From 99b07bdb362447daf317456b13a93d7a5cfae854 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Thu, 24 Apr 2025 14:08:55 -0400
Subject: [PATCH 01/15] go back to sway

---
 home/yt/ytnix.nix       | 10 +++++-----
 hosts/ytnix/default.nix | 23 ++++++++++++++++++-----
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index c08d0b8..7714c0b 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -97,16 +97,11 @@
         libllvm
       ])
       nix-output-monitor
-      wl-clipboard-rs
       pixelflasher
       cinny-desktop
       freetube
-      gopls
-      rust-analyzer
       minio-client
-      nil
       keepassxc
-      lua-language-server
     ];
 
   home.sessionVariables = {
@@ -158,6 +153,11 @@
     enable = true;
     viAlias = true;
     vimAlias = true;
+    extraPackages = with pkgs; [
+      lua-language-server
+      nil
+      rust-analyzer
+    ];
   };
 
   programs.ssh = {
diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix
index c3759fa..2ee496b 100644
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@@ -204,7 +204,7 @@
   services.displayManager = {
     enable = true;
     autoLogin.user = "yt";
-    defaultSession = "plasma";
+    defaultSession = "sway";
     sddm = {
       enable = true;
       wayland.enable = true;
@@ -360,12 +360,8 @@
     ];
   };
 
-  services.ollama.enable = false;
-
   services.trezord.enable = true;
 
-  programs.niri.enable = false;
-  programs.niri.package = pkgs.niri-unstable;
   programs.xwayland.enable = true;
 
   services.udev.extraHwdb = ''
@@ -393,4 +389,21 @@
   nix.settings.sandbox = false;
 
   programs.ssh.startAgent = true;
+
+  programs.sway = {
+    enable = true;
+    wrapperFeatures.gtk = true;
+    extraPackages = with pkgs; [
+      rofi-wayland
+      cliphist
+      rofimoji
+      grim
+      slurp
+      swaylock
+      swayidle
+      brightnessctl
+      waybar
+      wl-clipboard
+    ];
+  };
 }

From 9c509c79cb3755500555ae8979dc7639c36f82d5 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Thu, 24 Apr 2025 14:30:28 -0400
Subject: [PATCH 02/15] fix caddy hash

---
 modules/caddy.nix | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/caddy.nix b/modules/caddy.nix
index c5de226..f6904a8 100644
--- a/modules/caddy.nix
+++ b/modules/caddy.nix
@@ -19,9 +19,9 @@ in
         plugins = [
           # error message will tell you the correct version tag to use
           # (still need the @ to pass nix config check)
-          "github.com/caddy-dns/cloudflare@v0.0.0-20250228175314-1fb64108d4de"
+          "github.com/caddy-dns/cloudflare@v0.2.2-0.20250420134112-006ebb07b349"
         ];
-        hash = "sha256-pfh9DXUj35jlAntkWc4D5wuW04xxQfM1rZ4KFauMzvc=";
+        hash = "sha256-2U+icm4GtI5Fww6U8nKzQ/+pPf63T3scTGuj1zjj4b4=";
       };
       logFormat = lib.mkForce "level INFO";
       acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
@@ -37,9 +37,9 @@ in
 
         (authelia) {
           forward_auth localhost:9091 {
-		        uri /api/authz/forward-auth
-		        copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
-	        }
+            uri /api/authz/forward-auth
+            copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
+	  }
         }
       '';
       environmentFile = config.sops.secrets."caddy/env".path;

From 4e99cfcc94f1fd11ecfcccec8d468c8b6934917f Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Thu, 24 Apr 2025 14:31:20 -0400
Subject: [PATCH 03/15] rm codium

---
 home/yt/ytnix.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index 7714c0b..d31b20a 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -8,7 +8,7 @@
     ./common.nix
     ../irssi.nix
     ../kitty.nix
-    ../codium.nix
+    # ../codium.nix
   ];
   home = {
     username = "yt";

From c400c4b5cd88ce75686cb59401595449a27f4359 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Thu, 24 Apr 2025 14:10:26 -0400
Subject: [PATCH 04/15] flake.lock: Update
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Flake lock file updates:

• Updated input 'garage':
    'github:deuxfleurs-org/garage/3c20984a08528f1a6672c8afc83d2306a0361e40' (2025-04-21)
  → 'github:deuxfleurs-org/garage/bf4691d98afe348e528ee24e26b06c325cca35d0' (2025-04-24)
• Updated input 'home-manager':
    'github:nix-community/home-manager/22b326b42bf42973d5e4fe1044591fb459e6aeac' (2025-04-21)
  → 'github:nix-community/home-manager/abfad3d2958c9e6300a883bd443512c55dfeb1be' (2025-04-24)
• Updated input 'lanzaboote':
    'github:nix-community/lanzaboote/e4cf2086105f47a22f92985358db295a20746abb' (2025-04-21)
  → 'github:nix-community/lanzaboote/995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba' (2025-04-21)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef' (2025-04-17)
  → 'github:nixos/nixpkgs/8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7' (2025-04-23)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/68a0ff1a43d08aa1ec3730e7e7d06f6da0ba630a' (2025-04-21)
  → 'github:oxalica/rust-overlay/79d3acd1a7e67fb9315fa5c5556eb6adf93dc2da' (2025-04-24)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/61154300d945f0b147b30d24ddcafa159148026a' (2025-04-14)
  → 'github:Mic92/sops-nix/5e3e92b16d6fdf9923425a8d4df7496b2434f39c' (2025-04-22)
• Updated input 'vscode-extensions':
    'github:nix-community/nix-vscode-extensions/6dfa23066faf8643ca05eac994aa14ef695231aa' (2025-04-21)
  → 'github:nix-community/nix-vscode-extensions/e4d64dfea41b1aae1f9506dbf11545d008053cd6' (2025-04-24)
---
 flake.lock | 42 +++++++++++++++++++++---------------------
 1 file changed, 21 insertions(+), 21 deletions(-)

diff --git a/flake.lock b/flake.lock
index 2044b2a..de7b936 100644
--- a/flake.lock
+++ b/flake.lock
@@ -147,11 +147,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1745229893,
-        "narHash": "sha256-7syUmzqfY9gmLZF4WwqckPRbDRhJApOspd/qDIBHaWY=",
+        "lastModified": 1745480492,
+        "narHash": "sha256-atfb7grtY2DkjR5D9xTKx/CxXoXELBb+xQK2KVe6cso=",
         "owner": "deuxfleurs-org",
         "repo": "garage",
-        "rev": "3c20984a08528f1a6672c8afc83d2306a0361e40",
+        "rev": "bf4691d98afe348e528ee24e26b06c325cca35d0",
         "type": "github"
       },
       "original": {
@@ -189,11 +189,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745256380,
-        "narHash": "sha256-hJH1S5Xy0K2J6eT22AMDIcQ07E8XYC1t7DnXUr2llEM=",
+        "lastModified": 1745494811,
+        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "22b326b42bf42973d5e4fe1044591fb459e6aeac",
+        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
         "type": "github"
       },
       "original": {
@@ -214,11 +214,11 @@
         "rust-overlay": "rust-overlay_2"
       },
       "locked": {
-        "lastModified": 1745217777,
-        "narHash": "sha256-lnsoesuG+r15kV3Um4hHpYXIjsi6EOPBtIlV8by/7i0=",
+        "lastModified": 1745271491,
+        "narHash": "sha256-4GAHjus6JRpYHVROMIhFIz/sgLDF/klBM3UHulbSK9s=",
         "owner": "nix-community",
         "repo": "lanzaboote",
-        "rev": "e4cf2086105f47a22f92985358db295a20746abb",
+        "rev": "995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba",
         "type": "github"
       },
       "original": {
@@ -292,11 +292,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1744932701,
-        "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=",
+        "lastModified": 1745391562,
+        "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef",
+        "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
         "type": "github"
       },
       "original": {
@@ -417,11 +417,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745207416,
-        "narHash": "sha256-2g2TnXgJEvSvpk7ujY69pSplmM3oShhoOidZf1iHTHU=",
+        "lastModified": 1745462120,
+        "narHash": "sha256-TbVjPOl+Cg5vZ7TIn1KpQ8SOfHKD6OEgu84b6YSCfKE=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "68a0ff1a43d08aa1ec3730e7e7d06f6da0ba630a",
+        "rev": "79d3acd1a7e67fb9315fa5c5556eb6adf93dc2da",
         "type": "github"
       },
       "original": {
@@ -437,11 +437,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1744669848,
-        "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=",
+        "lastModified": 1745310711,
+        "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "61154300d945f0b147b30d24ddcafa159148026a",
+        "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c",
         "type": "github"
       },
       "original": {
@@ -503,11 +503,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745251368,
-        "narHash": "sha256-Fczq6JKwtHsCNPKPxkGFBhpWH8KoqY2eTyE6jG/cqms=",
+        "lastModified": 1745510572,
+        "narHash": "sha256-N0gORxOiGHRVxylYv84jngkjZ203DHAwKMWAGapehXw=",
         "owner": "nix-community",
         "repo": "nix-vscode-extensions",
-        "rev": "6dfa23066faf8643ca05eac994aa14ef695231aa",
+        "rev": "e4d64dfea41b1aae1f9506dbf11545d008053cd6",
         "type": "github"
       },
       "original": {

From 14f9f0c06a6f52898af3ed34e85272e82ac9ee18 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Fri, 25 Apr 2025 10:57:53 -0400
Subject: [PATCH 05/15] install ida-free

---
 home/yt/ytnix.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index d31b20a..9aed45a 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -102,6 +102,7 @@
       freetube
       minio-client
       keepassxc
+      ida-free
     ];
 
   home.sessionVariables = {

From 0299139b8e917662b1a14f3a5eafcfe4437bdea8 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sun, 27 Apr 2025 17:51:34 -0400
Subject: [PATCH 06/15] workflow: increase download buffer

---
 .../workflows/build-machines-and-homes.yml    |  2 ++
 home/yt/ytnix.nix                             | 34 ++++++++++++++++++-
 hosts/chunk/garage.nix                        |  2 +-
 hosts/chunk/rclone.nix                        |  9 +++--
 hosts/ytnix/default.nix                       |  4 +--
 5 files changed, 41 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml
index f1e07bc..b85e53f 100644
--- a/.github/workflows/build-machines-and-homes.yml
+++ b/.github/workflows/build-machines-and-homes.yml
@@ -71,6 +71,7 @@ jobs:
             extra-substituters = https://nixcache.cy7.sh
             extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
             post-build-hook = /etc/nix/upload-to-cache.sh
+            download-buffer-size = 1073741824
 
       - name: build
         run: |
@@ -136,6 +137,7 @@ jobs:
             extra-substituters = https://nixcache.cy7.sh
             extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
             post-build-hook = /etc/nix/upload-to-cache.sh
+            download-buffer-size = 1073741824
 
       - name: build
         run: |
diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index 9aed45a..cfddbb7 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -60,7 +60,6 @@
       gnumake
       unzip
       anki-bin
-      trezorctl
       q
       gdb
       fuzzel
@@ -158,6 +157,11 @@
       lua-language-server
       nil
       rust-analyzer
+      fzf
+      fd
+      ripgrep
+      bat
+      delta
     ];
   };
 
@@ -167,4 +171,32 @@
   };
 
   programs.firefox.enable = true;
+
+  programs.emacs = {
+    enable = true;
+    extraPackages = _: with pkgs; [
+      rust-analyzer
+      nil
+      ispell
+    ];
+  };
+
+  gtk = {
+    enable = true;
+    theme.package = pkgs.gnome-themes-extra;
+    theme.name = "Adwaita-dark";
+  };
+
+  qt = {
+    enable = true;
+    platformTheme.name = "adwaita";
+    style.name = "adwaita-dark";
+    style.package = pkgs.adwaita-qt;
+  };
+
+  dconf.settings = {
+    "org/gnome/desktop/interface" = {
+      color-scheme = "prefer-dark";
+    };
+  };
 }
diff --git a/hosts/chunk/garage.nix b/hosts/chunk/garage.nix
index a36dc49..aef6578 100644
--- a/hosts/chunk/garage.nix
+++ b/hosts/chunk/garage.nix
@@ -25,7 +25,7 @@
       compression_level = "none";
     };
     environmentFile = config.sops.secrets."garage/env".path;
-    logLevel = "warn";
+    logLevel = "info";
   };
 
   services.caddy.virtualHosts = {
diff --git a/hosts/chunk/rclone.nix b/hosts/chunk/rclone.nix
index 1c253f2..7ab5e2e 100644
--- a/hosts/chunk/rclone.nix
+++ b/hosts/chunk/rclone.nix
@@ -14,15 +14,14 @@ let
         --config ${config.sops.secrets."rclone/config".path} \
         --allow-other \
         --cache-dir /var/cache/rclone \
-        --transfers 64 \
-        --vfs-cache-mode full \
+        --transfers 16 \
+        --vfs-cache-mode writes \
         --vfs-cache-min-free-space 5G \
         --dir-cache-time 30d \
-        --no-checksum \
         --no-modtime \
         --vfs-fast-fingerprint \
-        --vfs-read-chunk-size 8M \
-        --vfs-read-chunk-streams 16 \
+        --vfs-read-chunk-size 128M \
+        --vfs-read-chunk-streams 0 \
         --sftp-concurrency 64 \
         --sftp-chunk-size 255k \
         --buffer-size 0 \
diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix
index 2ee496b..718a85e 100644
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@@ -360,8 +360,6 @@
     ];
   };
 
-  services.trezord.enable = true;
-
   programs.xwayland.enable = true;
 
   services.udev.extraHwdb = ''
@@ -386,7 +384,7 @@
   programs.ccache.enable = true;
   nix.settings.extra-sandbox-paths = [ config.programs.ccache.cacheDir ];
   programs.fuse.userAllowOther = true;
-  nix.settings.sandbox = false;
+  nix.settings.sandbox = true;
 
   programs.ssh.startAgent = true;
 

From 6220965c2dc5b450f790b7c7b7cc8e9cc03e3f9f Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sun, 27 Apr 2025 17:59:24 -0400
Subject: [PATCH 07/15] install jj and taplo

---
 home/yt/ytnix.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index cfddbb7..a841d0d 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -102,6 +102,7 @@
       minio-client
       keepassxc
       ida-free
+      jujutsu
     ];
 
   home.sessionVariables = {
@@ -162,6 +163,7 @@
       ripgrep
       bat
       delta
+      taplo
     ];
   };
 

From e6e9310b29ad42445f5737c1a9644f9644c7aac8 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Mon, 28 Apr 2025 15:01:30 -0400
Subject: [PATCH 08/15] update flake
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

• Updated input 'home-manager':
    'github:nix-community/home-manager/abfad3d2958c9e6300a883bd443512c55dfeb1be' (2025-04-24)
  → 'github:nix-community/home-manager/d0d9d0a1454d5a0200693570618084d80a8b336c' (2025-04-28)
• Updated input 'nix-index-database':
    'github:nix-community/nix-index-database/69716041f881a2af935021c1182ed5b0cc04d40e' (2025-04-20)
  → 'github:nix-community/nix-index-database/187524713d0d9b2d2c6f688b81835114d4c2a7c6' (2025-04-27)
• Updated input 'nix-ld':
    'github:nix-community/nix-ld/9a3812797e25def1d4aed62b517606b7b93989dc' (2025-04-14)
  → 'github:nix-community/nix-ld/3a4fcea3d9a3c1366a745d23808114a67bf98c68' (2025-04-28)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7' (2025-04-23)
  → 'github:nixos/nixpkgs/f771eb401a46846c1aebd20552521b233dd7e18b' (2025-04-24)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/79d3acd1a7e67fb9315fa5c5556eb6adf93dc2da' (2025-04-24)
  → 'github:oxalica/rust-overlay/9a6045615437787dfb9c1a3242fd75c6b6976b6b' (2025-04-28)
• Updated input 'vscode-extensions':
    'github:nix-community/nix-vscode-extensions/e4d64dfea41b1aae1f9506dbf11545d008053cd6' (2025-04-24)
  → 'github:nix-community/nix-vscode-extensions/3f05a23a57d43dfcaa41f4fb59f9bd1e9382ba1a' (2025-04-28)
---
 flake.lock | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/flake.lock b/flake.lock
index de7b936..5146a69 100644
--- a/flake.lock
+++ b/flake.lock
@@ -189,11 +189,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745494811,
-        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
+        "lastModified": 1745858959,
+        "narHash": "sha256-B1FQwPCFLL3cbHc2nxT3/UI1uprHp2h1EA6M2JVe0oQ=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
+        "rev": "d0d9d0a1454d5a0200693570618084d80a8b336c",
         "type": "github"
       },
       "original": {
@@ -257,11 +257,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745120797,
-        "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=",
+        "lastModified": 1745725746,
+        "narHash": "sha256-iR+idGZJ191cY6NBXyVjh9QH8GVWTkvZw/w+1Igy45A=",
         "owner": "nix-community",
         "repo": "nix-index-database",
-        "rev": "69716041f881a2af935021c1182ed5b0cc04d40e",
+        "rev": "187524713d0d9b2d2c6f688b81835114d4c2a7c6",
         "type": "github"
       },
       "original": {
@@ -277,11 +277,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1744621833,
-        "narHash": "sha256-II6a32kRc+KbLhU/jS8EbuXYt1PNCvsRvuBw2becgQM=",
+        "lastModified": 1745836145,
+        "narHash": "sha256-CQ18gPSd8nHMrK2K7hqsmLedQFfefUBgIq8AHHXsPRU=",
         "owner": "nix-community",
         "repo": "nix-ld",
-        "rev": "9a3812797e25def1d4aed62b517606b7b93989dc",
+        "rev": "3a4fcea3d9a3c1366a745d23808114a67bf98c68",
         "type": "github"
       },
       "original": {
@@ -292,11 +292,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1745391562,
-        "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=",
+        "lastModified": 1745526057,
+        "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7",
+        "rev": "f771eb401a46846c1aebd20552521b233dd7e18b",
         "type": "github"
       },
       "original": {
@@ -417,11 +417,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745462120,
-        "narHash": "sha256-TbVjPOl+Cg5vZ7TIn1KpQ8SOfHKD6OEgu84b6YSCfKE=",
+        "lastModified": 1745807802,
+        "narHash": "sha256-Aary9kzSx9QFgfK1CDu3ZqxhuoyHvf0F71j64gXZebA=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "79d3acd1a7e67fb9315fa5c5556eb6adf93dc2da",
+        "rev": "9a6045615437787dfb9c1a3242fd75c6b6976b6b",
         "type": "github"
       },
       "original": {
@@ -503,11 +503,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745510572,
-        "narHash": "sha256-N0gORxOiGHRVxylYv84jngkjZ203DHAwKMWAGapehXw=",
+        "lastModified": 1745820808,
+        "narHash": "sha256-6WmnH372ixlcGIAExWBmNg8aRlP1enR97zRfvYKNqR0=",
         "owner": "nix-community",
         "repo": "nix-vscode-extensions",
-        "rev": "e4d64dfea41b1aae1f9506dbf11545d008053cd6",
+        "rev": "3f05a23a57d43dfcaa41f4fb59f9bd1e9382ba1a",
         "type": "github"
       },
       "original": {

From 1262c2daee7c2dfbeffcac051423b6dadcd57e6e Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Tue, 29 Apr 2025 00:36:16 -0400
Subject: [PATCH 09/15] add jj aliases; rm and update other aliases

---
 home/zsh/default.nix | 21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/home/zsh/default.nix b/home/zsh/default.nix
index e599f0d..977de0b 100644
--- a/home/zsh/default.nix
+++ b/home/zsh/default.nix
@@ -37,12 +37,6 @@
       searchDownKey = "^n";
     };
 
-    # prezto = {
-    #   enable = true;
-    #   caseSensitive = false;
-    #   editor.keymap = "vi";
-    # };
-
     initExtra = ''
       # disable control+s to pause terminal
       unsetopt FLOW_CONTROL
@@ -85,14 +79,11 @@
     shellAliases = {
       "vi" = "nvim";
       "vim" = "nvim";
-      "t" = "tmux";
-      "tl" = "tmux list-sessions";
-      "ta" = "tmux new-session -A -s";
       "se" = "sudoedit";
       "s" = "sudo";
-      "nrs" = "sudo nixos-rebuild switch -L --flake . --log-format internal-json -v |& nom --json";
-      "nrt" = "sudo nixos-rebuild test -L --flake . --log-format internal-json -v |& nom --json";
-      "hrs" = "home-manager switch -L --flake .";
+      "nrs" = "sudo nixos-rebuild switch -L --flake ~/nixos-config";
+      "nrt" = "sudo nixos-rebuild test -L --flake ~/nixos-config";
+      "hrs" = "home-manager switch -L --flake ~/nixos-config";
       "g" = "git";
       "ga" = "git add";
       "gaa" = "git add --all";
@@ -100,7 +91,6 @@
       "gc" = "git commit --verbose";
       "gcmsg" = "git commit --message";
       "gd" = "git diff";
-      "gdca" = "git diff --cached";
       "gds" = "git diff --staged";
       "gl" = "git log --stat";
       "glg" = "git log --graph";
@@ -113,6 +103,11 @@
       "gs" = "git status --short";
       "gss" = "git status";
       "code" = "codium";
+      "jl" = "jj log -n 10";
+      "jll" = "jj log";
+      "jd" = "jj diff";
+      "jn" = "jj new";
+      "jm" = "jj describe -m";
     };
   };
 

From abe85c7763fa510469c19debfa6cae5e8d27dfda Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Tue, 29 Apr 2025 00:36:16 -0400
Subject: [PATCH 10/15] rm README

---
 README | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 README

diff --git a/README b/README
deleted file mode 100644
index 1a59725..0000000
--- a/README
+++ /dev/null
@@ -1 +0,0 @@
-this is only open source for free ci

From 2972c64f3341836ec6982ea903544a244e727f48 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Wed, 30 Apr 2025 11:58:16 -0400
Subject: [PATCH 11/15] add .editorconfig and rm unused packages

---
 .editorconfig     |  3 +++
 home/yt/ytnix.nix | 10 ----------
 2 files changed, 3 insertions(+), 10 deletions(-)
 create mode 100644 .editorconfig

diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..2eafe75
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,3 @@
+[*.nix]
+indent_style = space
+indent_size = 2
diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index a841d0d..913eaae 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -28,10 +28,7 @@
   home.packages =
     with pkgs;
     lib.flatten [
-      ungoogled-chromium
-      librewolf
       bitwarden-desktop
-      bitwarden-cli
       fastfetch
       (with kdePackages; [
         gwenview
@@ -41,14 +38,12 @@
       signal-desktop
       btop
       jq
-      sqlite
       usbutils
       calibre
       tor-browser
       wtype
       bat
       rclone
-      go
       (rust-bin.selectLatestNightlyWith (
         toolchain:
         toolchain.default.override {
@@ -56,11 +51,9 @@
           targets = [ "aarch64-unknown-linux-musl" ];
         }
       ))
-      pwgen
       gnumake
       unzip
       anki-bin
-      q
       gdb
       fuzzel
       hugo
@@ -89,16 +82,13 @@
       jadx
       scrcpy
       syncthing
-      syncthingtray
       (with llvmPackages; [
         clangUseLLVM
         compiler-rt
         libllvm
       ])
       nix-output-monitor
-      pixelflasher
       cinny-desktop
-      freetube
       minio-client
       keepassxc
       ida-free

From 3e371387e73984926f07f5f49b608e4dddb24087 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Fri, 2 May 2025 11:42:23 -0400
Subject: [PATCH 12/15] install clang-tools

---
 home/yt/ytnix.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index 913eaae..8043825 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -154,6 +154,7 @@
       bat
       delta
       taplo
+      llvmPackages.clang-tools
     ];
   };
 

From 8100b8248588c6c2f449b1b1c1bde8be3a84338b Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sun, 4 May 2025 01:21:42 -0400
Subject: [PATCH 13/15] fix authelia in immich

---
 modules/authelia.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/authelia.nix b/modules/authelia.nix
index f231f50..915be02 100644
--- a/modules/authelia.nix
+++ b/modules/authelia.nix
@@ -68,6 +68,7 @@ in
             ];
             scopes = [ "openid" "profile" "email" ];
             userinfo_signed_response_alg = "none";
+            token_endpoint_auth_method = "client_secret_basic";
           }
           {
             client_id = "_kuUEYxyfXjInJCniwugpw2Qn6iI-YW24NOkHZG~63BAhnAACDZ.xsLqOdGghj2DNZxXR0sU";

From 477d94687d5af9cbc4700dae7e90331d99277811 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sun, 4 May 2025 01:21:42 -0400
Subject: [PATCH 14/15] install ffmpeg, pyright; exclude vms from backup; make
 kitty transparent

---
 home/kitty.nix          | 1 +
 home/yt/ytnix.nix       | 2 ++
 hosts/ytnix/default.nix | 3 ++-
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/home/kitty.nix b/home/kitty.nix
index a6ddf37..40f25ef 100644
--- a/home/kitty.nix
+++ b/home/kitty.nix
@@ -13,6 +13,7 @@
       # for confirmation
       confirm_os_window_close = 0;
       clear_all_shortcuts = true;
+      background_opacity = 0.85;
 
       # will probably lower this later but the max allowed is actually 4GB
       # this is NOT stored in memory and can only be viewed with scrollback_pager
diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix
index 8043825..8a301d1 100644
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@@ -93,6 +93,7 @@
       keepassxc
       ida-free
       jujutsu
+      ffmpeg
     ];
 
   home.sessionVariables = {
@@ -155,6 +156,7 @@
       delta
       taplo
       llvmPackages.clang-tools
+      pyright
     ];
   };
 
diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix
index 718a85e..920cd4f 100644
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@@ -87,7 +87,7 @@
     resolvconf.enable = true;
     firewall = {
       enable = true;
-      trustedInterfaces = [ "tailscale0" "virbr0" ];
+      trustedInterfaces = [ "tailscale0" "virbr0" "virbr1" ];
       # allowedTCPPorts = [
       #   8080 # mitmproxy
       #   22000 # syncthing
@@ -238,6 +238,7 @@
       "/home/yt/Games"
       "/home/yt/Videos"
       "/home/yt/.bitmonero"
+      "/home/yt/vms"
     ];
     repo = "yt";
     passFile = config.sops.secrets."borg/rsyncnet".path;

From 5cb9e6170866e06db255fcf8c96b068579b88e99 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Sun, 4 May 2025 01:59:10 -0400
Subject: [PATCH 15/15] test nixcp

use nixcp to upload machines as result
---
 .../workflows/build-machines-and-homes.yml    | 69 ++++++++-----------
 .github/workflows/build-packages.yml          | 29 +++-----
 2 files changed, 37 insertions(+), 61 deletions(-)

diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml
index b85e53f..d54e390 100644
--- a/.github/workflows/build-machines-and-homes.yml
+++ b/.github/workflows/build-machines-and-homes.yml
@@ -39,25 +39,6 @@ jobs:
       - name: setup binary cache key
         run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem
 
-      - name: Sync repository
-        uses: actions/checkout@v4
-        with:
-          persist-credentials: false
-
-      - name: post-build-hook
-        run: |
-          sudo mkdir -p /etc/nix
-          sudo cp ci/upload-to-cache.sh /etc/nix/
-          sudo chmod +x /etc/nix/upload-to-cache.sh
-
-      - name: setup s3 credentials
-        run: |
-          sudo mkdir /root/.aws
-          echo "[default]" |sudo tee /root/.aws/config |sudo tee /root/.aws/credentials
-          echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" |sudo tee -a /root/.aws/credentials
-          echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" |sudo tee -a /root/.aws/credentials
-          echo "endpoint_url=$AWS_ENDPOINT_URL" |sudo tee -a /root/.aws/config
-
       - name: Install Nix
         uses: cachix/install-nix-action@v30
         with:
@@ -70,13 +51,26 @@ jobs:
             secret-key-files = ${{ runner.temp }}/cache-priv-key.pem
             extra-substituters = https://nixcache.cy7.sh
             extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
-            post-build-hook = /etc/nix/upload-to-cache.sh
             download-buffer-size = 1073741824
 
+      - name: Sync repository
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
       - name: build
         run: |
           nix run nixpkgs#nixos-rebuild build -- -L --flake ".#${{ matrix.machine }}"
 
+      - name: cache
+        run: |
+          nix run \
+            github:cything/nixcp/test-in-ci -- push \
+            --bucket nixcache \
+            --endpoint $AWS_ENDPOINT_URL \
+            --signing-key ${{ runner.temp }}/cache-priv-key.pem \
+            result
+
   build-homes:
     strategy:
       fail-fast: false
@@ -86,7 +80,6 @@ jobs:
           - yt@chunk
         os:
           - ubuntu-latest
-          # - macos-latest
     runs-on: ${{ matrix.os }}
 
     steps:
@@ -105,25 +98,6 @@ jobs:
       - name: setup binary cache key
         run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem
 
-      - name: Sync repository
-        uses: actions/checkout@v4
-        with:
-          persist-credentials: false
-
-      - name: post-build-hook
-        run: |
-          sudo mkdir -p /etc/nix
-          sudo cp ci/upload-to-cache.sh /etc/nix/
-          sudo chmod +x /etc/nix/upload-to-cache.sh
-
-      - name: setup s3 credentials
-        run: |
-          sudo mkdir /root/.aws
-          echo "[default]" |sudo tee /root/.aws/config |sudo tee /root/.aws/credentials
-          echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" |sudo tee -a /root/.aws/credentials
-          echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" |sudo tee -a /root/.aws/credentials
-          echo "endpoint_url=$AWS_ENDPOINT_URL" |sudo tee -a /root/.aws/config
-
       - name: Install Nix
         uses: cachix/install-nix-action@v30
         with:
@@ -136,10 +110,23 @@ jobs:
             secret-key-files = ${{ runner.temp }}/cache-priv-key.pem
             extra-substituters = https://nixcache.cy7.sh
             extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
-            post-build-hook = /etc/nix/upload-to-cache.sh
             download-buffer-size = 1073741824
 
+      - name: Sync repository
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
       - name: build
         run: |
           package=".#homeConfigurations."${{ matrix.home }}".activationPackage"
           nix build -L "$package"
+
+      - name: cache
+        run: |
+          nix run \
+            github:cything/nixcp/test-in-ci -- push \
+            --bucket nixcache \
+            --endpoint $AWS_ENDPOINT_URL \
+            --signing-key ${{ runner.temp }}/cache-priv-key.pem \
+            result
diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml
index 343a54f..61527a1 100644
--- a/.github/workflows/build-packages.yml
+++ b/.github/workflows/build-packages.yml
@@ -32,25 +32,6 @@ jobs:
       - name: setup binary cache key
         run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem
 
-      - name: Sync repository
-        uses: actions/checkout@v4
-        with:
-          persist-credentials: false
-
-      - name: post-build-hook
-        run: |
-          sudo mkdir -p /etc/nix
-          sudo cp ci/upload-to-cache.sh /etc/nix/
-          sudo chmod +x /etc/nix/upload-to-cache.sh
-
-      - name: setup s3 credentials
-        run: |
-          sudo mkdir /root/.aws
-          echo "[default]" |sudo tee /root/.aws/config |sudo tee /root/.aws/credentials
-          echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" |sudo tee -a /root/.aws/credentials
-          echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" |sudo tee -a /root/.aws/credentials
-          echo "endpoint_url=$AWS_ENDPOINT_URL" |sudo tee -a /root/.aws/config
-
       - name: Install Nix
         uses: cachix/install-nix-action@v30
         with:
@@ -63,10 +44,18 @@ jobs:
             secret-key-files = ${{ runner.temp }}/cache-priv-key.pem
             extra-substituters = https://nixcache.cy7.sh
             extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8=
-            post-build-hook = /etc/nix/upload-to-cache.sh
 
       - run: nix build -L ${{ matrix.package }}
 
+      - name: cache
+        run: |
+          nix run \
+            github:cything/nixcp/test-in-ci -- push \
+            --bucket nixcache \
+            --endpoint $AWS_ENDPOINT_URL \
+            --signing-key ${{ runner.temp }}/cache-priv-key.pem \
+            result
+
       - name: prepare tarball to upload
         run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result