diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml index 290761f..f1e07bc 100644 --- a/.github/workflows/build-machines-and-homes.yml +++ b/.github/workflows/build-machines-and-homes.yml @@ -8,6 +8,8 @@ env: TERM: ansi AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + AWS_ENDPOINT_URL: https://s3.cy7.sh jobs: build-machines: @@ -35,7 +37,26 @@ jobs: build-mount-path: /nix - name: setup binary cache key - run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem + run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem + + - name: Sync repository + uses: actions/checkout@v4 + with: + persist-credentials: false + + - name: post-build-hook + run: | + sudo mkdir -p /etc/nix + sudo cp ci/upload-to-cache.sh /etc/nix/ + sudo chmod +x /etc/nix/upload-to-cache.sh + + - name: setup s3 credentials + run: | + sudo mkdir /root/.aws + echo "[default]" |sudo tee /root/.aws/config |sudo tee /root/.aws/credentials + echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" |sudo tee -a /root/.aws/credentials + echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" |sudo tee -a /root/.aws/credentials + echo "endpoint_url=$AWS_ENDPOINT_URL" |sudo tee -a /root/.aws/config - name: Install Nix uses: cachix/install-nix-action@v30 @@ -46,39 +67,15 @@ jobs: experimental-features = nix-command flakes accept-flake-config = true system-features = nixos-test benchmark big-parallel kvm - secret-key-files = /home/runner/cache-priv-key.pem - extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems - extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o= - - - name: Install Lix - run: | - sudo --preserve-env=PATH $(which nix) run \ - 'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \ - upgrade-nix - nix --version - - - name: Sync repository - uses: actions/checkout@v4 - with: - persist-credentials: false + secret-key-files = ${{ runner.temp }}/cache-priv-key.pem + extra-substituters = https://nixcache.cy7.sh + extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= + post-build-hook = /etc/nix/upload-to-cache.sh - name: build run: | - # package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" - # nix build -L "$package" nix run nixpkgs#nixos-rebuild build -- -L --flake ".#${{ matrix.machine }}" - - name: cache - # https://stackoverflow.com/a/58859404 - if: '!cancelled()' - run: | - package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" - nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ - -u https://nix-community.cachix.org \ - -u https://nixcache.web.cy7.sh \ - $package - build-homes: strategy: fail-fast: false @@ -105,7 +102,26 @@ jobs: build-mount-path: /nix - name: setup binary cache key - run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem + run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem + + - name: Sync repository + uses: actions/checkout@v4 + with: + persist-credentials: false + + - name: post-build-hook + run: | + sudo mkdir -p /etc/nix + sudo cp ci/upload-to-cache.sh /etc/nix/ + sudo chmod +x /etc/nix/upload-to-cache.sh + + - name: setup s3 credentials + run: | + sudo mkdir /root/.aws + echo "[default]" |sudo tee /root/.aws/config |sudo tee /root/.aws/credentials + echo "aws_access_key_id=$AWS_ACCESS_KEY_ID" |sudo tee -a /root/.aws/credentials + echo "aws_secret_access_key=$AWS_SECRET_ACCESS_KEY" |sudo tee -a /root/.aws/credentials + echo "endpoint_url=$AWS_ENDPOINT_URL" |sudo tee -a /root/.aws/config - name: Install Nix uses: cachix/install-nix-action@v30 @@ -116,34 +132,12 @@ jobs: experimental-features = nix-command flakes accept-flake-config = true system-features = nixos-test benchmark big-parallel kvm - secret-key-files = /home/runner/cache-priv-key.pem - extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems - extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o= - - - name: Install Lix - run: | - sudo --preserve-env=PATH $(which nix) run \ - 'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \ - upgrade-nix - nix --version - - - name: Sync repository - uses: actions/checkout@v4 - with: - persist-credentials: false + secret-key-files = ${{ runner.temp }}/cache-priv-key.pem + extra-substituters = https://nixcache.cy7.sh + extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= + post-build-hook = /etc/nix/upload-to-cache.sh - name: build run: | package=".#homeConfigurations."${{ matrix.home }}".activationPackage" nix build -L "$package" - - - name: cache - # https://stackoverflow.com/a/58859404 - if: '!cancelled()' - run: | - package=".#homeConfigurations."${{ matrix.home }}".activationPackage" - nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ - -u https://nix-community.cachix.org \ - -u https://nixcache.web.cy7.sh \ - $package diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index 4f76a1d..423c88a 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -11,6 +11,8 @@ env: TERM: ansi AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets. AWS_SECRET_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + AWS_ENDPOINT_URL: https://s3.cy7.sh jobs: build-packages: @@ -22,13 +24,13 @@ jobs: os: - ubuntu-latest - ubuntu-24.04-arm - # - macos-latest - # - macos-13 + - macos-latest + - macos-13 runs-on: ${{ matrix.os }} steps: - name: setup binary cache key - run: echo "${{ secrets.NIX_CACHE_SECRET_KEY }}" >> /home/runner/cache-priv-key.pem + run: echo -n "${{ secrets.NIX_CACHE_SECRET_KEY }}" | xxd -p -r > ${{ runner.temp }}/cache-priv-key.pem - name: Install Nix uses: cachix/install-nix-action@v30 @@ -39,21 +41,9 @@ jobs: experimental-features = nix-command flakes accept-flake-config = true system-features = nixos-test benchmark big-parallel kvm - secret-key-files = /home/runner/cache-priv-key.pem - extra-substituters = https://nixcache.cy7.sh https://cache.lix.systems - extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o= - - - name: Install Lix - run: | - sudo --preserve-env=PATH $(which nix) run \ - 'git+https://git.lix.systems/lix-project/lix?ref=refs/tags/2.92.0' -- \ - upgrade-nix - nix --version - - - name: Sync repository - uses: actions/checkout@v4 - with: - persist-credentials: false + secret-key-files = ${{ runner.temp }}/cache-priv-key.pem + extra-substituters = https://nixcache.cy7.sh + extra-trusted-public-keys = nixcache.cy7.sh:DN3d1dt0wnXfTH03oVmTee4KgmdNdB0NY3SuzA8Fwx8= - run: nix build -L ${{ matrix.package }} @@ -61,10 +51,11 @@ jobs: # https://stackoverflow.com/a/58859404 if: '!cancelled()' run: | - nix run git+https://git.cy7.sh/cy/nixcp.git -- \ - --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem&compression=zstd' \ + nix run github:cything/nixcp -- \ + push \ + --bucket nixcache \ + --signing-key ${{ runner.temp }}/cache-priv-key.pem \ -u https://nix-community.cachix.org \ - -u https://nixcache.web.cy7.sh \ "${{ matrix.package }}" - name: prepare tarball to upload diff --git a/README b/README new file mode 100644 index 0000000..1a59725 --- /dev/null +++ b/README @@ -0,0 +1 @@ +this is only open source for free ci diff --git a/README.md b/README.md deleted file mode 100644 index eb52498..0000000 --- a/README.md +++ /dev/null @@ -1,40 +0,0 @@ -# infra -## ./home -- [home-manager](https://github.com/nix-community/home-manager) configuration files -- foot, tmux, and zsh are configured in Nix -- nvim, rofi, sway, waybar are configured in their own literature and symlinked to $XDG_CONFIG_HOME with home-manager - -## ./hosts -- [`hosts/common.nix`](hosts/common.nix): configuration that makes sense on all computers -- [`hosts/zsh.nix`](hosts/zsh.nix): for computers that have the power to run zsh -### ./hosts/ytnix -- personal laptop -- a single [`default.nix`](hosts/ytnix/default.nix) that could be modularized but works for now - -### ./hosts/chunk -- the overworked server with 5% SLA -- very short and concise [`default.nix`](hosts/chunk/default.nix) -- services organized in their modules -- some services run through `virtualisation.oci-containers`: - - [immich](hosts/chunk/immich.nix) - - [conduwuit](hosts/chunk/conduwuit.nix) - -### ./hosts/titan -- got this cause chunk would go down way too often :( -- hosted on azure for "reliability" -- runs: - - [ghost](hosts/titan/ghost.nix) (through `virtualisation.oci-containers`) - - [uptime-kuma](hosts/titan/uptime-kuma.nix) - - [ntfy-sh](hosts/titan/ntfy.nix) - -## ./secrets -- secrets -- see [`.sops.yaml`](.sops.yaml) for who privy to what - -## backups -- hourly borgbackup to [rsync.net](https://rsync.net) -- see [modules/backup](modules/backup.nix) - -## monitoring -- [status.cything.io](https://status.cything.io/): uptime kuma (reliable) -- [grafana.cything.io](https://grafana.cything.io/): some real-time metrics here; unlike the status page this will go kaput often diff --git a/ci/upload-to-cache.sh b/ci/upload-to-cache.sh new file mode 100755 index 0000000..559d062 --- /dev/null +++ b/ci/upload-to-cache.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +# https://nix.dev/guides/recipes/post-build-hook.html#implementing-the-build-hook +set -eu +set -f # disable globbing +export IFS=' ' +echo "Uploading paths" $OUT_PATHS +exec /nix/var/nix/profiles/default/bin/nix copy --to "s3://nixcache?endpoint=s3.cy7.sh&compression=zstd¶llel-compression=true" $OUT_PATHS diff --git a/flake.lock b/flake.lock index ba20fb3..4370247 100644 --- a/flake.lock +++ b/flake.lock @@ -1,171 +1,6 @@ { "nodes": { - "attic": { - "inputs": { - "crane": "crane", - "flake-compat": "flake-compat", - "flake-parts": "flake-parts", - "nix-github-actions": "nix-github-actions", - "nixpkgs": "nixpkgs", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1738524606, - "narHash": "sha256-hPYEJ4juK3ph7kbjbvv7PlU1D9pAkkhl+pwx8fZY53U=", - "owner": "zhaofengli", - "repo": "attic", - "rev": "ff8a897d1f4408ebbf4d45fa9049c06b3e1e3f4e", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "main", - "repo": "attic", - "type": "github" - } - }, - "cachix": { - "inputs": { - "devenv": "devenv", - "flake-compat": "flake-compat_2", - "git-hooks": "git-hooks", - "nixpkgs": "nixpkgs_4" - }, - "locked": { - "lastModified": 1737621947, - "narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=", - "owner": "cachix", - "repo": "cachix", - "rev": "f65a3cd5e339c223471e64c051434616e18cc4f5", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "master", - "repo": "cachix", - "type": "github" - } - }, - "cachix_2": { - "inputs": { - "devenv": [ - "conduwuit", - "cachix", - "devenv" - ], - "flake-compat": [ - "conduwuit", - "cachix", - "devenv" - ], - "git-hooks": [ - "conduwuit", - "cachix", - "devenv" - ], - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1728672398, - "narHash": "sha256-KxuGSoVUFnQLB2ZcYODW7AVPAh9JqRlD5BrfsC/Q4qs=", - "owner": "cachix", - "repo": "cachix", - "rev": "aac51f698309fd0f381149214b7eee213c66ef0a", - "type": "github" - }, - "original": { - "owner": "cachix", - "ref": "latest", - "repo": "cachix", - "type": "github" - } - }, - "complement": { - "flake": false, - "locked": { - "lastModified": 1741891349, - "narHash": "sha256-YvrzOWcX7DH1drp5SGa+E/fc7wN3hqFtPbqPjZpOu1Q=", - "owner": "girlbossceo", - "repo": "complement", - "rev": "e587b3df569cba411aeac7c20b6366d03c143745", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "ref": "main", - "repo": "complement", - "type": "github" - } - }, - "conduwuit": { - "inputs": { - "attic": "attic", - "cachix": "cachix", - "complement": "complement", - "crane": "crane_2", - "fenix": "fenix", - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils", - "liburing": "liburing", - "nix-filter": "nix-filter", - "nixpkgs": [ - "nixpkgs" - ], - "rocksdb": "rocksdb" - }, - "locked": { - "lastModified": 1743780871, - "narHash": "sha256-xmDepDLHsIWiwpWYjhI40XOrV9jCKrYJQ+EK1EOIdRg=", - "owner": "girlbossceo", - "repo": "conduwuit", - "rev": "4e5b87d0cd16f3d015f4b61285b369d027bb909d", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "repo": "conduwuit", - "type": "github" - } - }, "crane": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1722960479, - "narHash": "sha256-NhCkJJQhD5GUib8zN9JrmYGMwt4lCRp6ZVNzIiYCl0Y=", - "owner": "ipetkov", - "repo": "crane", - "rev": "4c6c77920b8d44cd6660c1621dea6b3fc4b4c4f4", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "crane_2": { - "locked": { - "lastModified": 1739936662, - "narHash": "sha256-x4syUjNUuRblR07nDPeLDP7DpphaBVbUaSoeZkFbGSk=", - "owner": "ipetkov", - "repo": "crane", - "rev": "19de14aaeb869287647d9461cbd389187d8ecdb7", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "ref": "master", - "repo": "crane", - "type": "github" - } - }, - "crane_3": { "locked": { "lastModified": 1737689766, "narHash": "sha256-ivVXYaYlShxYoKfSo5+y5930qMKKJ8CLcAoIBPQfJ6s=", @@ -180,7 +15,7 @@ "type": "github" } }, - "crane_4": { + "crane_2": { "locked": { "lastModified": 1741148495, "narHash": "sha256-EV8KUaIZ2/CdBXlutXrHoZYbWPeB65p5kKZk71gvDRI=", @@ -195,75 +30,17 @@ "type": "github" } }, - "devenv": { - "inputs": { - "cachix": "cachix_2", - "flake-compat": [ - "conduwuit", - "cachix", - "flake-compat" - ], - "git-hooks": [ - "conduwuit", - "cachix", - "git-hooks" - ], - "nix": "nix", - "nixpkgs": [ - "conduwuit", - "cachix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733323168, - "narHash": "sha256-d5DwB4MZvlaQpN6OQ4SLYxb5jA4UH5EtV5t5WOtjLPU=", - "owner": "cachix", - "repo": "devenv", - "rev": "efa9010b8b1cfd5dd3c7ed1e172a470c3b84a064", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "devenv", - "type": "github" - } - }, - "fenix": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "nixpkgs" - ], - "rust-analyzer-src": "rust-analyzer-src" - }, - "locked": { - "lastModified": 1740724364, - "narHash": "sha256-D1jLIueJx1dPrP09ZZwTrPf4cubV+TsFMYbpYYTVj6A=", - "owner": "nix-community", - "repo": "fenix", - "rev": "edf7d9e431cda8782e729253835f178a356d3aab", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "main", - "repo": "fenix", - "type": "github" - } - }, "flake-compat": { - "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", + "lastModified": 1717312683, + "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", + "owner": "nix-community", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", "type": "github" }, "original": { - "owner": "edolstra", + "owner": "nix-community", "repo": "flake-compat", "type": "github" } @@ -284,101 +61,7 @@ "type": "github" } }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "ref": "master", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_4": { - "locked": { - "lastModified": 1717312683, - "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", - "owner": "nix-community", - "repo": "flake-compat", - "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_5": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "conduwuit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "conduwuit", - "cachix", - "devenv", - "nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "lanzaboote", @@ -413,7 +96,6 @@ }, "original": { "owner": "numtide", - "ref": "main", "repo": "flake-utils", "type": "github" } @@ -454,73 +136,22 @@ "type": "github" } }, - "flake-utils_4": { - "inputs": { - "systems": "systems_4" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_5": { - "inputs": { - "systems": "systems_5" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flakey-profile": { - "locked": { - "lastModified": 1712898590, - "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", - "owner": "lf-", - "repo": "flakey-profile", - "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", - "type": "github" - }, - "original": { - "owner": "lf-", - "repo": "flakey-profile", - "type": "github" - } - }, "garage": { "inputs": { - "crane": "crane_3", - "flake-compat": "flake-compat_4", - "flake-utils": "flake-utils_2", + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", "nixpkgs": [ "nixpkgs" ], "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1742547966, - "narHash": "sha256-AJfw+XRaRyrlpb9Wy6rVz44JePy0AXWPECXVPBnrOfI=", + "lastModified": 1745093116, + "narHash": "sha256-38L/NZyfGSGff9f+FfRd4teA1Xj93hqcBJcqhxbLA7Y=", "owner": "deuxfleurs-org", "repo": "garage", - "rev": "14d2f2b18da015508d4a1e31b2f014da5188d516", + "rev": "4ef954d17604eba8aafa52902cd3c573978c7195", "type": "github" }, "original": { @@ -529,59 +160,7 @@ "type": "github" } }, - "git-hooks": { - "inputs": { - "flake-compat": [ - "conduwuit", - "cachix", - "flake-compat" - ], - "gitignore": "gitignore", - "nixpkgs": [ - "conduwuit", - "cachix", - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable_2" - }, - "locked": { - "lastModified": 1733318908, - "narHash": "sha256-SVQVsbafSM1dJ4fpgyBqLZ+Lft+jcQuMtEL3lQWx2Sk=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "6f4e2a2112050951a314d2733a994fbab94864c6", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, "gitignore": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "cachix", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "gitignore_2": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -610,11 +189,11 @@ ] }, "locked": { - "lastModified": 1743948087, - "narHash": "sha256-B6cIi2ScgVSROPPlTti6len+TdR0K25B9R3oKvbw3M8=", + "lastModified": 1745128386, + "narHash": "sha256-xnNxL9lZC5Ez8AxTgHZZu8pYSNM34+5GD5jGSs8Vq4M=", "owner": "nix-community", "repo": "home-manager", - "rev": "ef3b2a6b602c3f1a80c6897d6de3ee62339a3eb7", + "rev": "f98314bb064cf8f8446c44afbadaaad2505875a7", "type": "github" }, "original": { @@ -625,9 +204,9 @@ }, "lanzaboote": { "inputs": { - "crane": "crane_4", - "flake-compat": "flake-compat_5", - "flake-parts": "flake-parts_3", + "crane": "crane_2", + "flake-compat": "flake-compat_2", + "flake-parts": "flake-parts", "nixpkgs": [ "nixpkgs" ], @@ -649,78 +228,9 @@ "type": "github" } }, - "libgit2": { - "flake": false, - "locked": { - "lastModified": 1697646580, - "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=", - "owner": "libgit2", - "repo": "libgit2", - "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5", - "type": "github" - }, - "original": { - "owner": "libgit2", - "repo": "libgit2", - "type": "github" - } - }, - "liburing": { - "flake": false, - "locked": { - "lastModified": 1740613216, - "narHash": "sha256-NpPOBqNND3Qe9IwqYs0mJLGTmIx7e6FgUEBAnJ+1ZLA=", - "owner": "axboe", - "repo": "liburing", - "rev": "e1003e496e66f9b0ae06674869795edf772d5500", - "type": "github" - }, - "original": { - "owner": "axboe", - "ref": "master", - "repo": "liburing", - "type": "github" - } - }, - "lix": { - "flake": false, - "locked": { - "lastModified": 1737234286, - "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", - "rev": "079528098f5998ba13c88821a2eca1005c1695de", - "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" - }, - "original": { - "type": "tarball", - "url": "https://git.lix.systems/lix-project/lix/archive/release-2.92.tar.gz" - } - }, - "lix-module": { - "inputs": { - "flake-utils": "flake-utils_3", - "flakey-profile": "flakey-profile", - "lix": "lix", - "nixpkgs": "nixpkgs_5" - }, - "locked": { - "lastModified": 1742943028, - "narHash": "sha256-fprwZKE1uMzO9tiWWOrmLWBW3GPkMayQfb0xOvVFIno=", - "ref": "release-2.92", - "rev": "3fae818597ca2f1474de62022f850c23be50528d", - "revCount": 134, - "type": "git", - "url": "https://git.lix.systems/lix-project/nixos-module" - }, - "original": { - "ref": "release-2.92", - "type": "git", - "url": "https://git.lix.systems/lix-project/nixos-module" - } - }, "nil": { "inputs": { - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_2", "nixpkgs": [ "nixpkgs" ], @@ -740,85 +250,6 @@ "type": "github" } }, - "nix": { - "inputs": { - "flake-compat": [ - "conduwuit", - "cachix", - "devenv" - ], - "flake-parts": "flake-parts_2", - "libgit2": "libgit2", - "nixpkgs": "nixpkgs_3", - "nixpkgs-23-11": [ - "conduwuit", - "cachix", - "devenv" - ], - "nixpkgs-regression": [ - "conduwuit", - "cachix", - "devenv" - ], - "pre-commit-hooks": [ - "conduwuit", - "cachix", - "devenv" - ] - }, - "locked": { - "lastModified": 1727438425, - "narHash": "sha256-X8ES7I1cfNhR9oKp06F6ir4Np70WGZU5sfCOuNBEwMg=", - "owner": "domenkozar", - "repo": "nix", - "rev": "f6c5ae4c1b2e411e6b1e6a8181cc84363d6a7546", - "type": "github" - }, - "original": { - "owner": "domenkozar", - "ref": "devenv-2.24", - "repo": "nix", - "type": "github" - } - }, - "nix-filter": { - "locked": { - "lastModified": 1731533336, - "narHash": "sha256-oRam5PS1vcrr5UPgALW0eo1m/5/pls27Z/pabHNy2Ms=", - "owner": "numtide", - "repo": "nix-filter", - "rev": "f7653272fd234696ae94229839a99b73c9ab7de0", - "type": "github" - }, - "original": { - "owner": "numtide", - "ref": "main", - "repo": "nix-filter", - "type": "github" - } - }, - "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "conduwuit", - "attic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -826,11 +257,11 @@ ] }, "locked": { - "lastModified": 1743911143, - "narHash": "sha256-4j4JPwr0TXHH4ZyorXN5yIcmqIQr0WYacsuPA4ktONo=", + "lastModified": 1745120797, + "narHash": "sha256-owQ0VQ+7cSanTVPxaZMWEzI22Q4bGnuvhVjLAJBNQ3E=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "a36f6a7148aec2c77d78e4466215cceb2f5f4bfb", + "rev": "69716041f881a2af935021c1182ed5b0cc04d40e", "type": "github" }, "original": { @@ -846,11 +277,11 @@ ] }, "locked": { - "lastModified": 1743410259, - "narHash": "sha256-tjdkPPkRT1Mj72yrpN8oUxYw9SaG8wOQWD3auS1bvSs=", + "lastModified": 1744621833, + "narHash": "sha256-II6a32kRc+KbLhU/jS8EbuXYt1PNCvsRvuBw2becgQM=", "owner": "nix-community", "repo": "nix-ld", - "rev": "140451db1cadeef1e7e9e054332b67b7be808916", + "rev": "9a3812797e25def1d4aed62b517606b7b93989dc", "type": "github" }, "original": { @@ -861,123 +292,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1726042813, - "narHash": "sha256-LnNKCCxnwgF+575y0pxUdlGZBO/ru1CtGHIqQVfvjlA=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "159be5db480d1df880a0135ca0bfed84c2f88353", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1724316499, - "narHash": "sha256-Qb9MhKBUTCfWg/wqqaxt89Xfi6qTD3XpTzQ9eXi3JmE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "797f7dc49e0bc7fab4b57c021cdf68f595e47841", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1730741070, - "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_3": { - "locked": { - "lastModified": 1743813633, - "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=", + "lastModified": 1744932701, + "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1717432640, - "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "release-24.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { - "locked": { - "lastModified": 1733212471, - "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef", "type": "github" }, "original": { @@ -987,29 +306,13 @@ "type": "github" } }, - "nixpkgs_6": { - "locked": { - "lastModified": 1743862455, - "narHash": "sha256-I/QXtrqznq1321mYR9TyMPX/zCWb9iAH64hO+pEBY00=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "06f3516b0397bd241bde2daefc8538fc886c5467", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", - "repo": "nixpkgs", - "type": "github" - } - }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ "lanzaboote", "flake-compat" ], - "gitignore": "gitignore_2", + "gitignore": "gitignore", "nixpkgs": [ "lanzaboote", "nixpkgs" @@ -1029,57 +332,20 @@ "type": "github" } }, - "rocksdb": { - "flake": false, - "locked": { - "lastModified": 1741308171, - "narHash": "sha256-YdBvdQ75UJg5ffwNjxizpviCVwVDJnBkM8ZtGIduMgY=", - "owner": "girlbossceo", - "repo": "rocksdb", - "rev": "3ce04794bcfbbb0d2e6f81ae35fc4acf688b6986", - "type": "github" - }, - "original": { - "owner": "girlbossceo", - "ref": "v9.11.1", - "repo": "rocksdb", - "type": "github" - } - }, "root": { "inputs": { - "conduwuit": "conduwuit", "garage": "garage", "home-manager": "home-manager", "lanzaboote": "lanzaboote", - "lix-module": "lix-module", "nil": "nil", "nix-index-database": "nix-index-database", "nix-ld": "nix-ld", - "nixpkgs": "nixpkgs_6", - "nixpkgs-stable": "nixpkgs-stable_3", + "nixpkgs": "nixpkgs", "rust-overlay": "rust-overlay_4", "sops-nix": "sops-nix", "vscode-extensions": "vscode-extensions" } }, - "rust-analyzer-src": { - "flake": false, - "locked": { - "lastModified": 1740691488, - "narHash": "sha256-Fs6vBrByuiOf2WO77qeMDMTXcTGzrIMqLBv+lNeywwM=", - "owner": "rust-lang", - "repo": "rust-analyzer", - "rev": "fe3eda77d3a7ce212388bda7b6cec8bffcc077e5", - "type": "github" - }, - "original": { - "owner": "rust-lang", - "ref": "nightly", - "repo": "rust-analyzer", - "type": "github" - } - }, "rust-overlay": { "inputs": { "nixpkgs": [ @@ -1151,11 +417,11 @@ ] }, "locked": { - "lastModified": 1743906877, - "narHash": "sha256-Thah1oU8Vy0gs9bh5QhNcQh1iuQiowMnZPbrkURonZA=", + "lastModified": 1745116541, + "narHash": "sha256-5xzA6dTfqCfTTDCo3ipPZzrg3wp01xmcr73y4cTNMP8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "9d00c6b69408dd40d067603012938d9fbe95cfcd", + "rev": "e2142ef330a61c02f274ac9a9cb6f8487a5d0080", "type": "github" }, "original": { @@ -1171,11 +437,11 @@ ] }, "locked": { - "lastModified": 1743910657, - "narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=", + "lastModified": 1744669848, + "narHash": "sha256-pXyanHLUzLNd3MX9vsWG+6Z2hTU8niyphWstYEP3/GU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "523f58a4faff6c67f5f685bed33a7721e984c304", + "rev": "61154300d945f0b147b30d24ddcafa159148026a", "type": "github" }, "original": { @@ -1229,49 +495,19 @@ "type": "github" } }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_5": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "vscode-extensions": { "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_3", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1743904774, - "narHash": "sha256-dHnwYLz1b6ohGP2DjWKpDFEZ9WOm4vYuPXKUna08awU=", + "lastModified": 1745114521, + "narHash": "sha256-P/TgmeavrpUiHCejjjsU2vOMB7cBIcHltGDSKKgi20E=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "da51d4cab526bef885e8c95ab2b9455bfe0940d4", + "rev": "ff14820202442f847fd37862eb48a7cb254a19d3", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 37215e0..0aea8eb 100644 --- a/flake.nix +++ b/flake.nix @@ -2,8 +2,7 @@ description = "cy's flake"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; - nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; home-manager.url = "github:nix-community/home-manager"; @@ -12,9 +11,6 @@ lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; rust-overlay.url = "github:oxalica/rust-overlay"; rust-overlay.inputs.nixpkgs.follows = "nixpkgs"; - conduwuit.url = "github:girlbossceo/conduwuit"; - conduwuit.inputs.nixpkgs.follows = "nixpkgs"; - lix-module.url = "git+https://git.lix.systems/lix-project/nixos-module?ref=release-2.92"; nix-ld.url = "github:nix-community/nix-ld"; nix-ld.inputs.nixpkgs.follows = "nixpkgs"; nil.url = "github:oxalica/nil"; @@ -71,7 +67,6 @@ ./modules inputs.sops-nix.nixosModules.sops inputs.lanzaboote.nixosModules.lanzaboote - inputs.lix-module.nixosModules.default inputs.nix-ld.nixosModules.nix-ld ]; }; @@ -84,7 +79,6 @@ ./hosts/chunk ./modules inputs.sops-nix.nixosModules.sops - inputs.lix-module.nixosModules.default ]; }; }; diff --git a/garnix.yaml b/garnix.yaml deleted file mode 100644 index c189664..0000000 --- a/garnix.yaml +++ /dev/null @@ -1,6 +0,0 @@ -builds: - include: - - 'nixosConfigurations.*' - - 'homeConfigurations.*' - - '*.aarch64-linux.*' - - '*.x86_64-linux.*' diff --git a/home/codium.nix b/home/codium.nix index 706736d..ba4e324 100644 --- a/home/codium.nix +++ b/home/codium.nix @@ -23,8 +23,6 @@ tamasfe.even-better-toml golang.go ms-python.python - christian-kohler.path-intellisense - # firefox-devtools.vscode-firefox-debug ]; userSettings = let @@ -75,11 +73,7 @@ "telemetry.enableTelemetry" = false; "telemetry.telemetryLevel" = "off"; "window.titleBarStyle" = "custom"; - # https://github.com/ChristianKohler/PathIntellisense#installation - "typescript.suggest.paths" = false; - "javascript.suggest.paths" = false; - - "path-intellisense.absolutePathToWorkspace" = true; + "editor.formatOnSave" = true; # terminal stuff "terminal.integrated.cursorBlinking" = true; diff --git a/home/kitty.nix b/home/kitty.nix index a77a432..a6ddf37 100644 --- a/home/kitty.nix +++ b/home/kitty.nix @@ -7,7 +7,6 @@ package = pkgs.ibm-plex; size = 12; }; - themeFile = "GitHub_Dark"; settings = { enable_audio_bell = true; # how many windows should be open before kitty asks diff --git a/home/yt/ytnix.nix b/home/yt/ytnix.nix index 686a8a3..f22d425 100644 --- a/home/yt/ytnix.nix +++ b/home/yt/ytnix.nix @@ -103,6 +103,8 @@ gopls rust-analyzer minio-client + nil + keepassxc ]; home.sessionVariables = { @@ -160,4 +162,6 @@ enable = true; addKeysToAgent = "yes"; }; + + programs.firefox.enable = true; } diff --git a/hosts/chunk/conduwuit.nix b/hosts/chunk/conduwuit.nix deleted file mode 100644 index 3a6638f..0000000 --- a/hosts/chunk/conduwuit.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ ... }: -{ - services.conduwuit = { - enable = true; - settings.global = { - port = [ 8448 ]; - server_name = "cything.io"; - allow_check_for_updates = true; - }; - }; - - services.caddy.virtualHosts."chat.cything.io".extraConfig = '' - import common - reverse_proxy localhost:8448 - ''; - - services.caddy.virtualHosts."cything.io" = { - serverAliases = [ "www.cything.io" ]; - extraConfig = '' - import common - - header /.well-known/matrix/* Content-Type application/json - header /.well-known/matrix/* Access-Control-Allow-Origin * - header /.well-known/matrix/* Access-Control-Allow-Methods GET,POST,PUT,DELETE,OPTIONS,PATCH,HEAD - header /.well-known/matrix/* Access-Control-Allow-Headers X-Requested-With,Content-Type,Authorization,Origin,Accept - route { - respond /.well-known/matrix/server {"m.server":"chat.cything.io:443"} - respond /.well-known/matrix/client {"m.server":{"base_url":"https://chat.cything.io"},"m.homeserver":{"base_url":"https://chat.cything.io"},"org.matrix.msc3575.proxy":{"url":"https://chat.cything.io"}} - redir https://cy7.sh/posts{uri} permanent - } - ''; - }; -} diff --git a/hosts/chunk/default.nix b/hosts/chunk/default.nix index 9c6289d..2e4c960 100644 --- a/hosts/chunk/default.nix +++ b/hosts/chunk/default.nix @@ -16,7 +16,6 @@ ./redlib.nix ./vaultwarden.nix ./grafana.nix - ./conduwuit.nix ./immich.nix ./forgejo.nix ./garage.nix @@ -138,13 +137,15 @@ "podman" ]; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" ]; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" ]; # for forgejo users.users.git = { @@ -183,7 +184,7 @@ my.containerization.enable = true; my.authelia.enable = true; my.karakeep = { - enable = true; + enable = false; dataDir = "/opt/karakeep"; }; } diff --git a/hosts/common.nix b/hosts/common.nix index 77e0edb..b1989b1 100644 --- a/hosts/common.nix +++ b/hosts/common.nix @@ -1,6 +1,7 @@ -{ inputs, config, ... }: +{ inputs, config, pkgs, ... }: { nix = { + package = pkgs.lix; settings = { experimental-features = "nix-command flakes"; auto-optimise-store = true; diff --git a/hosts/ytnix/default.nix b/hosts/ytnix/default.nix index ed91b61..ddf1364 100644 --- a/hosts/ytnix/default.nix +++ b/hosts/ytnix/default.nix @@ -274,7 +274,6 @@ enable = true; # nix run github:thiagokokada/nix-alien#nix-alien-find-libs ./ libraries = with pkgs; [ - # TODO: revisit what we actually need mesa extest stdenv.cc.cc @@ -330,6 +329,7 @@ pcre2 gsettings-desktop-schemas fzf + systemd ]; }; programs.evolution.enable = true; diff --git a/modules/caddy.nix b/modules/caddy.nix index 0eb2cb7..c5de226 100644 --- a/modules/caddy.nix +++ b/modules/caddy.nix @@ -21,7 +21,7 @@ in # (still need the @ to pass nix config check) "github.com/caddy-dns/cloudflare@v0.0.0-20250228175314-1fb64108d4de" ]; - hash = "sha256-YYpsf8HMONR1teMiSymo2y+HrKoxuJMKIea5/NEykGc="; + hash = "sha256-pfh9DXUj35jlAntkWc4D5wuW04xxQfM1rZ4KFauMzvc="; }; logFormat = lib.mkForce "level INFO"; acmeCA = "https://acme-v02.api.letsencrypt.org/directory"; @@ -49,7 +49,8 @@ in respond / 200 { body "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhUt9h5dCcrwOrZNKkStCX5OxumPzEwYXSU/0DgtWgP - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD" + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD + sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIA/IX9OFEhHS9Dl8nrtHkL7j7hhy7in9OAY/hVuzEGL0AAAABHNzaDo=" } ''; }; diff --git a/overlay/default.nix b/overlay/default.nix index 9e6336c..67d855e 100644 --- a/overlay/default.nix +++ b/overlay/default.nix @@ -7,14 +7,12 @@ pkgFrom = flake: pkg: flake.packages.${prev.system}.${pkg}; in { - conduwuit = pkgFrom inputs.conduwuit "default"; - attic-server = pkgFrom inputs.attic "attic-server"; - attic = pkgFrom inputs.attic "attic"; garage = ( (pkgFrom inputs.garage "default").overrideAttrs { meta.mainProgram = "garage"; } ); + nil = pkgFrom inputs.nil "default"; } ) ]