", - "rev": "140451db1cadeef1e7e9e054332b67b7be808916", + "rev": "661e260728c51903cab5ad88b938fe4ce502be51", "type": "github" }, "original": { @@ -909,11 +909,11 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1743813633, - "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", + "lastModified": 1744309437, + "narHash": "sha256-QZnNHM823am8apCqKSPdtnzPGTy2ZB4zIXOVoBp5+W0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", + "rev": "f9ebe33a928b5d529c895202263a5ce46bdf12f7", "type": "github" }, "original": { @@ -989,11 +989,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1743862455, - "narHash": "sha256-I/QXtrqznq1321mYR9TyMPX/zCWb9iAH64hO+pEBY00=", + "lastModified": 1744371553, + "narHash": "sha256-KjvhD+DkQsOAggIFyuxSAZIs84UahDb/O9ojpvyFNe0=", "owner": "nixos", "repo": "nixpkgs", - "rev": "06f3516b0397bd241bde2daefc8538fc886c5467", + "rev": "6f061f35682410185d9a1582601e9241bfa6ad96", "type": "github" }, "original": { @@ -1151,11 +1151,11 @@ ] }, "locked": { - "lastModified": 1743906877, - "narHash": "sha256-Thah1oU8Vy0gs9bh5QhNcQh1iuQiowMnZPbrkURonZA=", + "lastModified": 1744338850, + "narHash": "sha256-pwMIVmsb8fjjT92n5XFDqCsplcX70qVMMT7NulumPXs=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "9d00c6b69408dd40d067603012938d9fbe95cfcd", + "rev": "5e64aecc018e6f775572609e7d7485fdba6985a7", "type": "github" }, "original": { @@ -1171,11 +1171,11 @@ ] }, "locked": { - "lastModified": 1743910657, - "narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=", + "lastModified": 1744103455, + "narHash": "sha256-SR6+qjkPjGQG+8eM4dCcVtss8r9bre/LAxFMPJpaZeU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "523f58a4faff6c67f5f685bed33a7721e984c304", + "rev": "69d5a5a4635c27dae5a742f36108beccc506c1ba", "type": "github" }, "original": { @@ -1267,11 +1267,11 @@ ] }, "locked": { - "lastModified": 1743904774, - "narHash": "sha256-dHnwYLz1b6ohGP2DjWKpDFEZ9WOm4vYuPXKUna08awU=", + "lastModified": 1744336496, + "narHash": "sha256-9nn2S/nGB0o0pFV3YUV4D6PM/2/w5+V6FpfPs7ByTgI=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "da51d4cab526bef885e8c95ab2b9455bfe0940d4", + "rev": "f0555ec37883d2bddca658cad7bfe995bc195217", "type": "github" }, "original": {