use ghidra-bin cause debugger works

comment out gtk config
flake update
2025-02-04 10:11:36 -05:00 · 2025-02-02 16:09:55 -05:00 · 2025-02-02 15:26:01 -05:00 · 2025-02-02 15:25:04 -05:00 · 2025-02-02 10:52:53 -05:00 · 2025-02-01 23:40:16 -05:00
18 changed files with 374 additions and 96 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -108,3 +108,8 @@ creation_rules:
      - age:
          - *chunk
          - *cy
+  - path_regex: secrets/yt/(.*).yaml$
+    key_groups:
+      - age:
+          - *yt
+          - *cy
--- a/flake.lock
+++ b/flake.lock
@ -369,11 +369,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1736143030,
-        "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
+        "lastModified": 1738453229,
+        "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
+        "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd",
        "type": "github"
      },
      "original": {
@ -562,11 +562,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738178313,
-        "narHash": "sha256-/8TLf6LkXGRGERzcWMNDeXjYaHSbexmfV+ofheo7K6k=",
+        "lastModified": 1738448366,
+        "narHash": "sha256-4ATtQqBlgsGqkHTemta0ydY6f7JBRXz4Hf574NHQpkg=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "420a0d9506b5dac4d86a68b9ef8e763624ad86c6",
+        "rev": "18fa9f323d8adbb0b7b8b98a8488db308210ed93",
        "type": "github"
      },
      "original": {
@ -683,11 +683,11 @@
        "pre-commit-hooks": "pre-commit-hooks"
      },
      "locked": {
-        "lastModified": 1738174211,
-        "narHash": "sha256-eYmp1mKM4kULV1W+EBtCPk6LmKWl2REivaYfGRl+AWo=",
+        "lastModified": 1738446528,
+        "narHash": "sha256-NYL/r7EXSyYP7nXuYGvGYMI9QtztGjVaKKofBt/pCv8=",
        "ref": "refs/heads/main",
-        "rev": "64e33a7e09a0d1faacf2fd3f6ebd647fe4d8346a",
-        "revCount": 17329,
+        "rev": "a51380645f61b33d37a536b596d16c481f7b84a6",
+        "revCount": 17342,
        "type": "git",
        "url": "https://git.lix.systems/lix-project/lix"
      },
@ -737,11 +737,11 @@
        "xwayland-satellite-unstable": "xwayland-satellite-unstable"
      },
      "locked": {
-        "lastModified": 1738156024,
-        "narHash": "sha256-D3cox2cbtFauXz1skDTkJwSU0272wY6wRwiFNm5TV/c=",
+        "lastModified": 1738502867,
+        "narHash": "sha256-92cVHcxV7j00BquLo5I4G8EwKzrq2AlHuD3AQV9r+T8=",
        "owner": "sodiboo",
        "repo": "niri-flake",
-        "rev": "541920ede8b5d48f110c94d858a1ddf283eac3b9",
+        "rev": "cf0be7affb15e21727d137c029146fe7df2bc6d0",
        "type": "github"
      },
      "original": {
@ -770,11 +770,11 @@
    "niri-unstable": {
      "flake": false,
      "locked": {
-        "lastModified": 1738148186,
-        "narHash": "sha256-Yd2xKbZ8S4LC5sxPleuutlX0RbKnI93LhciVhneNBHQ=",
+        "lastModified": 1738479340,
+        "narHash": "sha256-sutel7RKfu9eIJsjswSzptCIvKELbXQCSldt0PtwSd0=",
        "owner": "YaLTeR",
        "repo": "niri",
-        "rev": "1d3820a064f1f3b686eb6e8a1aab155681a96457",
+        "rev": "d5592743cb04cef3fe50c987b7ba9349c5090dbd",
        "type": "github"
      },
      "original": {
@ -832,11 +832,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738033138,
-        "narHash": "sha256-qlIM8A3bdL9c6PexhpS+QyZLO9y/8a3V75HVyJgDE5Q=",
+        "lastModified": 1738277753,
+        "narHash": "sha256-iyFcCOk0mmDiv4ut9mBEuMxMZIym3++0qN1rQBg8FW0=",
        "owner": "lnl7",
        "repo": "nix-darwin",
-        "rev": "349a74c66c596ef97ee97b4d80a3ca61227b6120",
+        "rev": "49b807fa7c37568d7fbe2aeaafb9255c185412f9",
        "type": "github"
      },
      "original": {
@ -883,6 +883,26 @@
        "type": "github"
      }
    },
+    "nix-ld": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1737361468,
+        "narHash": "sha256-+CtIrQZ22MOAOHcpg1zbhX/fVkmEc8A8lYVpXAbXElQ=",
+        "owner": "nix-community",
+        "repo": "nix-ld",
+        "rev": "7f15f8622b63b907fef137689f4528a9447d9377",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nix-ld",
+        "type": "github"
+      }
+    },
    "nix2container": {
      "flake": false,
      "locked": {
@ -1045,11 +1065,11 @@
    },
    "nixpkgs_5": {
      "locked": {
-        "lastModified": 1738178544,
-        "narHash": "sha256-UbM+zJFlze877N5j2YMLKYFX7t05VvmuNX2M0vJ7RfI=",
+        "lastModified": 1738487426,
+        "narHash": "sha256-hnB0V0R/aKASnTBeTthFvW60uydv1xswWD4weqSuSfg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "975ac0ab33ee7fea64842047a96f5d679d90913c",
+        "rev": "8ed1fafea6a613d962f6a84c1153d34dc8b06d83",
        "type": "github"
      },
      "original": {
@ -1082,11 +1102,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738184667,
-        "narHash": "sha256-+pG3UJVAdVCF3nGRpy5n/tbCzGa64DCWOC8hAxnssD0=",
+        "lastModified": 1738517265,
+        "narHash": "sha256-ZzulGUIHZhvcSHx+1ucCJkIcn27r9H+cSzCCpKxJcls=",
        "owner": "nix-community",
        "repo": "nixvim",
-        "rev": "2f5374c3dcd06c750c36798bce6bccdf8a25bc89",
+        "rev": "56d0c4579e022b44a3e324f722fa23a6f4295798",
        "type": "github"
      },
      "original": {
@ -1105,11 +1125,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1737924095,
-        "narHash": "sha256-9RO/IlxiE7bpY7GYsdDMNB533PnDOBo9UvYyXXqlN4c=",
+        "lastModified": 1738445998,
+        "narHash": "sha256-wF2ZcRKF37re161jrXtNyjGMBDsIFtPeDvmIVfp8f7w=",
        "owner": "NuschtOS",
        "repo": "search",
-        "rev": "5efc9c966bb9bdad07a3c28667eac38b758c6f18",
+        "rev": "381d84a7422a4dbfef6a9c7703dbaf42036ae1c3",
        "type": "github"
      },
      "original": {
@ -1134,6 +1154,29 @@
        "type": "github"
      }
    },
+    "plasma-manager": {
+      "inputs": {
+        "home-manager": [
+          "home-manager"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1736549395,
+        "narHash": "sha256-XzwkB62Tt5UYoL1jXiHzgk/qz2fUpGHExcSIbyGTtI0=",
+        "owner": "nix-community",
+        "repo": "plasma-manager",
+        "rev": "a53af7f1514ef4cce8620a9d6a50f238cdedec8b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "plasma-manager",
+        "type": "github"
+      }
+    },
    "pre-commit-hooks": {
      "flake": false,
      "locked": {
@ -1207,10 +1250,12 @@
        "lix": "lix",
        "lix-module": "lix-module",
        "niri": "niri",
+        "nix-ld": "nix-ld",
        "nixpkgs": "nixpkgs_5",
        "nixpkgs-garage": "nixpkgs-garage",
        "nixvim": "nixvim",
        "nvim-github-theme": "nvim-github-theme",
+        "plasma-manager": "plasma-manager",
        "rust-overlay": "rust-overlay",
        "sops-nix": "sops-nix",
        "treefmt": "treefmt"
@ -1240,11 +1285,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738117527,
-        "narHash": "sha256-GFviGfaezjGLFUlxdv3zyC7rSZvTXqwcG/YsF6MDkOw=",
+        "lastModified": 1738463259,
+        "narHash": "sha256-+5QJpiRpkh1ALvKcMEpPyGwkPZfaynsYF4SFdNW5UfQ=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "6a3dc6ce4132bd57359214d986db376f2333c14d",
+        "rev": "e2bb8c205a069514535f083742c7da8dfb6e02b9",
        "type": "github"
      },
      "original": {
@ -1260,11 +1305,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1737411508,
-        "narHash": "sha256-j9IdflJwRtqo9WpM0OfAZml47eBblUHGNQTe62OUqTw=",
+        "lastModified": 1738291974,
+        "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "015d461c16678fc02a2f405eb453abb509d4e1d4",
+        "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -68,6 +68,15 @@
      inputs.nixpkgs.follows = "nixpkgs";
      inputs.flake-compat.follows = "flake-compat";
    };
+    nix-ld = {
+      url = "github:nix-community/nix-ld";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    plasma-manager = {
+      url = "github:nix-community/plasma-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.home-manager.follows = "home-manager";
+    };

    nixpkgs-garage.url = "github:cything/nixpkgs/garage-module"; # unmerged PR

@ -136,7 +145,7 @@

              settings.global.excludes = [
                "secrets/*"
-                "**/*.png" # tries to format a png file??
+                "**/*.png" # tries to format a png file
              ];
            };
          };
@ -169,7 +178,8 @@
                    ./modules
                    inputs.lanzaboote.nixosModules.lanzaboote
                    inputs.niri.nixosModules.niri
-                    inputs.lix-module.nixosModules.default # broken
+                    inputs.lix-module.nixosModules.default
+                    inputs.nix-ld.nixosModules.nix-ld
                  ];
                };
                chunk = lib.nixosSystem {
@ -213,6 +223,7 @@
                    ./home/yt/ytnix.nix
                    inputs.nixvim.homeManagerModules.nixvim
                    inputs.niri.homeModules.config
+                    inputs.plasma-manager.homeManagerModules.plasma-manager
                  ];
                };

--- a/home/kitty.nix
+++ b/home/kitty.nix
@ -67,4 +67,6 @@
      "kitty_mod+o>l" = "kitten hints --type linenum";
    };
  };
+
+  programs.zsh.shellAliases."ssh" = "kitten ssh";
 }
--- a/home/niri/default.nix
+++ b/home/niri/default.nix
@ -102,6 +102,7 @@ in
          { app-id = "com.mitchellh.ghostt"; }
          { app-id = "org.kde.okular"; }
          { app-id = "kitty"; }
+          { app-id = "VSCodium"; }
        ];
        default-column-width.proportion = .5;
      }
--- a/home/plasma.nix
+++ b/home/plasma.nix
@ -0,0 +1,80 @@
+{ ... }:
+{
+  programs.plasma = {
+    enable = true;
+    overrideConfig = true;
+    immutableByDefault = true;
+    workspace = {
+      lookAndFeel = "org.ide.breezedark.desktop";
+      cursor = {
+        theme = "Bibata-Modern-Classic";
+        size = 23;
+      };
+    };
+
+    fonts = {
+      general = {
+        family = "IBM Plex Mono";
+        pointSize = 12;
+      };
+    };
+
+    input.keyboard = {
+      numlockOnStartup = "on";
+      options = [ "ctrl:nocaps" ];
+    };
+
+    # Meta key is actually the Super key in KDE
+
+    hotkeys.commands = {
+      "launch-terminal" = {
+        name = "launch terminal";
+        key = "Meta+Return";
+        command = "kitty";
+      };
+      "launch-browser" = {
+        name = "launch browser";
+        key = "Meta+B";
+        command = "librewolf";
+      };
+    };
+
+    shortcuts = {
+      kwin = {
+        "Switch Window Down" = "Meta+J";
+        "Switch Window Left" = "Meta+H";
+        "Switch Window Right" = "Meta+L";
+        "Switch Window Up" = "Meta+K";
+        "Window Quick Tile Down" = "Meta+Shift+J";
+        "Window Quick Tile Left" = "Meta+Shift+H";
+        "Window Quick Tile Right" = "Meta+Shift+L";
+        "Window Quick Tile Up" = "Meta+Shift+K";
+        "Window Close" = "Meta+Ctrl+Q";
+        "Window Maximize" = "Meta+W";
+        "Window Minimize" = "Meta+Shift+-";
+        "Window Fullscreen" = "Meta+F";
+        "Window Shrink Horizontal" = "Meta+-";
+      };
+
+      ksmserver = {
+        "Lock Session" = [
+          "Screensaver"
+          "Meta+Ctrl+L"
+        ];
+      };
+    };
+
+    configFile = {
+      # save RAM
+      baloofilerc."Basic Settings"."Indexing-Enabled" = false;
+    };
+
+    # looks like KDE overrides services.logind settings
+    powerdevil.AC = {
+      whenLaptopLidClosed = "hibernate";
+    };
+    powerdevil.battery = {
+      whenLaptopLidClosed = "hibernate";
+    };
+  };
+}
--- a/home/vscode.nix
+++ b/home/vscode.nix
@ -11,7 +11,8 @@
      jnoortheen.nix-ide
      editorconfig.editorconfig
      github.github-vscode-theme
-      github.codespaces
+      github.copilot
+      rust-lang.rust-analyzer
    ];
    userSettings = {
      "workbench.colorTheme" = "GitHub Dark Default";
--- a/home/yt/ytnix.nix
+++ b/home/yt/ytnix.nix
@ -1,5 +1,6 @@
 {
  pkgs,
+  lib,
  ...
 }:
 {
@ -10,6 +11,7 @@
    ../irssi.nix
    ../kitty.nix
    ../vscode.nix
+    ../plasma.nix
  ];
  home = {
    username = "yt";
@ -20,24 +22,27 @@

  systemd.user.startServices = "sd-switch";

-  qt = {
-    enable = true;
-    platformTheme.name = "kde";
-    style.name = "breeze-dark";
-    style.package = pkgs.kdePackages.breeze;
-  };
+  # keep this commented when using plasma
+  # otherwise "system settings" in KDE will not function
+  # qt = {
+  #   enable = true;
+  #   platformTheme.name = "kde";
+  #   style.name = "breeze-dark";
+  #   style.package = pkgs.kdePackages.breeze;
+  # };

-  gtk = {
-    enable = true;
-    theme = {
-      package = pkgs.adw-gtk3;
-      name = "adw-gtk3-dark";
-    };
-    iconTheme = {
-      package = pkgs.adwaita-icon-theme;
-      name = "Adwaita";
-    };
-  };
+  # this one too
+  # gtk = {
+  #   enable = true;
+  #   theme = {
+  #     package = pkgs.adw-gtk3;
+  #     name = "adw-gtk3-dark";
+  #   };
+  #   iconTheme = {
+  #     package = pkgs.adwaita-icon-theme;
+  #     name = "Adwaita";
+  #   };
+  # };

  home.pointerCursor = {
    package = pkgs.bibata-cursors;
@ -106,8 +111,19 @@
    nixpkgs-review
    just
    hugo
-    ghidra
+    ghidra-bin
    sequoia
+    sccache
+    awscli2
+    lldb
+    (cutter.withPlugins (p: with p; [
+      rz-ghidra
+      jsdec
+      sigdb
+    ]))
+    ida-free
+    patchelf
+    radare2
  ];

  programs.waybar.enable = true;
@ -145,8 +161,6 @@
    '';
  };

-  services.gnome-keyring.enable = true;
-
  programs.direnv = {
    enable = true;
    nix-direnv.enable = true;
@ -164,5 +178,19 @@
  home.sessionVariables = {
    # to make ghidra work on xwayland
    _JAVA_AWT_WM_NONREPARENTING = 1;
+
+    # sccache stuff
+    RUSTC_WRAPPER = "${lib.getExe pkgs.sccache}";
+    SCCACHE_BUCKET = "sccache";
+    SCCACHE_REGION = "earth";
+    SCCACHE_ENDPOINT = "https://sccache.s3.cy7.sh";
+    SCCACHE_ALLOW_CORE_DUMPS = "true";
+    SCCACHE_S3_USE_SSL = "true";
+    SCCACHE_CACHE_MULTIARCH = "true";
+    SCCACHE_LOG_LEVEL = "warn";
+    AWS_DEFAULT_REGION = "earth";
+    AWS_ENDPOINT_URL = "https://s3.cy7.sh";
+    AWS_ACCESS_KEY_ID = "$(cat /run/secrets/aws/key_id)";
+    AWS_SECRET_ACCESS_KEY = "$(cat /run/secrets/aws/key_secret)";
  };
 }
--- a/home/zsh/default.nix
+++ b/home/zsh/default.nix
@ -89,8 +89,8 @@
      "ga" = "git add";
      "gaa" = "git add --all";
      "gb" = "git branch";
-      "gc" = "git commit --verbose -s";
-      "gcmsg" = "git commit -s --message";
+      "gc" = "git commit --verbose";
+      "gcmsg" = "git commit --message";
      "gd" = "git diff";
      "gdca" = "git diff --cached";
      "gds" = "git diff --staged";
--- a/hosts/chunk/default.nix
+++ b/hosts/chunk/default.nix
@ -1,6 +1,4 @@
 {
-  config,
-  lib,
  pkgs,
  ...
 }:
@ -206,6 +204,4 @@
  };
  virtualisation.oci-containers.backend = "podman";
  environment.enableAllTerminfo = true;
-
-  my.soju.enable = true;
 }
--- a/hosts/chunk/forgejo.nix
+++ b/hosts/chunk/forgejo.nix
@ -33,6 +33,10 @@

  services.caddy.virtualHosts."git.cy7.sh".extraConfig = ''
    import common
+
+    # renamed repo
+    uri replace /cy/infra /cy/nixos-config
+
    reverse_proxy localhost:3000
  '';
  services.caddy.virtualHosts."git.cything.io".extraConfig = ''
--- a/hosts/chunk/garage.nix
+++ b/hosts/chunk/garage.nix
@ -8,6 +8,12 @@
      s3_api = {
        s3_region = "earth";
        api_bind_addr = "[::]:3900";
+        root_domain = ".s3.cy7.sh";
+      };
+      s3_web = {
+        bind_addr = "[::]:3902";
+        root_domain = ".web.s3.cy7.sh";
+        index = "index.html";
      };
      admin.api_bind_addr = "[::]:3903";
      rpc_bind_addr = "[::]:3901";
@ -17,8 +23,21 @@
    environmentFile = config.sops.secrets."garage/env".path;
  };

-  services.caddy.virtualHosts."s3.cy7.sh".extraConfig = ''
-    import common
-    reverse_proxy localhost:3900
-  '';
+  services.caddy.virtualHosts = {
+    "s3.cy7.sh" = {
+      serverAliases = [ "*.s3.cy7.sh" ];
+      extraConfig = ''
+        import common
+        reverse_proxy localhost:3900
+      '';
+    };
+    "*.web.s3.cy7.sh".extraConfig = ''
+      import common
+      reverse_proxy localhost:3902
+    '';
+    "admin.s3.cy7.sh".extraConfig = ''
+      import common
+      reverse_proxy localhost:3903
+    '';
+  };
 }
--- a/hosts/ytnix/default.nix
+++ b/hosts/ytnix/default.nix
@ -36,6 +36,14 @@
    "tailscale/auth" = {
      sopsFile = ../../secrets/services/tailscale.yaml;
    };
+    "aws/key_id" = {
+      sopsFile = ../../secrets/yt/aws.yaml;
+      owner = "yt";
+    };
+    "aws/key_secret" = {
+      sopsFile = ../../secrets/yt/aws.yaml;
+      owner = "yt";
+    };
  };

  boot = {
@ -166,6 +174,8 @@
    haskell-language-server
    ghc
    sbctl # secure boot
+    wine-wayland
+    wine64
  ];

  environment.sessionVariables = {
@ -179,6 +189,12 @@
  services.displayManager = {
    enable = true;
    autoLogin.user = "yt";
+    defaultSession = "plasma";
+    sddm = {
+      enable = true;
+      wayland.enable = true;
+      autoNumlock = true;
+    };
  };

  fonts.packages = with pkgs; [
@ -268,12 +284,56 @@
  programs.virt-manager.enable = true;

  services.usbmuxd.enable = true;
-  programs.nix-ld.enable = true;
+  programs.nix-ld.dev = {
+    enable = true;
+    # nix run github:thiagokokada/nix-alien#nix-alien-find-libs ./<binary>
+    libraries = with pkgs; [
+      mesa
+      extest
+      stdenv.cc.cc
+      libGL
+      fontconfig
+      libxkbcommon
+      zlib
+      libxml2
+      dbus
+      freetype
+      egl-wayland
+      waylandpp
+      cairo
+      xcb-util-cursor
+      libplist
+      p11-kit
+      kdePackages.qtwayland
+      qt6.qtwayland
+      libsForQt5.qt5.qtwayland
+      xorg.libX11
+      xorg.libxcb
+      xorg.xcbutilwm
+      xorg.xcbutilimage
+      xorg.xcbutilkeysyms
+      xorg.xcbutilrenderutil
+      xorg.libXScrnSaver
+      xorg.libXcomposite
+      xorg.libXcursor
+      xorg.libXdamage
+      xorg.libXext
+      xorg.libXfixes
+      xorg.libXi
+      xorg.libXrandr
+      xorg.libXrender
+      xorg.libXtst
+      xorg.libxkbfile
+      xorg.libxshmfence
+    ];
+  };
  programs.evolution.enable = true;

  xdg.portal = {
    enable = true;
    wlr.enable = true;
+    xdgOpenUsePortal = true;
+    extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-gnome ];
  };

  programs.obs-studio = {
@ -330,4 +390,9 @@
    startAgent = true;
    enableAskPassword = true;
  };
+
+  services.desktopManager.plasma6 = {
+    enable = true;
+    enableQt5Integration = true;
+  };
 }
--- a/modules/caddy.nix
+++ b/modules/caddy.nix
@ -1,6 +1,7 @@
 {
  config,
  lib,
+  pkgs,
  ...
 }:
 let
@ -14,6 +15,14 @@ in
  config = lib.mkIf cfg.enable {
    services.caddy = {
      enable = true;
+      package = pkgs.caddy.withPlugins {
+        plugins = [
+          # error message will tell you the correct version tag to use
+          # (still need the @ to pass nix config check)
+          "github.com/caddy-dns/cloudflare@v0.0.0-20240703190432-89f16b99c18e"
+        ];
+        hash = "sha256-jCcSzenewQiW897GFHF9WAcVkGaS/oUu63crJu7AyyQ=";
+      };
      logFormat = lib.mkForce "level INFO";
      acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
      extraConfig = ''
@ -22,6 +31,10 @@ in
          header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
        }
      '';
+      globalConfig = ''
+        acme_dns cloudflare {$CLOUDFLARE_KEY}
+      '';
+      environmentFile = config.sops.secrets."caddy/env".path;
    };
  };
 }
--- a/modules/default.nix
+++ b/modules/default.nix
@ -3,6 +3,5 @@
  imports = [
    ./backup.nix
    ./caddy.nix
-    ./soju.nix
  ];
 }
--- a/modules/soju.nix
+++ b/modules/soju.nix
@ -1,23 +0,0 @@
-{ config, lib, ... }:
-let
-  cfg = config.my.soju;
-in
-{
-  options.my.soju = {
-    enable = lib.mkEnableOption "soju";
-  };
-
-  config = lib.mkIf cfg.enable {
-    services.soju = {
-      enable = true;
-      # should be fine since caddy will provide TLS
-      listen = [ "irc+insecure://127.0.0.1:6667" ];
-      hostName = "soju.cy7.sh";
-    };
-
-    services.caddy.virtualHosts."soju.cy7.sh".extraConfig = ''
-      import common
-      reverse_proxy 127.0.0.1:6667
-    '';
-  };
-}
--- a/secrets/services/caddy.yaml
+++ b/secrets/services/caddy.yaml
@ -1,5 +1,5 @@
 caddy:
-    env: ENC[AES256_GCM,data:uVCkVky5MRRhN+g4f634nBjvpcI5Ldy+eOKXg7eGu9foswTHA1SXDs67+Wuvo/jaPw7Zg67xKZRHnoTon1udQzyfu0T6pmVKfsUPewITYCd+qLTanFz6uVRUHzpUVwjCZNqB8gxNr/BiZ70NG4vQXRjgd3zKFrQYQBr4zSaP2vK1pRdbuQ==,iv:dQBfX4X8huUp2dqY3tEGW+BPZ/XADT10ptt85R7X+AY=,tag:cvMbFjkRHoxxnNfz8dGv5g==,type:str]
+    env: ENC[AES256_GCM,data:XyxcCVT+rwlS7A3xzUgGqpMoLwhfUJo2++zPTgoPt3q6Edt14bYQJsoSJXnKx/lGg/0ilNfEEg8AEnru/Mzx0bWedSdWuZ380l8wlLiucqQThhEBhEJlyd94BMNzhxFdj82w0ejp4oWb5By/WjkFNesvAyxPIo/Ir4S+fTgGpA1iO2Ms8Pdjp00qeXYsK1CfjaXOYlEP+8BxntN2JKLYb8Cgs7dLmHfUwP6gTFKlTukUTtQZYUw336q3TtGy,iv:Ab/E0ljUBxzWlXfAC2BXCYxlgo0ErvKFaubgVjFR3OU=,tag:Yr24/DofYS2lM6f2/1LQ3Q==,type:str]
 sops:
    kms: []
    gcp_kms: []
@ -33,8 +33,8 @@ sops:
            Q2hBZE1FOHJ3aW5rVmoyK045eG11cmsKFOmP5iWONREZvxu0rM+fKMPQKgnYq5LH
            AKMZFsP7nnUxjdCXEA18sDg4Rf0qp8i3uQK3D6P7417j9ye/YZA4BQ==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-12-17T03:25:37Z"
-    mac: ENC[AES256_GCM,data:bhFBLkT2q6HGtTPtHLVZkKZn00Lbm11/u3qSR19lU2E1SsQ7mpukvCqcTxNWtJ+HHth6yJJfgM6XABKq/9/598L2MgGuF3C/GGS3xpjwHh5RyV8t1lV8cqDaZGjGOMGx35lFQ6DoXOreQrtP/f7MKzf+nVNFr1NbTR8YhqR1xDU=,iv:+fjYlbyIyM9nLagrvE+PUhC2pT7QTsTSQX7ELZ7Wuhs=,tag:GWQv6VmIsWwFzb4bUr5CLg==,type:str]
+    lastmodified: "2025-01-30T17:26:39Z"
+    mac: ENC[AES256_GCM,data:saoalvnwHsv0CTw/cRZqibnH9oGoZTNwGUT7RePKRa8OwNzbUEzQt+Z1WrmmWoqR+omQXLE+lpOPv6uNYxvAWnIelzCGeBBCMSBxtjlTUsjts7oFo7d9C5SdTIOkzotDxryvjRupb0P7hAmEqcSUKRZipJy5MVR7VXR1XZ4fIPM=,iv:VaP05zj8L2pygi1/M4BnOV3Inf0ssaWMu+aTBkdDMys=,tag:nuZT8GMB4F0T5dHnTvHOhA==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
-    version: 3.9.2
+    version: 3.9.4
--- a/secrets/yt/aws.yaml
+++ b/secrets/yt/aws.yaml
@ -0,0 +1,32 @@
+aws:
+    key_id: ENC[AES256_GCM,data:vxa8IS5zVOStsQaQNoPy36MeCw2KD2Th5tg=,iv:TrPukr/bpkGysf1YigBlXwaCu0H1FM6ivCVQEgnst6A=,tag:yrlcsDkLkH7U2i3JgjDaBA==,type:str]
+    key_secret: ENC[AES256_GCM,data:R9hFgtylEW1RphrP7/9Hi7HIb7gcQX1WDEVfnUTTzh+/0LM2Rb9CdkaleO8wNlcyYVE/jUKtqdqqrospAJ7+Zw==,iv:3+yCVqH441+oXFLI5usaQdhnE3GFhbJjMsYeRvk8xEw=,tag:STxA32cSdwPBikXyVEP5+Q==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1sy0at69err83qyml2vqu8xvwjccfws447aaadfvacj2qluw3p45s2mtrw8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKaUZKbTVjZ1NEWlE5RzZT
+            T1dKdkRQajEva0tpRXhxYUlYWmw1b3MwSFZvCmhteVJ2VGhVNnZTZkJlem1OT3dL
+            dGlQTWdOUlo3TXNOS0wvNlpqVWpZSFEKLS0tIC9DNjY3OW1zWUlRQ1ZEOGlBRk9R
+            azQxMGhQejQ5M0N1YjFtSW5uVnRCQ3MKtt26G2PxIry/lppOT/NUX8jebEb5NgqO
+            HuHj7WT51Gtotfgb22VfGeOCaw9+pPYSjdk9WV4z57r7Z/lylALKRw==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age10h6pg5qdpc4t0rpmksfv788a57f04n83zgqaezkjjn65nkhv547s0vxfdn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPaVIwbExDUjJiVFpHOFJu
+            dk1SUHc5UDRFUENsbkg2RmQvazdEZ1NKeEhvCjVCNzdwRFN0aUZJL0pVSTI1RUxv
+            Ymhhc0tsSENVa1VUKzRBZk5IcjEvNFUKLS0tIFpPNlRXOVYyVnpyUmtLMTFqNlZ0
+            UlYrTExEUVc0dURLR1czN3BnYzZ2VGMKCbAgM50jvs9VciA1Pb/VY+2I4x62LBGe
+            j7eHkfTFc8Gnk/rZA9/ZJDLFr/FUPMQWK/NVoz6oLjO6oVFXqN6OqA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-01-30T17:45:09Z"
+    mac: ENC[AES256_GCM,data:uXnJ8DCs1ZZ72PFAmSQpqvVH2UYvRX8AeUC00A6WsgNL9sz6H0b7PwXBn4SucHACwLwilMVKYpFGE1pPMsIgpHxU5coNhvTfth/ChY1KS73LAwrJUAyUoFI3mumPkklj7b/u1CbBfhuhA2QoZVl+d9BGQn5CQu3+BySUmcT+P9k=,iv:H/hUTBDNcsGBP5TA/7U1QMZogZvuoPuEAg/tBCpbf9w=,tag:W7rH84Na/tHPuJlA9tRXEQ==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.4
Author	SHA1	Message	Date
cy	df2f9668f1	use ghidra-bin cause debugger works	2025-02-04 10:11:36 -05:00
cy	0029f8f822	comment out gtk config	2025-02-02 16:09:55 -05:00
cy	78f94a6429	flake update Signed-off-by: cy <cy@cy7.sh>	2025-02-02 15:26:01 -05:00
cy	11fb3de60c	some more plasma config	2025-02-02 15:25:04 -05:00
cy	c9d700390c	manually redirect renamed repo	2025-02-02 10:52:53 -05:00
cy	b131f134bc	add kwin bindings and fix stuff	2025-02-01 23:40:16 -05:00
cy	81e06a0513	install plasma and use plasma-manager to configure	2025-02-01 22:36:56 -05:00
cy	258cce19fb	flake update Signed-off-by: cy <cy@cy7.sh>	2025-02-01 12:10:21 -05:00
cy	3510da9657	install ida-free	2025-02-01 12:08:57 -05:00
cy	95ff04af25	nix-ld to make binaryninja work	2025-01-31 23:44:15 -05:00
cy	a31dbdaf0f	don't overlay cutter Signed-off-by: cy <cy@cy7.sh>	2025-01-31 21:59:30 -05:00
cy	1c449848e2	overlay cutter Signed-off-by: cy <cy@cy7.sh>	2025-01-31 14:30:29 -05:00
cy	30c82dcb4f	add sccache, some vscode changes, use kitten ssh	2025-01-30 12:48:48 -05:00
cy	d0ba9ca90b	make garage better Signed-off-by: cy <cy@cy7.sh>	2025-01-30 12:35:19 -05:00
cy	4e0c1fbbb4	caddy: use acme_dns for wildcard TLS to work use cloudflare dns plugin to update zone	2025-01-30 12:33:03 -05:00