diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 528dd53..1bc00bd 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -1,10 +1,8 @@ name: Eval NixOS Configurations on: - push: - branches: - - deploy - workflow_dispatch: + check_suite: + types: [completed] permissions: contents: write @@ -20,6 +18,10 @@ jobs: - name: Install Nix uses: cachix/install-nix-action@v25 + with: + extra_nix_conf: | + extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= + extra-substituters = https://cache.garnix.io - name: Configure Git run: | @@ -33,19 +35,26 @@ jobs: hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]') echo "Found hosts: $hosts" + failed_hosts="" for host in $hosts; do echo "Eval derivation for $host" - if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then echo "❌ Failed to evaluate $host" + failed_hosts+="$host " + rm "eval/$host.json" else echo "✅ Successfully evaluated $host" fi done - echo "Total hosts: $(echo "$hosts" | wc -w)" echo "Failed hosts: $failed_hosts" git add eval/ git commit -m "Update deployment configurations for all hosts" - git push origin deploy-comin-eval + git push -f origin deploy-comin-eval + + # After success, reset deploy-comin to new deploy + git checkout -b deploy-comin + git reset --hard deploy + git push -f origin deploy-comin diff --git a/flake.lock b/flake.lock index 8b8ea79..4713bdb 100644 --- a/flake.lock +++ b/flake.lock @@ -39,6 +39,26 @@ "type": "github" } }, + "comin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1734693645, + "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=", + "owner": "xinyangli", + "repo": "comin", + "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190", + "type": "github" + }, + "original": { + "owner": "xinyangli", + "repo": "comin", + "type": "github" + } + }, "devshell": { "inputs": { "nixpkgs": [ @@ -642,6 +662,7 @@ "inputs": { "catppuccin": "catppuccin", "colmena": "colmena", + "comin": "comin", "disko": "disko", "flake-utils": "flake-utils_2", "home-manager": "home-manager", diff --git a/flake.nix b/flake.nix index 4da0466..a1362f8 100644 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,11 @@ url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; + + comin = { + url = "github:xinyangli/comin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -72,6 +77,7 @@ colmena, nix-index-database, disko, + comin, ... }: let @@ -107,6 +113,7 @@ sharedNixosModules = [ self.nixosModules.default sops-nix.nixosModules.sops + comin.nixosModules.comin ]; nodeNixosModules = { calcite = [ diff --git a/garnix.yaml b/garnix.yaml index 38563a7..0fc1635 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -7,4 +7,4 @@ builds: - homeConfigurations.aarch64-linux.* - darwinConfigurations.* - nixosConfigurations.* - + branch: deploy diff --git a/home/default.nix b/home/default.nix index ddd31bf..ea2911a 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,6 @@ { xin = { calcite = import ./xin/calcite.nix; + gold = import ./xin/gold; }; } diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index d90cc4d..c834d39 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -108,10 +108,12 @@ in xdg.systemDirs.data = [ "/usr/share" - "/var/lib/flatpak/exports/share" - "${homeDirectory}/.local/share/flatpak/exports/share" ]; + xdg.configFile."distrobox/distrobox.conf".text = '' + container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro" + ''; + programs.man.generateCaches = false; programs.atuin = { diff --git a/home/xin/raspite/default.nix b/home/xin/raspite/default.nix deleted file mode 100644 index 888383c..0000000 --- a/home/xin/raspite/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ ../common ]; - - home.username = "xin"; - home.homeDirectory = "/home/xin"; - home.stateVersion = "23.05"; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; - - accounts.email.accounts.gmail = { - primary = true; - address = "lixinyang411@gmail.com"; - flavor = "gmail.com"; - }; - - accounts.email.accounts.whu = { - address = "lixinyang411@whu.edu.cn"; - }; - - accounts.email.accounts.foxmail = { - address = "lixinyang411@foxmail.com"; - }; -} diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index c5afb73..a3c84c4 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -20,6 +20,7 @@ in nix = { signing.enable = true; }; + comin.enable = true; }; # Bootloader. @@ -176,7 +177,7 @@ in ]; settings = { main = { - capslock = "overload(control, esc)"; + leftcontrol = "overload(control, esc)"; }; }; }; diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index 9d8cd04..bae1b92 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -19,6 +19,7 @@ nix = { enable = true; }; + comin.enable = true; }; boot = { @@ -38,7 +39,10 @@ nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ pkgs.virtiofsd ]; + environment.systemPackages = [ + pkgs.virtiofsd + pkgs.intel-gpu-tools + ]; sops = { defaultSopsFile = ./secrets.yaml; @@ -94,15 +98,32 @@ options = "rw,nodev,nosuid"; wantedBy = [ "restic-rest-server.service" ]; } + # { + # what = "ocis"; + # where = "/var/lib/ocis"; + # type = "virtiofs"; + # options = "rw,nodev,nosuid"; + # wantedBy = [ "ocis.service" ]; + # } { - what = "ocis"; - where = "/var/lib/ocis"; + what = "media"; + where = "/var/lib/jellyfin/media"; type = "virtiofs"; options = "rw,nodev,nosuid"; - wantedBy = [ "ocis.service" ]; } ]; + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + intel-vaapi-driver + vaapiVdpau + intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + intel-media-sdk # QSV up to 11th gen + ]; + }; + services.openssh.ports = [ 22 2222 diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix index 0a6e4ca..5a5cc25 100644 --- a/machines/weilite/services/default.nix +++ b/machines/weilite/services/default.nix @@ -4,5 +4,6 @@ ./restic.nix ./media-download.nix ./immich.nix + ./jellyfin.nix ]; } diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix new file mode 100644 index 0000000..d321de5 --- /dev/null +++ b/machines/weilite/services/jellyfin.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: +{ + services.jellyfin.enable = true; + + environment.systemPackages = with pkgs; [ + jellyfin + jellyfin-web + jellyfin-ffmpeg + ]; + services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = '' + reverse_proxy 127.0.0.1:8096 + ''; + networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan + users.users.jellyfin.extraGroups = [ "render" ]; +} diff --git a/modules/home-manager/gui/themes.nix b/modules/home-manager/gui/themes.nix index ad0de1c..6278692 100644 --- a/modules/home-manager/gui/themes.nix +++ b/modules/home-manager/gui/themes.nix @@ -13,6 +13,10 @@ name = "Catppuccin-GTK-Dark"; package = pkgs.magnetic-catppuccin-gtk; }; + iconTheme = { + name = "Qogir"; + package = pkgs.qogir-icon-theme; + }; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; }; diff --git a/modules/home-manager/gui/waybar.nix b/modules/home-manager/gui/waybar.nix index 3890a00..66b9ecb 100644 --- a/modules/home-manager/gui/waybar.nix +++ b/modules/home-manager/gui/waybar.nix @@ -44,8 +44,6 @@ in modules-right = [ "network#speed" "custom/separator" - "network#if" - "custom/separator" "pulseaudio" "custom/separator" "memory" @@ -121,22 +119,6 @@ in format = " {percentage}%"; }; - "network#if" = { - format = "{ifname}"; - format-disconnected = "󰌙"; - format-ethernet = "󰌘"; - format-linked = "{ifname} (No IP) 󰈁"; - format-wifi = "{icon}"; - format-icons = [ - "󰤯" - "󰤟" - "󰤢" - "󰤥" - "󰤨" - ]; - interval = 10; - }; - "network#speed" = { format = "{ifname}"; format-disconnected = "󰌙"; diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix new file mode 100644 index 0000000..70a23ee --- /dev/null +++ b/modules/nixos/common-settings/comin.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + ... +}: +let + inherit (lib) + mkEnableOption + mkIf + ; + + cfg = config.commonSettings.comin; +in +{ + options.commonSettings.comin = { + enable = mkEnableOption "auto updater with comin"; + }; + + config = { + services.comin = mkIf cfg.enable { + enable = true; + remotes = [ + { + name = "origin"; + url = "https://github.com/xinyangli/nixos-config.git"; + branches.main.name = "deploy-comin"; + } + ]; + hostname = config.networking.hostName; + }; + }; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index d2f210d..33929ce 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -2,6 +2,7 @@ imports = [ ./common-settings/auth.nix ./common-settings/autoupgrade.nix + ./common-settings/comin.nix ./common-settings/nix-conf.nix ./common-settings/proxy-server.nix ./common-settings/mainland.nix