From 51e77b05f58023aa4ccdedbe63e8ed14e86d1d6e Mon Sep 17 00:00:00 2001 From: Seven of Nine Date: Thu, 15 May 2025 15:01:02 +0000 Subject: [PATCH 01/32] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'catppuccin': 'github:catppuccin/nix/a5db9e41a4dccfa5ffe38e6f1841a5f9ad5c5c04' (2025-05-02) → 'github:catppuccin/nix/7a6ccdeba6e761bec9601e2192983e6b9dff630c' (2025-05-15) • Updated input 'disko': 'github:nix-community/disko/d0c543d740fad42fe2c035b43c9d41127e073c78' (2025-04-28) → 'github:nix-community/disko/ec7c109a4f794fce09aad87239eab7f66540b888' (2025-05-15) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/66bb2d7a4df96d0c1e63648850b7aed1b2e8d683' (2025-05-03) → 'github:nix-community/emacs-overlay/d8949f8c77eadcc7b268f994361fd2055cfbf2cb' (2025-05-15) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/f02fddb8acef29a8b32f10a335d44828d7825b78' (2025-05-01) → 'github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e' (2025-05-13) • Updated input 'emacs-overlay/nixpkgs-stable': 'github:NixOS/nixpkgs/bf3287dac860542719fe7554e21e686108716879' (2025-05-02) → 'github:NixOS/nixpkgs/a39ed32a651fdee6842ec930761e31d1f242cb94' (2025-05-11) • Updated input 'git-hooks-nix': 'github:cachix/git-hooks.nix/dcf5072734cb576d2b0c59b2ac44f5050b5eac82' (2025-03-22) → 'github:cachix/git-hooks.nix/fa466640195d38ec97cf0493d6d6882bc4d14969' (2025-05-06) • Updated input 'homeManager': 'github:nix-community/home-manager/c0962eeeabfb8127713f859ec8a5f0e86dead0f2' (2025-05-03) → 'github:nix-community/home-manager/954615c510c9faa3ee7fb6607ff72e55905e69f2' (2025-05-15) • Updated input 'lanzaboote': 'github:nix-community/lanzaboote/995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba' (2025-04-21) → 'github:nix-community/lanzaboote/2e425f3da6ce7f5b34fa6eaf7a2a7f78dbabcc85' (2025-05-12) • Updated input 'lanzaboote/crane': 'github:ipetkov/crane/bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5' (2025-03-09) → 'github:ipetkov/crane/dfd9a8dfd09db9aad544c4d3b6c47b12562544a5' (2025-05-03) • Updated input 'lanzaboote/flake-parts': 'github:hercules-ci/flake-parts/f4330d22f1c5d2ba72d3d22df5597d123fdb60a9' (2025-03-07) → 'github:hercules-ci/flake-parts/c621e8422220273271f52058f618c94e405bb0f5' (2025-04-01) • Updated input 'lanzaboote/pre-commit-hooks-nix': 'github:cachix/pre-commit-hooks.nix/b5a62751225b2f62ff3147d0a334055ebadcd5cc' (2025-03-07) → 'github:cachix/pre-commit-hooks.nix/fa466640195d38ec97cf0493d6d6882bc4d14969' (2025-05-06) • Updated input 'lanzaboote/rust-overlay': 'github:oxalica/rust-overlay/c777dc8a1e35407b0e80ec89817fe69970f4e81a' (2025-03-10) → 'github:oxalica/rust-overlay/5b07506ae89b025b14de91f697eba23b48654c52' (2025-05-12) • Updated input 'lix': 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f' (2025-05-02) → 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=b7ce00fc55dea4fa1e282921beebff25e6b2d1f0' (2025-05-15) • Updated input 'lix-module': 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=fa69ae26cc32dda178117b46487c2165c0e08316' (2025-03-25) → 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=58baedd53f9da81fd728a4f3b08c378e5ba9ae58' (2025-05-10) • Updated input 'nix-on-droid': 'github:nix-community/nix-on-droid/5d88ff2519e4952f8d22472b52c531bb5f1635fc' (2024-09-06) → 'github:nix-community/nix-on-droid/7f68d674b30997434868c9e93784724fdbf37367' (2025-05-13) • Updated input 'nixosHardware': 'github:NixOS/nixos-hardware/72081c9fbbef63765ae82bff9727ea79cc86bd5b' (2025-04-29) → 'github:NixOS/nixos-hardware/e81fd167b33121269149c57806599045fd33eeed' (2025-05-13) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f02fddb8acef29a8b32f10a335d44828d7825b78' (2025-05-01) → 'github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e' (2025-05-13) • Updated input 'treefmt-nix': 'github:numtide/treefmt-nix/29ec5026372e0dec56f890e50dbe4f45930320fd' (2025-05-02) → 'github:numtide/treefmt-nix/e758f27436367c23bcd63cd973fa5e39254b530e' (2025-05-15) --- flake.lock | 112 ++++++++++++++++++++++++++--------------------------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/flake.lock b/flake.lock index 04719bc..31b4dc8 100644 --- a/flake.lock +++ b/flake.lock @@ -26,11 +26,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1746175539, - "narHash": "sha256-/wjcn1CDQqOhwOoYKS8Xp0KejrdXSJZQMF1CbbrVtMw=", + "lastModified": 1747268376, + "narHash": "sha256-JDcdINnB1bfbUAy1eEgwIXLrfZeuntxuxTu7UWcQrQY=", "owner": "catppuccin", "repo": "nix", - "rev": "a5db9e41a4dccfa5ffe38e6f1841a5f9ad5c5c04", + "rev": "7a6ccdeba6e761bec9601e2192983e6b9dff630c", "type": "github" }, "original": { @@ -41,11 +41,11 @@ }, "crane": { "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "lastModified": 1746291859, + "narHash": "sha256-DdWJLA+D5tcmrRSg5Y7tp/qWaD05ATI4Z7h22gd1h7Q=", "owner": "ipetkov", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "rev": "dfd9a8dfd09db9aad544c4d3b6c47b12562544a5", "type": "github" }, "original": { @@ -83,11 +83,11 @@ ] }, "locked": { - "lastModified": 1745812220, - "narHash": "sha256-hotBG0EJ9VmAHJYF0yhWuTVZpENHvwcJ2SxvIPrXm+g=", + "lastModified": 1747274630, + "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", "owner": "nix-community", "repo": "disko", - "rev": "d0c543d740fad42fe2c035b43c9d41127e073c78", + "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", "type": "github" }, "original": { @@ -122,11 +122,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1746240489, - "narHash": "sha256-DWMG7jkpxrEGzTZZerDqaxT8X983tibFGfNeoWtX1yU=", + "lastModified": 1747300110, + "narHash": "sha256-mHePt7oDQepKT5jm4ZCjvohAIO0QPVVYZIIIn7VARKo=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "66bb2d7a4df96d0c1e63648850b7aed1b2e8d683", + "rev": "d8949f8c77eadcc7b268f994361fd2055cfbf2cb", "type": "github" }, "original": { @@ -191,11 +191,11 @@ ] }, "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -282,11 +282,11 @@ ] }, "locked": { - "lastModified": 1742649964, - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "lastModified": 1746537231, + "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", "type": "github" }, "original": { @@ -387,11 +387,11 @@ ] }, "locked": { - "lastModified": 1746243165, - "narHash": "sha256-DQycVmlyLQNLjLJ/FzpokVmbxGQ8HjQQ4zN4nyq2vII=", + "lastModified": 1747279714, + "narHash": "sha256-UdxlE8yyrKiGq3bgGyJ78AdFwh+fuRAruKtyFY5Zq5I=", "owner": "nix-community", "repo": "home-manager", - "rev": "c0962eeeabfb8127713f859ec8a5f0e86dead0f2", + "rev": "954615c510c9faa3ee7fb6607ff72e55905e69f2", "type": "github" }, "original": { @@ -448,11 +448,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1745271491, - "narHash": "sha256-4GAHjus6JRpYHVROMIhFIz/sgLDF/klBM3UHulbSK9s=", + "lastModified": 1747056319, + "narHash": "sha256-qSKcBaISBozadtPq6BomnD+wIYTZIkiua3UuHLaD52c=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba", + "rev": "2e425f3da6ce7f5b34fa6eaf7a2a7f78dbabcc85", "type": "github" }, "original": { @@ -464,11 +464,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746186329, - "narHash": "sha256-MLz0MjeVCaqvIvf5szUwNwYEiXC/lKWL0I2VS+6V/e0=", + "lastModified": 1747273354, + "narHash": "sha256-LUzJQ0T6XtlZLuFZ9ovLLCdzaCc4YhotPlMLoMcGD5w=", "ref": "refs/heads/main", - "rev": "4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f", - "revCount": 17824, + "rev": "b7ce00fc55dea4fa1e282921beebff25e6b2d1f0", + "revCount": 17889, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -489,11 +489,11 @@ ] }, "locked": { - "lastModified": 1742945498, - "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", + "lastModified": 1746839253, + "narHash": "sha256-pRwi8Wn8Yofj459gq+3oIRy8F3SXeEJ6mzfIAUgM9nA=", "ref": "refs/heads/main", - "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", - "revCount": 138, + "rev": "58baedd53f9da81fd728a4f3b08c378e5ba9ae58", + "revCount": 142, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -554,11 +554,11 @@ "nmd": "nmd" }, "locked": { - "lastModified": 1725658585, - "narHash": "sha256-P29z4Gt89n5ps1U7+qmIrj0BuRXGZQSIaOe2+tsPgfw=", + "lastModified": 1747158007, + "narHash": "sha256-uwRCd2RAAdMOvReceeaWHGp8RoGjFyIouQN053MsMSk=", "owner": "nix-community", "repo": "nix-on-droid", - "rev": "5d88ff2519e4952f8d22472b52c531bb5f1635fc", + "rev": "7f68d674b30997434868c9e93784724fdbf37367", "type": "github" }, "original": { @@ -569,11 +569,11 @@ }, "nixosHardware": { "locked": { - "lastModified": 1745955289, - "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -647,11 +647,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1746183838, - "narHash": "sha256-kwaaguGkAqTZ1oK0yXeQ3ayYjs8u/W7eEfrFpFfIDFA=", + "lastModified": 1746957726, + "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bf3287dac860542719fe7554e21e686108716879", + "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { @@ -742,11 +742,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { @@ -821,11 +821,11 @@ ] }, "locked": { - "lastModified": 1741379162, - "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", + "lastModified": 1746537231, + "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", + "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", "type": "github" }, "original": { @@ -906,11 +906,11 @@ ] }, "locked": { - "lastModified": 1741573199, - "narHash": "sha256-A2sln1GdCf+uZ8yrERSCZUCqZ3JUlOv1WE2VFqqfaLQ=", + "lastModified": 1747017456, + "narHash": "sha256-C/U12fcO+HEF071b5mK65lt4XtAIZyJSSJAg9hdlvTk=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c777dc8a1e35407b0e80ec89817fe69970f4e81a", + "rev": "5b07506ae89b025b14de91f697eba23b48654c52", "type": "github" }, "original": { @@ -1009,11 +1009,11 @@ ] }, "locked": { - "lastModified": 1746216483, - "narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=", + "lastModified": 1747299117, + "narHash": "sha256-JGjCVbxS+9t3tZ2IlPQ7sdqSM4c+KmIJOXVJPfWmVOU=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "29ec5026372e0dec56f890e50dbe4f45930320fd", + "rev": "e758f27436367c23bcd63cd973fa5e39254b530e", "type": "github" }, "original": { From bf464f6e3467b2e2411943a3da717b13391c1ff8 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:00:03 +0200 Subject: [PATCH 02/32] `dump1090` NixOS module --- hosts/sisko/default.nix | 2 ++ modules/dump1090/default.nix | 31 +++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 modules/dump1090/default.nix diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index 9daa84c..13a9b0d 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -36,6 +36,8 @@ "amule" "adguard-home" "garmin-grafana" + # "dump1090" + "arbi" ] ++ [ ./disko.nix diff --git a/modules/dump1090/default.nix b/modules/dump1090/default.nix new file mode 100644 index 0000000..cf74a4e --- /dev/null +++ b/modules/dump1090/default.nix @@ -0,0 +1,31 @@ +{ + pkgs, + ... +}: +let + dump1090-flake = builtins.getFlake "github:NixOS/nixpkgs/541f05042033467730fb8cedb08355dc91b94c74"; + inherit (dump1090-flake.legacyPackages.${pkgs.system}) dump1090-fa; +in +{ + imports = [ "${dump1090-flake}/nixos/modules/services/misc/dump1090-fa.nix" ]; + + hardware.rtl-sdr.enable = true; + + disabledModules = [ "services/misc/dump10190-fa.nix" ]; + documentation.nixos.enable = false; + + services.dump1090-fa = { + enable = true; + package = dump1090-fa; + }; + + services.nginx.virtualHosts."dump1090.sisko.wg.aciceri.dev" = { + forceSSL = true; + useACMEHost = "aciceri.dev"; + locations = { + "/".alias = "${dump1090-fa}/share/dump1090/"; + "/data/".alias = "/run/dump1090-fa/"; + }; + serverAliases = [ "dump1090.sisko.zt.aciceri.dev" ]; + }; +} From 40b8028383e1c0b0a24a74f946d6fc214e168586 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:00:30 +0200 Subject: [PATCH 03/32] Add `tidal` package to emacs --- packages/emacs/packages.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/emacs/packages.nix b/packages/emacs/packages.nix index 73c6e96..5123818 100644 --- a/packages/emacs/packages.nix +++ b/packages/emacs/packages.nix @@ -206,6 +206,7 @@ let mixed-pitch visual-replace org-super-agenda + tidal # org-re-reveal # FIXME very not nice hash mismatch when building ] ) From f2da144a9271e07b50b963192e4641c4fa15deb5 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:00:37 +0200 Subject: [PATCH 04/32] Add `typst-ts-mode` to emacs --- packages/emacs/packages.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/emacs/packages.nix b/packages/emacs/packages.nix index 5123818..9ab2c44 100644 --- a/packages/emacs/packages.nix +++ b/packages/emacs/packages.nix @@ -223,6 +223,9 @@ let eat corfu-terminal haskell-ts-mode + ]) + ++ (with epkgs; [ + typst-ts-mode # why this doesn't seem to be in elpaPackages? ]); in mainPackages ++ (builtins.attrValues extraPackages) From 8fcc7106c3a6930d63c72f6955c729336a5cd1fa Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:00:57 +0200 Subject: [PATCH 05/32] Update `garmin-grafana` --- modules/garmin-grafana/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/garmin-grafana/default.nix b/modules/garmin-grafana/default.nix index 90795e6..e75b15b 100644 --- a/modules/garmin-grafana/default.nix +++ b/modules/garmin-grafana/default.nix @@ -5,7 +5,8 @@ ... }: let - garmin-grafana-flake = builtins.getFlake "github:NixOS/nixpkgs/1f03fefb44665cd2377912033de22ffaba2be48d"; + rev = "f24579d13ee035af96d4a68b765af2aa4b1018b6"; + garmin-grafana-flake = builtins.getFlake "github:NixOS/nixpkgs/${rev}"; inherit (garmin-grafana-flake.legacyPackages.${pkgs.system}) garmin-grafana; in { From 58cfa8ee1fa0505fa2dc36abfe62940ba29c64bf Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:02:18 +0200 Subject: [PATCH 06/32] Use amule module from my PR --- modules/amule/default.nix | 56 ++++++++++++++++++++++++--------------- 1 file changed, 34 insertions(+), 22 deletions(-) diff --git a/modules/amule/default.nix b/modules/amule/default.nix index 9752f8f..6416e9f 100644 --- a/modules/amule/default.nix +++ b/modules/amule/default.nix @@ -1,34 +1,46 @@ -{ config, lib, ... }: +{ config, pkgs, ... }: +let + rev = "966199fe1dccc9c6c7016bdb1d9582f27797bc02"; + amule-flake = builtins.getFlake "github:NixOS/nixpkgs/${rev}"; + inherit (amule-flake.legacyPackages.${pkgs.system}) amule-daemon amule-web; +in { - users.users.amule = { - isSystemUser = true; - group = "amule"; - extraGroups = [ "amule" ]; - home = config.services.amule.dataDir; - }; + disabledModules = [ "services/networking/amuled.nix" ]; + documentation.nixos.enable = false; + + imports = [ "${amule-flake}/nixos/modules/services/networking/amuled.nix" ]; - users.groups.amule = { }; services.amule = { - dataDir = "/mnt/hd/amule"; enable = true; - user = "amule"; + package = amule-daemon; + amuleWebPackage = amule-web; + openPeerPorts = true; + openWebServerPort = true; + # TODO the service is accessible only from the VPN + # however better using agenix + ExternalConnectPasswordFile = pkgs.writeText "password" "pippo"; + WebServerPasswordFile = pkgs.writeText "password" "pippo"; + settings = { + eMule = { + IncomingDir = "/mnt/hd/amule"; + TempDir = "/mnt/hd/amule/Temp"; + }; + WebServer = { + Enabled = 1; + }; + }; }; - # sometimes the service crashes with a segfeault without any reason... - systemd.services.amuled.serviceConfig.Restart = lib.mkForce "always"; - environment.persistence."/persist".directories = [ config.services.amule.dataDir ]; - networking.firewall = { - allowedTCPPorts = [ 4662 ]; - allowedUDPPortRanges = [ - { - from = 4665; - to = 4672; - } - ]; + services.nginx.virtualHosts."amule.sisko.wg.aciceri.dev" = { + forceSSL = true; + useACMEHost = "aciceri.dev"; + locations."/" = { + proxyPass = "http://localhost:${builtins.toString config.services.amule.settings.WebServer.Port}"; + }; + serverAliases = [ "amule.sisko.zt.aciceri.dev" ]; }; - } From 995af1451562f006b2045af4f419433707d99cb0 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:02:32 +0200 Subject: [PATCH 07/32] Disable spotify at startup --- hmModules/spotify/default.nix | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/hmModules/spotify/default.nix b/hmModules/spotify/default.nix index 59b2edd..5bc0a6d 100644 --- a/hmModules/spotify/default.nix +++ b/hmModules/spotify/default.nix @@ -9,18 +9,18 @@ in { home.packages = [ spotify-adblocked ]; - systemd.user.services.spotify-adblocked = { - Install.WantedBy = [ "graphical-session.target" ]; + # systemd.user.services.spotify-adblocked = { + # Install.WantedBy = [ "graphical-session.target" ]; - Unit = { - Description = "Spotify"; - PartOf = [ "graphical-session.target" ]; - }; + # Unit = { + # Description = "Spotify"; + # PartOf = [ "graphical-session.target" ]; + # }; - Service = { - ExecStart = lib.getExe spotify-adblocked; - Restart = "on-failure"; - RestartSec = 3; - }; - }; + # Service = { + # ExecStart = lib.getExe spotify-adblocked; + # Restart = "on-failure"; + # RestartSec = 3; + # }; + # }; } From cc3a0012b595cd991bb91abe1ce9c0b34c11cbb0 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:02:43 +0200 Subject: [PATCH 08/32] `services.gpg-agent.pinentryPackage` option renamed --- hmModules/gpg/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hmModules/gpg/default.nix b/hmModules/gpg/default.nix index f245f26..abef97c 100644 --- a/hmModules/gpg/default.nix +++ b/hmModules/gpg/default.nix @@ -2,7 +2,7 @@ { services.gpg-agent = { enable = true; - pinentryPackage = pkgs.pinentry-rofi.override { + pinentry.package = pkgs.pinentry-rofi.override { rofi = pkgs.rofi-wayland; }; extraConfig = '' From 39b276d691c3c327b90020c016a58c0429162c7a Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:03:13 +0200 Subject: [PATCH 09/32] Remove OS icon from prompt --- hmModules/shell/catppuccin_mocha.omp.json | 61 +++++++++++++++++++++++ hmModules/shell/default.nix | 7 ++- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 hmModules/shell/catppuccin_mocha.omp.json diff --git a/hmModules/shell/catppuccin_mocha.omp.json b/hmModules/shell/catppuccin_mocha.omp.json new file mode 100644 index 0000000..c5c74c8 --- /dev/null +++ b/hmModules/shell/catppuccin_mocha.omp.json @@ -0,0 +1,61 @@ +{ + "$schema": "https://raw.githubusercontent.com/JanDeDobbeleer/oh-my-posh/main/themes/schema.json", + "palette": { + "os": "#ACB0BE", + "closer": "p:os", + "pink": "#F5C2E7", + "lavender": "#B4BEFE", + "blue": "#89B4FA" + }, + "blocks": [ + { + "alignment": "left", + "segments": [ + { + "foreground": "p:blue", + "style": "plain", + "template": "{{ .UserName }}@{{ .HostName }} ", + "type": "session" + }, + { + "foreground": "p:pink", + "properties": { + "folder_icon": "..\ue5fe..", + "home_icon": "~", + "style": "agnoster_short" + }, + "style": "plain", + "template": "{{ .Path }} ", + "type": "path" + }, + { + "foreground": "p:lavender", + "properties": { + "branch_icon": "\ue725 ", + "cherry_pick_icon": "\ue29b ", + "commit_icon": "\uf417 ", + "fetch_status": false, + "fetch_upstream_icon": false, + "merge_icon": "\ue727 ", + "no_commits_icon": "\uf0c3 ", + "rebase_icon": "\ue728 ", + "revert_icon": "\uf0e2 ", + "tag_icon": "\uf412 " + }, + "template": "{{ .HEAD }} ", + "style": "plain", + "type": "git" + }, + { + "style": "plain", + "foreground": "p:closer", + "template": "\uf105", + "type": "text" + } + ], + "type": "prompt" + } + ], + "final_space": true, + "version": 3 +} diff --git a/hmModules/shell/default.nix b/hmModules/shell/default.nix index c654977..6c7e5c1 100644 --- a/hmModules/shell/default.nix +++ b/hmModules/shell/default.nix @@ -84,7 +84,12 @@ programs.thefuck.enable = true; programs.oh-my-posh = { enable = true; - useTheme = "catppuccin_mocha"; + # same as "captuccin_mocha" but without the OS logo + settings = lib.mkForce ( + builtins.fromJSON ( + builtins.unsafeDiscardStringContext (builtins.readFile ./catppuccin_mocha.omp.json) + ) + ); }; programs.zellij.enableBashIntegration = false; From cdfa60ad5e4a93e4e61dd1d8e8df6dfc515744b6 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:05:12 +0200 Subject: [PATCH 10/32] Add `arbi` NixOS module --- modules/arbi/default.nix | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 modules/arbi/default.nix diff --git a/modules/arbi/default.nix b/modules/arbi/default.nix new file mode 100644 index 0000000..02ab9e5 --- /dev/null +++ b/modules/arbi/default.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: +let + rev = "d531730d9640160f0519ef4b3640f8da49dd96f8"; + arbi-flake = builtins.getFlake "git+ssh://git@github.com/aciceri/arbi.git?rev=${rev}"; +in +{ + imports = [ arbi-flake.nixosModules.arbi ]; + + services.arbi = { + enable = true; + log_level = "debug"; + configFile = pkgs.writeText "arbi-config.kdl" '' + endpoint "wss://eth-mainnet.g.alchemy.com/v2/" + pairs_file "pairs.json" + concurrency 4 + ''; + }; + + environment.persistence."/persist".directories = [ + config.services.arbi.dataDir + ]; +} From a7c19c03dfd8bef0f7d4f39c29b63f78d077ea3f Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:05:49 +0200 Subject: [PATCH 11/32] `haskell-language-server-wrapper` -> `haskell-language-server` --- hmModules/emacs/init.el | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index b142b0f..92eff50 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -566,7 +566,7 @@ :mode "\\.hs\\'" :config (add-to-list 'eglot-server-programs - '(haskell-ts-mode . ("haskell-language-server-wrapper" "--lsp")))) + '(haskell-ts-mode . ("haskell-language-server" "--lsp")))) (use-package purescript-mode :custom ((project-vc-extra-root-markers '("spago.dhall"))) From f55a6b64239d6219326ac94ff94be637c8abba2c Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:06:20 +0200 Subject: [PATCH 12/32] Play with `tidal` (tidal cycles) --- hmModules/emacs/init.el | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index 92eff50..b772192 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -568,6 +568,8 @@ (add-to-list 'eglot-server-programs '(haskell-ts-mode . ("haskell-language-server" "--lsp")))) +(use-package tidal + :custom ((tidal-interpreter "tidal"))) (use-package purescript-mode :custom ((project-vc-extra-root-markers '("spago.dhall"))) :hook ((purescript-mode . eglot-ensure) From 1ed4ed0da514970ca62568ec3f620ea3f992c6fa Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:07:12 +0200 Subject: [PATCH 13/32] Indentation --- hmModules/emacs/init.el | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index b772192..a176986 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -573,8 +573,8 @@ (use-package purescript-mode :custom ((project-vc-extra-root-markers '("spago.dhall"))) :hook ((purescript-mode . eglot-ensure) - (purescript-mode . turn-on-purescript-indentation) - (purescript-mode . (lambda () (setq project-vc-extra-root-markers '("spago.dhall")))))) + (purescript-mode . turn-on-purescript-indentation) + (purescript-mode . (lambda () (setq project-vc-extra-root-markers '("spago.dhall")))))) (use-package terraform-mode :after eglot From fffef9090515b77c3d0dfae54423773d72904720 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:07:27 +0200 Subject: [PATCH 14/32] Enable `typst-ts-mode` --- hmModules/emacs/init.el | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index a176986..ff50b5d 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -598,6 +598,15 @@ (use-package gptscript-mode :mode "\\.gpt\\'") +(use-package gptscript-mode + :mode "\\.gpt\\'") + +(use-package typst-ts-mode + :config + (add-to-list 'eglot-server-programs + '(typst-ts-mode . ("tinymist" "lsp"))) + :mode "\\.typ\\'") + ;; FIXME ;; (use-package mmm-mode ;; :config @@ -615,7 +624,7 @@ (use-package paredit :delight :hook ((lisp-mode . enable-paredit-mode) - (emacs-lisp-mode . enable-paredit-mode))) + (emacs-lisp-mode . enable-paredit-mode))) (use-package aggressive-indent :hook ((lisp-mode . aggressive-indent-mode) From 36ad3ced81978a1b655701818a2bcfc93aecb073 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:07:48 +0200 Subject: [PATCH 15/32] Indentation --- hmModules/emacs/init.el | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index ff50b5d..79a198e 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -1030,12 +1030,12 @@ This is meant to be an helper to be called from the window manager." :custom (gptel-model 'google/gemini-2.5-flash-preview) (gptel-backend (gptel-make-openai "OpenRouter" - :host "openrouter.ai" - :endpoint "/api/v1/chat/completions" - :key (lambda () (require 'f) (f-read-text (getenv "OPENAI_API_KEY_PATH"))) - :stream t - :models '(google/gemini-2.5-flash-preview)) - ) + :host "openrouter.ai" + :endpoint "/api/v1/chat/completions" + :key (lambda () (require 'f) (f-read-text (getenv "OPENAI_API_KEY_PATH"))) + :stream t + :models '(google/gemini-2.5-flash-preview)) + ) (gptel-default-mode 'org-mode) (gptel-org-branching-context nil) ;; this is cool but I don't feel comfortable with it (gptel-use-tools nil) From 79c98d1e5da10da32bf5119d78d4abcd64b509ca Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 16:08:15 +0200 Subject: [PATCH 16/32] Add many gptel tools --- hmModules/emacs/init.el | 222 +++++++++++++++++++++++++++------------- 1 file changed, 153 insertions(+), 69 deletions(-) diff --git a/hmModules/emacs/init.el b/hmModules/emacs/init.el index 79a198e..7959261 100644 --- a/hmModules/emacs/init.el +++ b/hmModules/emacs/init.el @@ -570,6 +570,7 @@ (use-package tidal :custom ((tidal-interpreter "tidal"))) + (use-package purescript-mode :custom ((project-vc-extra-root-markers '("spago.dhall"))) :hook ((purescript-mode . eglot-ensure) @@ -1038,7 +1039,7 @@ This is meant to be an helper to be called from the window manager." ) (gptel-default-mode 'org-mode) (gptel-org-branching-context nil) ;; this is cool but I don't feel comfortable with it - (gptel-use-tools nil) + (gptel-use-tools 't) :bind ("C-c a a" . gptel-add) @@ -1053,80 +1054,163 @@ This is meant to be an helper to be called from the window manager." ;; (add-hook 'gptel-post-response-functions 'gptel-end-of-response) ;; (add-hook 'gptel-post-stream-hook 'gptel-auto-scroll) - (setq gptel-tools (mapcar (lambda (tool) (apply #'gptel-make-tool tool)) - '(( - :name "create_file" - :function (lambda (path filename content) - (let ((full-path (expand-file-name filename path))) - (with-temp-buffer - (insert content) - (write-file full-path)) - (format-read "Created file %s in %s" filename path))) - :description "Create a new file with the specified content" - :args (list '(:name "path" - :type string - :description "The directory where to create the file") - '(:name "filename" - :type string - :description "The name of the file to create") - '(:name "content" - :type string - :description "The content to write to the file")) - :category "filesystem" - ) - ;; ( - ;; :name "run_command" - ;; :confirm 't - ;; :function (lambda (command) - ;; (shell-command-to-string command)) - ;; :description "Run arbitrary commands" - ;; :args (list '(:name "command" - ;; :type string - ;; :description "The content to run e.g. 'ls *' or 'fd '")) - ;; ) - ( - :name "get_weather" - :function (lambda (location) - (url-retrieve-synchronously "api.weather.com/..." - location unit)) - :description "Get the current weather in a given location" - :args (list '(:name "location" - :type string - :description "The city and state, e.g. San Francisco, CA") - '(:name "unit" - :type string - :enum ["celsius" "farenheit"] - :description - "The unit of temperature, either 'celsius' or 'fahrenheit" - :optional t - )) - ) - )) - ) + (defun ccr/edit-buffer (buffer-name old-string new-string) + "In BUFFER-NAME, replace OLD-STRING with NEW-STRING." + (with-current-buffer buffer-name + (let ((case-fold-search nil)) ;; Case-sensitive search + (save-excursion + (goto-char (point-min)) + (let ((count 0)) + (while (search-forward old-string nil t) + (setq count (1+ count))) + (if (= count 0) + (format "Error: Could not find text to replace in buffer %s" buffer-name) + (if (> count 1) + (format "Error: Found %d matches for the text to replace in buffer %s" count buffer-name) + (goto-char (point-min)) + (search-forward old-string) + (replace-match new-string t t) + (format "Successfully edited buffer %s" buffer-name)))))))) + + (defun ccr/replace-buffer (buffer-name content) + "Completely replace contents of BUFFER-NAME with CONTENT." + (with-current-buffer buffer-name + (erase-buffer) + (insert content) + (format "Buffer replaced: %s" buffer-name))) + + (setq gptel-tools `( + ,(gptel-make-tool + :function (lambda (url) + (with-current-buffer (url-retrieve-synchronously url) + (goto-char (point-min)) + (forward-paragraph) + (let ((dom (libxml-parse-html-region (point) (point-max)))) + (run-at-time 0 nil #'kill-buffer (current-buffer)) + (with-temp-buffer + (shr-insert-document dom) + (buffer-substring-no-properties (point-min) (point-max)))))) + :name "read_url" + :description "Fetch and read the contents of a URL" + :args (list '(:name "url" + :type string + :description "The URL to read")) + :category "web") + ,(gptel-make-tool + :function (lambda (filepath) + (with-temp-buffer + (insert-file-contents (expand-file-name filepath)) + (buffer-string))) + :name "read_file" + :description "Read and display the contents of a file" + :args (list '(:name "filepath" + :type string + :description "Path to the file to read. Supports relative paths and ~.")) + :category "filesystem") + ,(gptel-make-tool + :function (lambda (directory) + (mapconcat #'identity + (directory-files directory) + "\n")) + :name "list_directory" + :description "List the contents of a given directory" + :args (list '(:name "directory" + :type string + :description "The path to the directory to list")) + :category "filesystem") + ,(gptel-make-tool + :function (lambda () (mapcar 'buffer-name (buffer-list))) + :name "list_buffers" + :description "Return a list containing all the Emacs buffers" + :category "emacs") + ,(gptel-make-tool + :function (lambda (buffer) + (unless (buffer-live-p (get-buffer buffer)) + (error "Error: buffer %s is not live." buffer)) + (with-current-buffer buffer + (buffer-substring-no-properties (point-min) (point-max)))) + :name "read_buffer" + :description "Return the contents of an Emacs buffer" + :args (list '(:name "buffer" + :type string + :description "The name of the buffer whose contents are to be retrieved")) + :category "emacs") + ,(gptel-make-tool + :function (lambda (buffer text) + (with-current-buffer (get-buffer-create buffer) + (save-excursion + (goto-char (point-max)) + (insert text))) + (format "Appended text to buffer %s" buffer)) + :name "append_to_buffer" + :description "Append text to an Emacs buffer. If the buffer does not exist, it will be created." + :confirm t + :args (list '(:name "buffer" + :type string + :description "The name of the buffer to append text to.") + '(:name "text" + :type string + :description "The text to append to the buffer.")) + :category "emacs") + ,(gptel-make-tool + :name "EditBuffer" + :function #'ccr/edit-buffer + :description "Edits Emacs buffers" + :confirm t + :args '((:name "buffer_name" + :type string + :description "Name of the buffer to modify" + :required t) + (:name "old_string" + :type string + :description "Text to replace (must match exactly)" + :required t) + (:name "new_string" + :type string + :description "Text to replace old_string with" + :required t)) + :category "edit") + , + (gptel-make-tool + :name "ReplaceBuffer" + :function #'ccr/replace-buffer + :description "Completely overwrites buffer contents" + :confirm t + :args '((:name "buffer_name" + :type string + :description "Name of the buffer to overwrite" + :required t) + (:name "content" + :type string + :description "Content to write to the buffer" + :required t)) + :category "edit") + )) + (defun ccr/suggest-eshell-command () (interactive) (save-excursion (eshell-bol) (let ((start-pos (point)) - (end-pos (line-end-position))) - (gptel-request - (buffer-substring-no-properties start-pos end-pos) ;the prompt - :system "You are proficient with emacs shell (eshell), translate the following to something I could directly prompt to the shell. Your responses should only be code, without explanation or formatting or quoting." - :buffer (current-buffer) - :context (cons (set-marker (make-marker) start-pos) - (set-marker (make-marker) end-pos)) - :callback - (lambda (response info) - (if (not response) - (message "ChatGPT response failed with: %s" (plist-get info :status)) - (kill-region start-pos end-pos) - (insert response))))))) + (end-pos (line-end-position))) + (gptel-request + (buffer-substring-no-properties start-pos end-pos) ;the prompt + :system "You are proficient with emacs shell (eshell), translate the following to something I could directly prompt to the shell. Your responses should only be code, without explanation or formatting or quoting." + :buffer (current-buffer) + :context (cons (set-marker (make-marker) start-pos) + (set-marker (make-marker) end-pos)) + :callback + (lambda (response info) + (if (not response) + (message "ChatGPT response failed with: %s" (plist-get info :status)) + (kill-region start-pos end-pos) + (insert response))))))) (add-to-list 'display-buffer-alist '("^\\*ChatGPT\\*" - (display-buffer-full-frame) - (name . "floating"))) + (display-buffer-full-frame) + (name . "floating"))) (defun ccr/start-chatgpt () ;; Used from outside Emacs by emacsclient --eval (display-buffer (gptel "*ChatGPT*")) @@ -1142,9 +1226,9 @@ This is meant to be an helper to be called from the window manager." (require 'password-store-otp) ;; FIXME use `use-pacakge' idiomatic way :bind (("C-c p p" . password-store-copy) - ("C-c p o" . password-store-otp-token-copy) - ("C-c p e" . password-store-edit) - ("C-c p i" . password-store-insert))) + ("C-c p o" . password-store-otp-token-copy) + ("C-c p e" . password-store-edit) + ("C-c p i" . password-store-insert))) (use-package with-editor :init (shell-command-with-editor-mode +1)) From 38050dae682faeb4cec2d1bb4b4c19187fe7dbd2 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 17:44:46 +0200 Subject: [PATCH 17/32] Allow CI to fetch private GitHub repos --- .forgejo/workflows/build.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index ee456fc..aae572c 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -9,6 +9,12 @@ jobs: name: Checkout repository - name: Attic login run: attic login nixfleet http://sisko.wg.aciceri.dev:8081 ${{secrets.ATTIC_NIXFLEET_TOKEN}} + - name: Setup SSH + run: | + mkdir -p ~/.ssh + echo "${{secrets.FORGEJO_SSH_KEY}}" > ~/.ssh/id_ed25519 + chmod 600 ~/.ssh/id_ed25519 + ssh-keyscan github.com >> ~/.ssh/known_hosts - name: Build with nix run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks From 4594f9d3e58469d4a2e309a6aea1c233fd82da41 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 18:39:24 +0200 Subject: [PATCH 18/32] Bump the flake lockfile once a week --- .forgejo/workflows/update-flake-lock.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/update-flake-lock.yaml b/.forgejo/workflows/update-flake-lock.yaml index 7a45fc4..abe16bd 100644 --- a/.forgejo/workflows/update-flake-lock.yaml +++ b/.forgejo/workflows/update-flake-lock.yaml @@ -1,7 +1,7 @@ name: update-flake-lock on: schedule: - - cron: "0 15 * * *" # daily at 15:00 + - cron: "0 15 * * 1" # weekly on Monday at 15:00 jobs: lockfile: From 0b640e0e15bb233920e2999280244204395f9adf Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 18:39:46 +0200 Subject: [PATCH 19/32] Add `forgejo-ci`'s SSH key --- lib/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/default.nix b/lib/default.nix index 4330d49..3d15451 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -4,6 +4,7 @@ ccr-ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIm9Sl/I+5G4g4f6iE4oCUJteP58v+wMIew9ZuLB+Gea"; oneplus8t = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO8da1Mf11vXFF0kVDgxocVoGwpHHMEs9emS9T+v8hLb oneplus8t"; hercules-ci-agent = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPupm00BiveTIYF6CNwuMijF5VvEaPDMjvt+vMlAy+N hercules-ci-agent"; + forgejo-ci = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5mbqLoZ/0J45J7J+17XMGv/dXs3DGABJsnvDv4rgC9 forgjeo-ci"; }; hosts = { kirk = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAH49KzayIro3L1bteR7nwupMM/vKlDh05t5/DFD9/uz"; From 5df791bd5aa3c7e5adfd394f1454984970ec2dc6 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 18:40:28 +0200 Subject: [PATCH 20/32] Remove unused stuff --- modules/forgejo-runners/default.nix | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/modules/forgejo-runners/default.nix b/modules/forgejo-runners/default.nix index 3234a46..f6d7682 100644 --- a/modules/forgejo-runners/default.nix +++ b/modules/forgejo-runners/default.nix @@ -17,6 +17,7 @@ let gnugrep gawk git + openssh nix bash jq @@ -38,15 +39,6 @@ let cp -a "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" $out/etc/ssl/certs/ca-bundle.crt ''; numInstances = 1; - pushToCache = pkgs.writeScript "push-to-cache.sh" '' - #!/bin/sh - set -eu - set -f # disable globbing - export IFS=' ' - - echo "Uploading paths" $OUT_PATHS - exec nix copy --to "s3://cache?profile=default®ion=eu-south-1&scheme=https&endpoint=cache.aciceri.dev" $OUT_PATHS - ''; in lib.mkMerge [ { @@ -80,7 +72,6 @@ lib.mkMerge [ cat < etc/nix/nix.conf accept-flake-config = true experimental-features = nix-command flakes - post-build-hook = ${pushToCache} include access-tokens NIX_CONFIG @@ -121,22 +112,9 @@ lib.mkMerge [ nix.settings.trusted-users = [ "nixuser" ]; } { - # Format of the token file: virtualisation = { podman.enable = true; }; - - # virtualisation.containers.storage.settings = { - # storage.driver = "zfs"; - # storage.graphroot = "/var/lib/containers/storage"; - # storage.runroot = "/run/containers/storage"; - # storage.options.zfs.fsname = "zroot/root/podman"; - # }; - - # virtualisation.containers.containersConf.settings = { - # # podman seems to not work with systemd-resolved - # containers.dns_servers = [ "8.8.8.8" "8.8.4.4" ]; - # }; } { systemd.services = From 632cc893e544e68af3a25eee68efbf862e6fe8a5 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 21:07:19 +0200 Subject: [PATCH 21/32] Enable `jellyfin-media-player` on `pike` --- hmModules/jellyfin/default.nix | 4 ++++ hosts/pike/default.nix | 1 + 2 files changed, 5 insertions(+) create mode 100644 hmModules/jellyfin/default.nix diff --git a/hmModules/jellyfin/default.nix b/hmModules/jellyfin/default.nix new file mode 100644 index 0000000..77d23c3 --- /dev/null +++ b/hmModules/jellyfin/default.nix @@ -0,0 +1,4 @@ +{ pkgs, ... }: +{ + home.packages = [ pkgs.jellyfin-media-player ]; +} diff --git a/hosts/pike/default.nix b/hosts/pike/default.nix index e5e6ca6..2248933 100644 --- a/hosts/pike/default.nix +++ b/hosts/pike/default.nix @@ -89,6 +89,7 @@ "zoom" "pantalaimon" "gimp" + "jellyfin" ]; extraGroups = [ "plugdev" ]; backupPaths = [ ]; From c84a98f1ac2b7d658bed6b9d5221d3af64fad463 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 21:07:41 +0200 Subject: [PATCH 22/32] Disable touchpad when typing in niri --- hmModules/niri/config.kdl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hmModules/niri/config.kdl b/hmModules/niri/config.kdl index eecbd3b..06f54e1 100644 --- a/hmModules/niri/config.kdl +++ b/hmModules/niri/config.kdl @@ -19,7 +19,7 @@ input { touchpad { // off tap - // dwt + dwt // dwtp natural-scroll // accel-speed 0.2 From 39481006b8ccc94ec60809d222aee5dd2fc25529 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Fri, 16 May 2025 21:08:18 +0200 Subject: [PATCH 23/32] Enable checks for `pike` and `picard` --- checks/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/checks/default.nix b/checks/default.nix index 5bca772..ae2c491 100644 --- a/checks/default.nix +++ b/checks/default.nix @@ -49,7 +49,7 @@ build = _: nc: nc.config.system.build.toplevel; in { - x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard; }; + x86_64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) picard pike kirk; }; aarch64-linux = lib.mapAttrs build { inherit (self.nixosConfigurations) sisko; # pbp; }; From 8804f04d28a7173489498e6e0b8ab9949a699df7 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Sat, 17 May 2025 09:30:03 +0200 Subject: [PATCH 24/32] CI test --- .forgejo/workflows/build.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index aae572c..3231690 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -15,7 +15,10 @@ jobs: echo "${{secrets.FORGEJO_SSH_KEY}}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan github.com >> ~/.ssh/known_hosts - - name: Build with nix - run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true + ssh-keyscan sisko.wg.aciceri.dev >> ~/.ssh/known_hosts + # - name: Build with nix (x86_64-linux) + # run: nix-fast-build --no-nom --systems "x86_64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true + - name: Build with nix (aarch64-linux) + run: nix-fast-build --no-nom --systems "" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks run: report-checks From afa8f62bb8bc1f49b52f040ef21f4d608a5fe5bf Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Sat, 17 May 2025 09:31:39 +0200 Subject: [PATCH 25/32] Run CI only for `x86_64-linux` --- .forgejo/workflows/build.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index 3231690..b3bbe4e 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -15,10 +15,7 @@ jobs: echo "${{secrets.FORGEJO_SSH_KEY}}" > ~/.ssh/id_ed25519 chmod 600 ~/.ssh/id_ed25519 ssh-keyscan github.com >> ~/.ssh/known_hosts - ssh-keyscan sisko.wg.aciceri.dev >> ~/.ssh/known_hosts - # - name: Build with nix (x86_64-linux) - # run: nix-fast-build --no-nom --systems "x86_64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - - name: Build with nix (aarch64-linux) - run: nix-fast-build --no-nom --systems "" --attic-cache "nixfleet" --skip-cached --result-file result.json || true + - name: Build with nix (x86_64-linux) + run: nix-fast-build --no-nom --systems "x86_64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks run: report-checks From 69dfaddbf27a7d1da6673afa6b384154814978e3 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Sat, 17 May 2025 09:47:19 +0200 Subject: [PATCH 26/32] Add `git` to default packages for `root` --- modules/common/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/common/default.nix b/modules/common/default.nix index 5aa4549..f83e6e4 100644 --- a/modules/common/default.nix +++ b/modules/common/default.nix @@ -18,9 +18,10 @@ nixpkgs.config.allowUnfree = true; # Forgive me Mr. Stallman :( system.switch.enableNg = true; - environment.systemPackages = [ - pkgs.btop - pkgs.ncdu + environment.systemPackages = with pkgs; [ + btop + ncdu + git ]; # FIXME not the best place From 3ce5cff2e5abddae79c2eff7c5893cf4bbc505d7 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Mon, 19 May 2025 10:57:08 +0200 Subject: [PATCH 27/32] Enable `aarch64-linux` in CI --- .forgejo/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.forgejo/workflows/build.yaml b/.forgejo/workflows/build.yaml index b3bbe4e..a2224c0 100644 --- a/.forgejo/workflows/build.yaml +++ b/.forgejo/workflows/build.yaml @@ -16,6 +16,6 @@ jobs: chmod 600 ~/.ssh/id_ed25519 ssh-keyscan github.com >> ~/.ssh/known_hosts - name: Build with nix (x86_64-linux) - run: nix-fast-build --no-nom --systems "x86_64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true + run: nix-fast-build --no-nom --systems "x86_64-linux aarch64-linux" --attic-cache "nixfleet" --skip-cached --result-file result.json || true - name: Report checks run: report-checks From f7796d4848476d1c1f9b616ceaa2ee7c05840ee2 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Mon, 19 May 2025 12:35:44 +0200 Subject: [PATCH 28/32] Split cloudflare API tokens secret --- secrets/cloudflare-api-tokens.age | 17 +++++++++++++++++ secrets/cloudflare-dyndns-api-token.age | Bin 1052 -> 363 bytes secrets/secrets.nix | 4 ++++ 3 files changed, 21 insertions(+) create mode 100644 secrets/cloudflare-api-tokens.age diff --git a/secrets/cloudflare-api-tokens.age b/secrets/cloudflare-api-tokens.age new file mode 100644 index 0000000..57e68b8 --- /dev/null +++ b/secrets/cloudflare-api-tokens.age @@ -0,0 +1,17 @@ +age-encryption.org/v1 +-> ssh-rsa /AagBw +hD7PDjueXimBVI/rjcYxN77LHV2eGytKcUbmh17aSL1CNM+eriURFao3tj52Hiaz +3VMB6FxWUk9kzgjMPvf5WZukuZ2WbpPH8xlDV+6ZH7e/IzmjIfx8Ny14Mr1IF/Rx +TBiCIAM19/1/mR9MiIBW85bb+Bb/waWIZAgxW3N1RpqH5+vAVqx0iY3XRF5+0gOq +blP3yEw3QaL6FuY0+a+d/TnCsrz2Gi1Rba9oCUmkzOP96TsJYdN58Ut6nrHFkURK +mShL2xBMLmfA8Z5ep+D8ueyQbcYpeU3KHcIcRM6dRTwQKvWXAVkRt1nUGasKrO9Y +oJT9BrcxjtqgF/xhHRjWpamjFSI3mlJnJNEbruddDwQUccrJOvEzvqZ7GK0WoFX2 +HmhdDOiocMGWFeBPAKlNtU3+QmtZvhvOIgbjKhNxmCt1A/qxfvRk7Y2IDIBo+CFo +sKMrT1tCo4UYaJdZYl64XYNCQb3C2EfO7Exrq3d2urNidzUbr9OBx7CCI1nu375c +Qol9Kr28fLtxRuSZlrqIe9vKVYyLDPznrRlh6TmgqmMLIW70Y8cZwMtT8L8sOkcm +A8MoxpWFzK4BKo0Iqmw6eZ3nx/0LAzkz005ZEwrmi2W/XxOWJgBiaLmu7YwnoGq0 +gzwwvA5V5MT6Iy7FzkQpMi0h/H4MZ0mcbihKdPun85Q +-> ssh-ed25519 +vdRnA 23Gviu8hfWCEBPHP7xYIaOx34kFsxJJgJ/BNUDlb9Cg +ROiMY2gw/rpNBmJnlRVb7Qhi5+8TY3Velj8gEZcaedI +--- dhmvfQoCjuRUJtvXNI/eCjH0W+IeJm8bFRvYk1JihD0 +qMC,݈ԝ9-\KJ]J(Sn.Qp~Z$e"픒\'rSlu +UD<Սv]|/g[ W_>-fl8|wيlB[\.k(W{=w 3N}qG-wMb^Q{ \ No newline at end of file diff --git a/secrets/cloudflare-dyndns-api-token.age b/secrets/cloudflare-dyndns-api-token.age index 57e68b81f89ed04ace61da07a9fd220e13b469a2..6f09f5277550356ad8269d527914a73a6ef8602c 100644 GIT binary patch delta 324 zcmbQk@tSFZY+7oHk*TSnr9xDOxp!{4Lb^vmmb0a?Nshj8W|Wh!S#eRaSFuq=Sw^T! zfuBKHX^L}FxRalLs!>%Smvec3q@#CIUT{jbnL&U>a8an4fm=jbp}CK@OG-pRdO=X3 zxp8DvWLQSzHc|H1um&sp&q$aUMcxW1%<9f0cGXs$(H%am02nIT)Mit z3S}PJCh5s$Ik{=s=}|eAMh0%7UIvNonLeetVaZWdDgGILK}BV0iSEXg>0AtKh3pA! z%kNL_oshXLihZL?(lh0_(|33HH?5oVVZxa!HaEpA8s~2~zuio9eHo8-w%es&)hWe6 XD;K)h%xAHP{}^0%2n?Y<*F2qJq9-V!Bf~SB8sufJ;_sYD8wPQ<$fIQC4zfg`c^(k4KnMs(WRL zcXDV_Zibe`kw<1?6_;_CualWuMR;hoWp-71mTy2= znrV1cX?AIpQFu~8fQLmzj!T%fS(Jx)s=jAcZkA_SMZJYzrJ;#$k)fxXeozHhh*PGs zr=zc-rM{tlZjhyKrl(W5g=tcfwo{URd1AO{lw*2DxUrvMP(h)GsdkxTSYd@hW~6aM zkejKtLArk-S5i)ZaiwdyabTj4nOkY3fp(&Hihf9*b8%6Xk$a|LP*S30zH?}9c9nmC zrCCU^SAArPpQ%M?iCJEehg)`NkT+LuaE6ajg_EyOZknS-lxb>#wu?n+YGq(ja%4ej zsIj+4vS)ITuUSe^NO_=lS$KqFSawi}VP2?vVzGCTzhxv>zE_B)Q&Dn7R!L#Hn|?)x zM^ILHL1J!}Td=2bZjM);m!E4=QE5twOL<^ua(!}yl5k)^*=g}Jk{r(s^HvAJn7S73gQrFW5$MVe1ZMNnyQR8CQ$XR2kHcUWYl zk4r#RUQtj^hFM5%dSR}wk7u~KL8L`;RJm_Sh=q?uv43`QE|;T)Z+=BVxLcLCiIaD} zfoEZExmjwIabAVKfsbQVc9nsFX_RYuQGITvQMi6Yg@3qLx>IJNPj0DsWO-h`d!YeW zdR2LOnWJf#sc(pxXQjDYRd!&3Z>B+pzK4l#ltFHCQf7vCNJ0&< zS8u0Giut)%y(oB6PUn9y`O-VQ+MzBBY@S^0ExRCl>*3|t8bwx)@+UNjn%g03OsDaezoFD3f<4^mT&P* NVvp;T Date: Mon, 19 May 2025 12:35:56 +0200 Subject: [PATCH 29/32] Fix remote builder: change used SSH key --- modules/nix/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nix/default.nix b/modules/nix/default.nix index 1b2258d..000ede4 100644 --- a/modules/nix/default.nix +++ b/modules/nix/default.nix @@ -92,7 +92,7 @@ ]; protocol = "ssh-ng"; sshUser = "root"; - sshKey = "/home/${config.ccr.username}/.ssh/id_rsa"; + sshKey = "/home/${config.ccr.username}/.ssh/id_ed25519"; } ++ (lib.lists.optional (config.networking.hostName == "picard") { hostName = "mac.staging.mlabs.city?remote-program=/run/current-system/sw/bin/nix-store"; From c9fe62115ba8f00ff1462aade3aad2134815fab9 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Mon, 19 May 2025 12:36:39 +0200 Subject: [PATCH 30/32] Add secret --- hosts/default.nix | 1 + modules/nginx-base/default.nix | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/default.nix b/hosts/default.nix index 7ed6ca8..cf4fc6f 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -109,6 +109,7 @@ "home-assistant-token".owner = "prometheus"; "grafana-password".owner = "grafana"; "cloudflare-dyndns-api-token" = { }; + "cloudflare-api-tokens" = { }; "restic-hetzner-password" = { }; "hass-ssh-key".owner = "hass"; "sisko-attic-environment-file".owner = "atticd"; diff --git a/modules/nginx-base/default.nix b/modules/nginx-base/default.nix index 5068162..a79716e 100644 --- a/modules/nginx-base/default.nix +++ b/modules/nginx-base/default.nix @@ -14,7 +14,7 @@ dnsProvider = "cloudflare"; dnsPropagationCheck = true; group = config.services.nginx.group; - environmentFile = config.age.secrets.cloudflare-dyndns-api-token.path; + environmentFile = config.age.secrets.cloudflare-api-tokens.path; }; }; }; From 71566df168b2f2a8bbee778144271111f287cd42 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Mon, 19 May 2025 12:36:55 +0200 Subject: [PATCH 31/32] Bump `nixpkgsSisko` --- flake.lock | 8 ++++---- flake.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 04719bc..474c3aa 100644 --- a/flake.lock +++ b/flake.lock @@ -663,17 +663,17 @@ }, "nixpkgsSisko": { "locked": { - "lastModified": 1742288794, - "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" } }, diff --git a/flake.nix b/flake.nix index 440867f..145218e 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { flakeParts.url = "github:hercules-ci/flake-parts"; - nixpkgsSisko.url = "github:NixOS/nixpkgs/b6eaf97c6960d97350c584de1b6dcff03c9daf42"; + nixpkgsSisko.url = "github:NixOS/nixpkgs/292fa7d4f6519c074f0a50394dbbe69859bb6043"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixosHardware.url = "github:NixOS/nixos-hardware"; homeManager = { From 7119b8321c39c840647847dffaab868c00e20d20 Mon Sep 17 00:00:00 2001 From: Seven of Nine Date: Mon, 19 May 2025 14:59:59 +0000 Subject: [PATCH 32/32] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'agenix': 'github:ryantm/agenix/96e078c646b711aee04b82ba01aefbff87004ded' (2025-04-26) → 'github:ryantm/agenix/4835b1dc898959d8547a871ef484930675cb47f1' (2025-05-18) • Updated input 'catppuccin': 'github:catppuccin/nix/a5db9e41a4dccfa5ffe38e6f1841a5f9ad5c5c04' (2025-05-02) → 'github:catppuccin/nix/3ba714046ee32373e88166e6e9474d6ae6a5b734' (2025-05-17) • Updated input 'disko': 'github:nix-community/disko/d0c543d740fad42fe2c035b43c9d41127e073c78' (2025-04-28) → 'github:nix-community/disko/cec44d77d9dacf0c91d3d51aff128fefabce06ee' (2025-05-19) • Updated input 'dream2nix': 'github:nix-community/dream2nix/8ce6284ff58208ed8961681276f82c2f8f978ef4' (2024-12-25) → 'github:nix-community/dream2nix/6fd6d9188f32efd1e1656b3c3e63a67f9df7b636' (2025-05-19) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/66bb2d7a4df96d0c1e63648850b7aed1b2e8d683' (2025-05-03) → 'github:nix-community/emacs-overlay/1b2bc802bbac29f4695e39fbf982944c0999b45d' (2025-05-19) • Updated input 'emacs-overlay/nixpkgs': 'github:NixOS/nixpkgs/f02fddb8acef29a8b32f10a335d44828d7825b78' (2025-05-01) → 'github:NixOS/nixpkgs/292fa7d4f6519c074f0a50394dbbe69859bb6043' (2025-05-18) • Updated input 'emacs-overlay/nixpkgs-stable': 'github:NixOS/nixpkgs/bf3287dac860542719fe7554e21e686108716879' (2025-05-02) → 'github:NixOS/nixpkgs/9b5ac7ad45298d58640540d0323ca217f32a6762' (2025-05-17) • Updated input 'git-hooks-nix': 'github:cachix/git-hooks.nix/dcf5072734cb576d2b0c59b2ac44f5050b5eac82' (2025-03-22) → 'github:cachix/git-hooks.nix/80479b6ec16fefd9c1db3ea13aeb038c60530f46' (2025-05-16) • Updated input 'homeManager': 'github:nix-community/home-manager/c0962eeeabfb8127713f859ec8a5f0e86dead0f2' (2025-05-03) → 'github:nix-community/home-manager/97118a310eb8e13bc1b9b12d67267e55b7bee6c8' (2025-05-18) • Updated input 'lanzaboote': 'github:nix-community/lanzaboote/995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba' (2025-04-21) → 'github:nix-community/lanzaboote/2e425f3da6ce7f5b34fa6eaf7a2a7f78dbabcc85' (2025-05-12) • Updated input 'lanzaboote/crane': 'github:ipetkov/crane/bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5' (2025-03-09) → 'github:ipetkov/crane/dfd9a8dfd09db9aad544c4d3b6c47b12562544a5' (2025-05-03) • Updated input 'lanzaboote/flake-parts': 'github:hercules-ci/flake-parts/f4330d22f1c5d2ba72d3d22df5597d123fdb60a9' (2025-03-07) → 'github:hercules-ci/flake-parts/c621e8422220273271f52058f618c94e405bb0f5' (2025-04-01) • Updated input 'lanzaboote/pre-commit-hooks-nix': 'github:cachix/pre-commit-hooks.nix/b5a62751225b2f62ff3147d0a334055ebadcd5cc' (2025-03-07) → 'github:cachix/pre-commit-hooks.nix/fa466640195d38ec97cf0493d6d6882bc4d14969' (2025-05-06) • Updated input 'lanzaboote/rust-overlay': 'github:oxalica/rust-overlay/c777dc8a1e35407b0e80ec89817fe69970f4e81a' (2025-03-10) → 'github:oxalica/rust-overlay/5b07506ae89b025b14de91f697eba23b48654c52' (2025-05-12) • Updated input 'lix': 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f' (2025-05-02) → 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=eb18a90afbe0ade000d957cda344a5bcb3d565d4' (2025-05-19) • Updated input 'lix-module': 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=fa69ae26cc32dda178117b46487c2165c0e08316' (2025-03-25) → 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=58baedd53f9da81fd728a4f3b08c378e5ba9ae58' (2025-05-10) • Updated input 'nix-on-droid': 'github:nix-community/nix-on-droid/5d88ff2519e4952f8d22472b52c531bb5f1635fc' (2024-09-06) → 'github:nix-community/nix-on-droid/40b8c7465f78887279a0a3c743094fa6ea671ab1' (2025-05-16) • Updated input 'nixosHardware': 'github:NixOS/nixos-hardware/72081c9fbbef63765ae82bff9727ea79cc86bd5b' (2025-04-29) → 'github:NixOS/nixos-hardware/e81fd167b33121269149c57806599045fd33eeed' (2025-05-13) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/f02fddb8acef29a8b32f10a335d44828d7825b78' (2025-05-01) → 'github:NixOS/nixpkgs/292fa7d4f6519c074f0a50394dbbe69859bb6043' (2025-05-18) • Updated input 'treefmt-nix': 'github:numtide/treefmt-nix/29ec5026372e0dec56f890e50dbe4f45930320fd' (2025-05-02) → 'github:numtide/treefmt-nix/ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb' (2025-05-17) --- flake.lock | 124 ++++++++++++++++++++++++++--------------------------- 1 file changed, 62 insertions(+), 62 deletions(-) diff --git a/flake.lock b/flake.lock index 474c3aa..5071c58 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1745630506, - "narHash": "sha256-bHCFgGeu8XjWlVuaWzi3QONjDW3coZDqSHvnd4l7xus=", + "lastModified": 1747575206, + "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", "owner": "ryantm", "repo": "agenix", - "rev": "96e078c646b711aee04b82ba01aefbff87004ded", + "rev": "4835b1dc898959d8547a871ef484930675cb47f1", "type": "github" }, "original": { @@ -26,11 +26,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1746175539, - "narHash": "sha256-/wjcn1CDQqOhwOoYKS8Xp0KejrdXSJZQMF1CbbrVtMw=", + "lastModified": 1747519437, + "narHash": "sha256-uv9Wv59d+mckS2CkorOF484wp2G5TNGijdoBZ5RkAk0=", "owner": "catppuccin", "repo": "nix", - "rev": "a5db9e41a4dccfa5ffe38e6f1841a5f9ad5c5c04", + "rev": "3ba714046ee32373e88166e6e9474d6ae6a5b734", "type": "github" }, "original": { @@ -41,11 +41,11 @@ }, "crane": { "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", + "lastModified": 1746291859, + "narHash": "sha256-DdWJLA+D5tcmrRSg5Y7tp/qWaD05ATI4Z7h22gd1h7Q=", "owner": "ipetkov", "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", + "rev": "dfd9a8dfd09db9aad544c4d3b6c47b12562544a5", "type": "github" }, "original": { @@ -83,11 +83,11 @@ ] }, "locked": { - "lastModified": 1745812220, - "narHash": "sha256-hotBG0EJ9VmAHJYF0yhWuTVZpENHvwcJ2SxvIPrXm+g=", + "lastModified": 1747621015, + "narHash": "sha256-j0fo1rNxZvmFLMaE945UrbLJZAHTlQmq0/QMgOP4GTs=", "owner": "nix-community", "repo": "disko", - "rev": "d0c543d740fad42fe2c035b43c9d41127e073c78", + "rev": "cec44d77d9dacf0c91d3d51aff128fefabce06ee", "type": "github" }, "original": { @@ -103,11 +103,11 @@ "pyproject-nix": "pyproject-nix" }, "locked": { - "lastModified": 1735160684, - "narHash": "sha256-n5CwhmqKxifuD4Sq4WuRP/h5LO6f23cGnSAuJemnd/4=", + "lastModified": 1747658429, + "narHash": "sha256-qZWuEdxmPx818qR61t3mMozJOvZSmTRUDPU4L3JeGgE=", "owner": "nix-community", "repo": "dream2nix", - "rev": "8ce6284ff58208ed8961681276f82c2f8f978ef4", + "rev": "6fd6d9188f32efd1e1656b3c3e63a67f9df7b636", "type": "github" }, "original": { @@ -122,11 +122,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1746240489, - "narHash": "sha256-DWMG7jkpxrEGzTZZerDqaxT8X983tibFGfNeoWtX1yU=", + "lastModified": 1747618089, + "narHash": "sha256-mbzwxQlxNamIMErEfwWRZ+ECmlQzxJ4eJvOM6/fxV5s=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "66bb2d7a4df96d0c1e63648850b7aed1b2e8d683", + "rev": "1b2bc802bbac29f4695e39fbf982944c0999b45d", "type": "github" }, "original": { @@ -191,11 +191,11 @@ ] }, "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", "type": "github" }, "original": { @@ -282,11 +282,11 @@ ] }, "locked": { - "lastModified": 1742649964, - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "lastModified": 1747372754, + "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", "type": "github" }, "original": { @@ -387,11 +387,11 @@ ] }, "locked": { - "lastModified": 1746243165, - "narHash": "sha256-DQycVmlyLQNLjLJ/FzpokVmbxGQ8HjQQ4zN4nyq2vII=", + "lastModified": 1747565775, + "narHash": "sha256-B6jmKHUEX1jxxcdoYHl7RVaeohtAVup8o3nuVkzkloA=", "owner": "nix-community", "repo": "home-manager", - "rev": "c0962eeeabfb8127713f859ec8a5f0e86dead0f2", + "rev": "97118a310eb8e13bc1b9b12d67267e55b7bee6c8", "type": "github" }, "original": { @@ -448,11 +448,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1745271491, - "narHash": "sha256-4GAHjus6JRpYHVROMIhFIz/sgLDF/klBM3UHulbSK9s=", + "lastModified": 1747056319, + "narHash": "sha256-qSKcBaISBozadtPq6BomnD+wIYTZIkiua3UuHLaD52c=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "995637eb3ab78eac33f8ee6b45cc2ecd5ede12ba", + "rev": "2e425f3da6ce7f5b34fa6eaf7a2a7f78dbabcc85", "type": "github" }, "original": { @@ -464,11 +464,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1746186329, - "narHash": "sha256-MLz0MjeVCaqvIvf5szUwNwYEiXC/lKWL0I2VS+6V/e0=", + "lastModified": 1747664434, + "narHash": "sha256-ph9fCCvzgZ1PNOu82SSoceX/tYZ5MfmX3PkBxBiNxwA=", "ref": "refs/heads/main", - "rev": "4e84fd9a0061a04627ec6962c0ed08c2ad0b8a7f", - "revCount": 17824, + "rev": "eb18a90afbe0ade000d957cda344a5bcb3d565d4", + "revCount": 17900, "type": "git", "url": "https://git@git.lix.systems/lix-project/lix" }, @@ -489,11 +489,11 @@ ] }, "locked": { - "lastModified": 1742945498, - "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", + "lastModified": 1746839253, + "narHash": "sha256-pRwi8Wn8Yofj459gq+3oIRy8F3SXeEJ6mzfIAUgM9nA=", "ref": "refs/heads/main", - "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", - "revCount": 138, + "rev": "58baedd53f9da81fd728a4f3b08c378e5ba9ae58", + "revCount": 142, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -554,11 +554,11 @@ "nmd": "nmd" }, "locked": { - "lastModified": 1725658585, - "narHash": "sha256-P29z4Gt89n5ps1U7+qmIrj0BuRXGZQSIaOe2+tsPgfw=", + "lastModified": 1747382160, + "narHash": "sha256-nlHPjA5GH4wdwnAoOzCt7BVLUKtIAAW2ClNGz2OxTrs=", "owner": "nix-community", "repo": "nix-on-droid", - "rev": "5d88ff2519e4952f8d22472b52c531bb5f1635fc", + "rev": "40b8c7465f78887279a0a3c743094fa6ea671ab1", "type": "github" }, "original": { @@ -569,11 +569,11 @@ }, "nixosHardware": { "locked": { - "lastModified": 1745955289, - "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -647,11 +647,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1746183838, - "narHash": "sha256-kwaaguGkAqTZ1oK0yXeQ3ayYjs8u/W7eEfrFpFfIDFA=", + "lastModified": 1747485343, + "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bf3287dac860542719fe7554e21e686108716879", + "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", "type": "github" }, "original": { @@ -711,11 +711,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { @@ -742,11 +742,11 @@ }, "nixpkgs_6": { "locked": { - "lastModified": 1746141548, - "narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=", + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f02fddb8acef29a8b32f10a335d44828d7825b78", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", "type": "github" }, "original": { @@ -821,11 +821,11 @@ ] }, "locked": { - "lastModified": 1741379162, - "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", + "lastModified": 1746537231, + "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", + "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969", "type": "github" }, "original": { @@ -906,11 +906,11 @@ ] }, "locked": { - "lastModified": 1741573199, - "narHash": "sha256-A2sln1GdCf+uZ8yrERSCZUCqZ3JUlOv1WE2VFqqfaLQ=", + "lastModified": 1747017456, + "narHash": "sha256-C/U12fcO+HEF071b5mK65lt4XtAIZyJSSJAg9hdlvTk=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c777dc8a1e35407b0e80ec89817fe69970f4e81a", + "rev": "5b07506ae89b025b14de91f697eba23b48654c52", "type": "github" }, "original": { @@ -1009,11 +1009,11 @@ ] }, "locked": { - "lastModified": 1746216483, - "narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=", + "lastModified": 1747469671, + "narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "29ec5026372e0dec56f890e50dbe4f45930320fd", + "rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb", "type": "github" }, "original": {