From 9b9d923a2537b9e53e68adaeaec94cc4ae8d784a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 18:03:12 +0800 Subject: [PATCH 01/10] ci: eval deploy --- .github/workflows/eval.yaml | 53 +++++++++++++++++++++++++++++++++++++ flake.lock | 4 +-- flake.nix | 18 ++++++++----- 3 files changed, 67 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/eval.yaml diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml new file mode 100644 index 0000000..90a9897 --- /dev/null +++ b/.github/workflows/eval.yaml @@ -0,0 +1,53 @@ +name: Eval NixOS Configurations + +on: + push: + branches: + - deploy + workflow_dispatch: + +permissions: + contents: write + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + ref: deploy + + - name: Install Nix + uses: cachix/install-nix-action@v25 + + - name: Configure Git + run: | + git config --global user.name "GitHub Actions Bot" + git config --global user.email "actions@github.com" + + - name: Process Configurations + run: | + git checkout -b deploy-comin-eval + mkdir -p eval + hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]') + echo "Found hosts: $hosts" + + failed_hosts="" + for host in $hosts; do + echo "Eval derivation for $host" + if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + echo "❌ Failed to evaluate $host" + failed_hosts+="$host " + rm "eval/$host.json" + else + echo "✅ Successfully evaluated $host" + fi + done + + echo "Failed hosts: $failed_hosts" + + git add eval/ + git commit -m "Update deployment configurations for all hosts" + + git push origin deploy-comin-eval diff --git a/flake.lock b/flake.lock index f46f16e..8b8ea79 100644 --- a/flake.lock +++ b/flake.lock @@ -382,11 +382,11 @@ "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa", "revCount": 20, "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" }, "original": { "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" } }, "nix-darwin": { diff --git a/flake.nix b/flake.nix index d01cdba..4da0466 100644 --- a/flake.nix +++ b/flake.nix @@ -43,7 +43,7 @@ }; my-nixvim = { - url = "git+https://git.xinyang.life/xin/nixvim"; + url = "git+https://git.xiny.li/xin/nixvim"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -286,16 +286,22 @@ { imports = nodeNixosModules.biotite ++ sharedColmenaModules; }; + + osmium = + { ... }: + { + deployment = { + targetHost = "osmium.coho-tet.ts.net"; + buildOnTarget = false; + }; + imports = nodeNixosModules.osmium ++ sharedColmenaModules; + }; }; nixosConfigurations = { calcite = mkNixos { hostname = "calcite"; }; - - osmium = mkNixos { - hostname = "osmium"; - }; } // self.colmenaHive.nodes; } @@ -305,7 +311,7 @@ pkgs = nixpkgs.legacyPackages.${system}; mkHomeConfiguration = user: host: { - name = user; + name = "${user}-${host}"; value = home-manager.lib.homeManagerConfiguration { inherit pkgs; modules = [ From 2b2aa11c52f0765de7f30ff30df8a3558727992b Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 19:36:28 +0800 Subject: [PATCH 02/10] calcite: test comin --- flake.lock | 21 +++++++++++++++++++++ flake.nix | 7 +++++++ machines/calcite/configuration.nix | 14 +++++++++++++- 3 files changed, 41 insertions(+), 1 deletion(-) diff --git a/flake.lock b/flake.lock index 8b8ea79..4713bdb 100644 --- a/flake.lock +++ b/flake.lock @@ -39,6 +39,26 @@ "type": "github" } }, + "comin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1734693645, + "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=", + "owner": "xinyangli", + "repo": "comin", + "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190", + "type": "github" + }, + "original": { + "owner": "xinyangli", + "repo": "comin", + "type": "github" + } + }, "devshell": { "inputs": { "nixpkgs": [ @@ -642,6 +662,7 @@ "inputs": { "catppuccin": "catppuccin", "colmena": "colmena", + "comin": "comin", "disko": "disko", "flake-utils": "flake-utils_2", "home-manager": "home-manager", diff --git a/flake.nix b/flake.nix index 4da0466..becf4ba 100644 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,11 @@ url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; + + comin = { + url = "github:xinyangli/comin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -72,6 +77,7 @@ colmena, nix-index-database, disko, + comin, ... }: let @@ -114,6 +120,7 @@ catppuccin.nixosModules.catppuccin machines/calcite/configuration.nix (mkHome "xin" "calcite") + comin.nixosModules.comin ]; hk-00 = [ ./machines/dolomite/claw.nix diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index c5afb73..c8e4e4a 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -15,6 +15,18 @@ in ../sops.nix ]; + services.comin = { + enable = true; + remotes = [ + { + name = "origin"; + url = "https://github.com/xinyangli/nixos-config.git"; + branches.main.name = "deploy-comin-eval"; + } + ]; + hostname = config.networking.hostName; + }; + commonSettings = { # auth.enable = true; nix = { @@ -176,7 +188,7 @@ in ]; settings = { main = { - capslock = "overload(control, esc)"; + leftcontrol = "overload(control, esc)"; }; }; }; From 872849c87567adab55573b514bc5f23f4d0611a6 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 20:33:35 +0800 Subject: [PATCH 03/10] calcite: drop flatpak --- home/xin/calcite.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index d90cc4d..c834d39 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -108,10 +108,12 @@ in xdg.systemDirs.data = [ "/usr/share" - "/var/lib/flatpak/exports/share" - "${homeDirectory}/.local/share/flatpak/exports/share" ]; + xdg.configFile."distrobox/distrobox.conf".text = '' + container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro" + ''; + programs.man.generateCaches = false; programs.atuin = { From ade0694d14775369e1c2c1f0aa93d90ce7203fc6 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 20:51:56 +0800 Subject: [PATCH 04/10] modules/comin: init --- .github/workflows/eval.yaml | 2 +- modules/nixos/common-settings/comin.nix | 32 +++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 modules/nixos/common-settings/comin.nix diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 90a9897..1997213 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -36,7 +36,7 @@ jobs: failed_hosts="" for host in $hosts; do echo "Eval derivation for $host" - if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then echo "❌ Failed to evaluate $host" failed_hosts+="$host " rm "eval/$host.json" diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix new file mode 100644 index 0000000..3d543f2 --- /dev/null +++ b/modules/nixos/common-settings/comin.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + ... +}: +let + inherit (lib) + mkEnableOption + mkIf + ; + + cfg = config.commonSettings.comin; +in +{ + options.commonSettings.comin = { + enable = mkEnableOption "auto updater with comin"; + }; + + config = { + services.comin = mkIf cfg.enable { + enable = true; + remotes = [ + { + name = "origin"; + url = "https://github.com/xinyangli/nixos-config.git"; + branches.main.name = "deploy-comin-eval"; + } + ]; + hostname = config.networking.hostName; + }; + }; +} From 49520149ab8f3c2862e78e64f9f849232c5f5b1e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 20:52:27 +0800 Subject: [PATCH 05/10] calcite,weilite: use comin to auto update --- .github/workflows/eval.yaml | 6 ++---- flake.nix | 2 +- machines/calcite/configuration.nix | 13 +----------- machines/weilite/default.nix | 29 ++++++++++++++++++++++---- machines/weilite/services/default.nix | 1 + machines/weilite/services/jellyfin.nix | 15 +++++++++++++ modules/nixos/default.nix | 1 + 7 files changed, 46 insertions(+), 21 deletions(-) create mode 100644 machines/weilite/services/jellyfin.nix diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 1997213..494704f 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -1,10 +1,8 @@ name: Eval NixOS Configurations on: - push: - branches: - - deploy - workflow_dispatch: + check_suite: + types: [completed] permissions: contents: write diff --git a/flake.nix b/flake.nix index becf4ba..a1362f8 100644 --- a/flake.nix +++ b/flake.nix @@ -113,6 +113,7 @@ sharedNixosModules = [ self.nixosModules.default sops-nix.nixosModules.sops + comin.nixosModules.comin ]; nodeNixosModules = { calcite = [ @@ -120,7 +121,6 @@ catppuccin.nixosModules.catppuccin machines/calcite/configuration.nix (mkHome "xin" "calcite") - comin.nixosModules.comin ]; hk-00 = [ ./machines/dolomite/claw.nix diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index c8e4e4a..a3c84c4 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -15,23 +15,12 @@ in ../sops.nix ]; - services.comin = { - enable = true; - remotes = [ - { - name = "origin"; - url = "https://github.com/xinyangli/nixos-config.git"; - branches.main.name = "deploy-comin-eval"; - } - ]; - hostname = config.networking.hostName; - }; - commonSettings = { # auth.enable = true; nix = { signing.enable = true; }; + comin.enable = true; }; # Bootloader. diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index 9d8cd04..bae1b92 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -19,6 +19,7 @@ nix = { enable = true; }; + comin.enable = true; }; boot = { @@ -38,7 +39,10 @@ nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ pkgs.virtiofsd ]; + environment.systemPackages = [ + pkgs.virtiofsd + pkgs.intel-gpu-tools + ]; sops = { defaultSopsFile = ./secrets.yaml; @@ -94,15 +98,32 @@ options = "rw,nodev,nosuid"; wantedBy = [ "restic-rest-server.service" ]; } + # { + # what = "ocis"; + # where = "/var/lib/ocis"; + # type = "virtiofs"; + # options = "rw,nodev,nosuid"; + # wantedBy = [ "ocis.service" ]; + # } { - what = "ocis"; - where = "/var/lib/ocis"; + what = "media"; + where = "/var/lib/jellyfin/media"; type = "virtiofs"; options = "rw,nodev,nosuid"; - wantedBy = [ "ocis.service" ]; } ]; + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + intel-vaapi-driver + vaapiVdpau + intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + intel-media-sdk # QSV up to 11th gen + ]; + }; + services.openssh.ports = [ 22 2222 diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix index 0a6e4ca..5a5cc25 100644 --- a/machines/weilite/services/default.nix +++ b/machines/weilite/services/default.nix @@ -4,5 +4,6 @@ ./restic.nix ./media-download.nix ./immich.nix + ./jellyfin.nix ]; } diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix new file mode 100644 index 0000000..d321de5 --- /dev/null +++ b/machines/weilite/services/jellyfin.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: +{ + services.jellyfin.enable = true; + + environment.systemPackages = with pkgs; [ + jellyfin + jellyfin-web + jellyfin-ffmpeg + ]; + services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = '' + reverse_proxy 127.0.0.1:8096 + ''; + networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan + users.users.jellyfin.extraGroups = [ "render" ]; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index d2f210d..33929ce 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -2,6 +2,7 @@ imports = [ ./common-settings/auth.nix ./common-settings/autoupgrade.nix + ./common-settings/comin.nix ./common-settings/nix-conf.nix ./common-settings/proxy-server.nix ./common-settings/mainland.nix From cc9d6c362d67dc79c7c92fd17e351d22640787c0 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:13:25 +0800 Subject: [PATCH 06/10] ci: use garnix cache in ci --- .github/workflows/eval.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 494704f..63c71ec 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -18,6 +18,10 @@ jobs: - name: Install Nix uses: cachix/install-nix-action@v25 + with: + extra_nix_conf: | + extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= + extra-substituters = https://cache.garnix.io - name: Configure Git run: | From 3059bdce30bb4bdf78abd419227a24019f37881b Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:18:33 +0800 Subject: [PATCH 07/10] home: cleanup profiles --- home/default.nix | 1 + home/xin/raspite/default.nix | 25 ------------------------- 2 files changed, 1 insertion(+), 25 deletions(-) delete mode 100644 home/xin/raspite/default.nix diff --git a/home/default.nix b/home/default.nix index ddd31bf..ea2911a 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,6 @@ { xin = { calcite = import ./xin/calcite.nix; + gold = import ./xin/gold; }; } diff --git a/home/xin/raspite/default.nix b/home/xin/raspite/default.nix deleted file mode 100644 index 888383c..0000000 --- a/home/xin/raspite/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ ../common ]; - - home.username = "xin"; - home.homeDirectory = "/home/xin"; - home.stateVersion = "23.05"; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; - - accounts.email.accounts.gmail = { - primary = true; - address = "lixinyang411@gmail.com"; - flavor = "gmail.com"; - }; - - accounts.email.accounts.whu = { - address = "lixinyang411@whu.edu.cn"; - }; - - accounts.email.accounts.foxmail = { - address = "lixinyang411@foxmail.com"; - }; -} From c3934c2b56022e8d99a21c1f859c988198babce1 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:19:53 +0800 Subject: [PATCH 08/10] hm/waybar: fix missing icon and remove unused tray icon --- modules/home-manager/gui/themes.nix | 4 ++++ modules/home-manager/gui/waybar.nix | 18 ------------------ 2 files changed, 4 insertions(+), 18 deletions(-) diff --git a/modules/home-manager/gui/themes.nix b/modules/home-manager/gui/themes.nix index ad0de1c..6278692 100644 --- a/modules/home-manager/gui/themes.nix +++ b/modules/home-manager/gui/themes.nix @@ -13,6 +13,10 @@ name = "Catppuccin-GTK-Dark"; package = pkgs.magnetic-catppuccin-gtk; }; + iconTheme = { + name = "Qogir"; + package = pkgs.qogir-icon-theme; + }; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; }; diff --git a/modules/home-manager/gui/waybar.nix b/modules/home-manager/gui/waybar.nix index 3890a00..66b9ecb 100644 --- a/modules/home-manager/gui/waybar.nix +++ b/modules/home-manager/gui/waybar.nix @@ -44,8 +44,6 @@ in modules-right = [ "network#speed" "custom/separator" - "network#if" - "custom/separator" "pulseaudio" "custom/separator" "memory" @@ -121,22 +119,6 @@ in format = " {percentage}%"; }; - "network#if" = { - format = "{ifname}"; - format-disconnected = "󰌙"; - format-ethernet = "󰌘"; - format-linked = "{ifname} (No IP) 󰈁"; - format-wifi = "{icon}"; - format-icons = [ - "󰤯" - "󰤟" - "󰤢" - "󰤥" - "󰤨" - ]; - interval = 10; - }; - "network#speed" = { format = "{ifname}"; format-disconnected = "󰌙"; From 133e70967fcff465535442585e3ad664f4beb21a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:34:44 +0800 Subject: [PATCH 09/10] ci: point branch 'deploy-comin' to successful evaluations --- .github/workflows/eval.yaml | 4 ++++ modules/nixos/common-settings/comin.nix | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 63c71ec..1e2d0bd 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -53,3 +53,7 @@ jobs: git commit -m "Update deployment configurations for all hosts" git push origin deploy-comin-eval + + # After success, reset deploy-comin to new deploy + git checkout -b deploy-comin + git reset --hard deploy diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix index 3d543f2..70a23ee 100644 --- a/modules/nixos/common-settings/comin.nix +++ b/modules/nixos/common-settings/comin.nix @@ -23,7 +23,7 @@ in { name = "origin"; url = "https://github.com/xinyangli/nixos-config.git"; - branches.main.name = "deploy-comin-eval"; + branches.main.name = "deploy-comin"; } ]; hostname = config.networking.hostName; From 5220cceda806929ae5e9fd274ef18e16c61e6f38 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:39:25 +0800 Subject: [PATCH 10/10] ci: fix recursive job trigger --- .github/workflows/eval.yaml | 3 ++- garnix.yaml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 1e2d0bd..1bc00bd 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -52,8 +52,9 @@ jobs: git add eval/ git commit -m "Update deployment configurations for all hosts" - git push origin deploy-comin-eval + git push -f origin deploy-comin-eval # After success, reset deploy-comin to new deploy git checkout -b deploy-comin git reset --hard deploy + git push -f origin deploy-comin diff --git a/garnix.yaml b/garnix.yaml index 38563a7..0fc1635 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -7,4 +7,4 @@ builds: - homeConfigurations.aarch64-linux.* - darwinConfigurations.* - nixosConfigurations.* - + branch: deploy