diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 1bc00bd..528dd53 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -1,8 +1,10 @@ name: Eval NixOS Configurations on: - check_suite: - types: [completed] + push: + branches: + - deploy + workflow_dispatch: permissions: contents: write @@ -18,10 +20,6 @@ jobs: - name: Install Nix uses: cachix/install-nix-action@v25 - with: - extra_nix_conf: | - extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= - extra-substituters = https://cache.garnix.io - name: Configure Git run: | @@ -35,26 +33,19 @@ jobs: hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]') echo "Found hosts: $hosts" - failed_hosts="" for host in $hosts; do echo "Eval derivation for $host" - if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then echo "❌ Failed to evaluate $host" - failed_hosts+="$host " - rm "eval/$host.json" else echo "✅ Successfully evaluated $host" fi done + echo "Total hosts: $(echo "$hosts" | wc -w)" echo "Failed hosts: $failed_hosts" git add eval/ git commit -m "Update deployment configurations for all hosts" - git push -f origin deploy-comin-eval - - # After success, reset deploy-comin to new deploy - git checkout -b deploy-comin - git reset --hard deploy - git push -f origin deploy-comin + git push origin deploy-comin-eval diff --git a/flake.lock b/flake.lock index a3527f7..8b8ea79 100644 --- a/flake.lock +++ b/flake.lock @@ -1,25 +1,12 @@ { "nodes": { "catppuccin": { - "inputs": { - "catppuccin-v1_1": "catppuccin-v1_1", - "catppuccin-v1_2": "catppuccin-v1_2", - "home-manager": [ - "home-manager" - ], - "home-manager-stable": "home-manager-stable", - "nixpkgs": [ - "nixpkgs" - ], - "nixpkgs-stable": "nixpkgs-stable", - "nuscht-search": "nuscht-search" - }, "locked": { - "lastModified": 1735263930, - "narHash": "sha256-vU7SkHINr+NqmZeFLA11plsaUfazKKpdEhI/oTJbK3Q=", + "lastModified": 1733001911, + "narHash": "sha256-uX/9m0TbdhEzuWA0muM5mI/AaWcLiDLjCCyu5Qr9MRk=", "owner": "catppuccin", "repo": "nix", - "rev": "a2e641bc6b17129d81d54019e14c9956784c69c6", + "rev": "a817009ebfd2cca7f70a77884e5098d0a8c83f8e", "type": "github" }, "original": { @@ -28,38 +15,10 @@ "type": "github" } }, - "catppuccin-v1_1": { - "locked": { - "lastModified": 1734055249, - "narHash": "sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68=", - "rev": "7221d6ca17ac36ed20588e1c3a80177ac5843fa7", - "revCount": 326, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/catppuccin/nix/1.1.%2A.tar.gz" - } - }, - "catppuccin-v1_2": { - "locked": { - "lastModified": 1734728407, - "narHash": "sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA=", - "rev": "23ee86dbf4ed347878115a78971d43025362fab1", - "revCount": 341, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/catppuccin/nix/1.2.%2A.tar.gz" - } - }, "colmena": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils", "nix-github-actions": "nix-github-actions", "nixpkgs": [ "nixpkgs" @@ -67,11 +26,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1734897875, - "narHash": "sha256-LLpiqfOGBippRax9F33kSJ/Imt8gJXb6o0JwSBiNHCk=", + "lastModified": 1731527002, + "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "a6b51f5feae9bfb145daa37fd0220595acb7871e", + "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1", "type": "github" }, "original": { @@ -80,26 +39,6 @@ "type": "github" } }, - "comin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1734693645, - "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=", - "owner": "xinyangli", - "repo": "comin", - "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190", - "type": "github" - }, - "original": { - "owner": "xinyangli", - "repo": "comin", - "type": "github" - } - }, "devshell": { "inputs": { "nixpkgs": [ @@ -129,11 +68,11 @@ ] }, "locked": { - "lastModified": 1735048446, - "narHash": "sha256-Tc35Y8H+krA6rZeOIczsaGAtobSSBPqR32AfNTeHDRc=", + "lastModified": 1733168902, + "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=", "owner": "nix-community", "repo": "disko", - "rev": "3a4de9fa3a78ba7b7170dda6bd8b4cdab87c0b21", + "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5", "type": "github" }, "original": { @@ -250,6 +189,21 @@ } }, "flake-utils": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { "inputs": { "systems": "systems" }, @@ -267,43 +221,10 @@ "type": "github" } }, - "flake-utils_2": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flake-utils_3": { "inputs": { "systems": "systems_2" }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_4": { - "inputs": { - "systems": "systems_3" - }, "locked": { "lastModified": 1726560853, "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", @@ -381,11 +302,11 @@ ] }, "locked": { - "lastModified": 1735343815, - "narHash": "sha256-p7IJP/97zJda/wwCn1T2LJBz4olF5LjNf4uwhuyvARo=", + "lastModified": 1733754861, + "narHash": "sha256-3JKzIou54yjiMVmvgdJwopekEvZxX3JDT8DpKZs4oXY=", "owner": "nix-community", "repo": "home-manager", - "rev": "b7a7cd5dd1a74a9fe86ed4e016f91c78483b527a", + "rev": "9ebaa80a227eaca9c87c53ed515ade013bc2bca9", "type": "github" }, "original": { @@ -394,28 +315,6 @@ "type": "github" } }, - "home-manager-stable": { - "inputs": { - "nixpkgs": [ - "catppuccin", - "nixpkgs-stable" - ] - }, - "locked": { - "lastModified": 1734366194, - "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-24.11", - "repo": "home-manager", - "type": "github" - } - }, "home-manager_2": { "inputs": { "nixpkgs": [ @@ -439,34 +338,6 @@ } }, "ixx": { - "inputs": { - "flake-utils": [ - "catppuccin", - "nuscht-search", - "flake-utils" - ], - "nixpkgs": [ - "catppuccin", - "nuscht-search", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729958008, - "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", - "owner": "NuschtOS", - "repo": "ixx", - "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", - "type": "github" - }, - "original": { - "owner": "NuschtOS", - "ref": "v0.0.6", - "repo": "ixx", - "type": "github" - } - }, - "ixx_2": { "inputs": { "flake-utils": [ "my-nixvim", @@ -505,11 +376,11 @@ "nixvim": "nixvim" }, "locked": { - "lastModified": 1735219902, - "narHash": "sha256-s1aI4l9e0OX861wHsvAPqz/s8B9ZTltAMJzPRXt5Kqo=", + "lastModified": 1732936640, + "narHash": "sha256-NcluA0L+ZV5MUj3UuQhlkGCj8KoEhX/ObWlMHZ/F/ac=", "ref": "refs/heads/master", - "rev": "4439691030d1a28f4ad49c542104e3f880f7c183", - "revCount": 25, + "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa", + "revCount": 20, "type": "git", "url": "https://git.xiny.li/xin/nixvim" }, @@ -568,11 +439,11 @@ ] }, "locked": { - "lastModified": 1735222882, - "narHash": "sha256-kWNi45/mRjQMG+UpaZQ7KyPavYrKfle3WgLn9YeBBVg=", + "lastModified": 1733629314, + "narHash": "sha256-U0vivjQFAwjNDYt49Krevs1murX9hKBFe2Ye0cHpgbU=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "7e3246f6ad43b44bc1c16d580d7bf6467f971530", + "rev": "f1e477a7dd11e27e7f98b646349cd66bbabf2fb8", "type": "github" }, "original": { @@ -592,11 +463,11 @@ ] }, "locked": { - "lastModified": 1735350281, - "narHash": "sha256-rNhcGVh6Xnc0DKWR5RTTD9OxucfAotd41LEuMCGz228=", + "lastModified": 1733795858, + "narHash": "sha256-K595Q2PrZv2iiumdBkwM2G456T2lKsLD71bn/fbJiQ0=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "57719f14beefb91c5b58da26bb9cffbdb4f70bfa", + "rev": "66ced222ef9235f90dbdd754ede3d6476722aaa9", "type": "github" }, "original": { @@ -607,11 +478,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1734954597, - "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=", + "lastModified": 1733481457, + "narHash": "sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "def1d472c832d77885f174089b0d34854b007198", + "rev": "e563803af3526852b6b1d77107a81908c66a9fcf", "type": "github" }, "original": { @@ -651,27 +522,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1734600368, - "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1735286948, - "narHash": "sha256-JMRV2RI58nV1UqLXqm+lcea1/dr92fYjWU5S+Rz3fmE=", + "lastModified": 1733730953, + "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=", "owner": "nixos", "repo": "nixpkgs", - "rev": "31ac92f9628682b294026f0860e14587a09ffb4b", + "rev": "7109b680d161993918b0a126f38bc39763e5a709", "type": "github" }, "original": { @@ -683,11 +538,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1734829510, - "narHash": "sha256-hb2GwIHunYTjo8d1zBfSC5v46IEY5UZWQdR5R1omvmE=", + "lastModified": 1733805440, + "narHash": "sha256-AQdCeGt3dMV9/cchlWGMcP0Z8qM47V+B0p7cSRr+HhA=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "2ad7f9f3c996dd9838a4f68941bcbeed2807b150", + "rev": "61b1078fca3a097ce06ada68a6f2766347eed02c", "type": "github" }, "original": { @@ -699,11 +554,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1735291276, - "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", + "lastModified": 1733581040, + "narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", + "rev": "22c3f2cf41a0e70184334a958e6b124fb0ce3e01", "type": "github" }, "original": { @@ -746,11 +601,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1735337462, - "narHash": "sha256-B+PNIYtTmgnTV/wdA/qrYohmeBHaYrDwVAueODdvtlo=", + "lastModified": 1733805328, + "narHash": "sha256-5F49/mOzFb40uUZh71uNr7kBXjDCw5ZfHMbpZjjUVBQ=", "owner": "nix-community", "repo": "NUR", - "rev": "538f624930cdfb852e4e3dd055f79e932d5b3c16", + "rev": "b54fa3d8c020e077d88be036a12a711b84fe2031", "type": "github" }, "original": { @@ -759,33 +614,10 @@ "type": "github" } }, - "nuscht-search": { - "inputs": { - "flake-utils": "flake-utils", - "ixx": "ixx", - "nixpkgs": [ - "catppuccin", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733773348, - "narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=", - "owner": "NuschtOS", - "repo": "search", - "rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9", - "type": "github" - }, - "original": { - "owner": "NuschtOS", - "repo": "search", - "type": "github" - } - }, "nuschtosSearch": { "inputs": { - "flake-utils": "flake-utils_4", - "ixx": "ixx_2", + "flake-utils": "flake-utils_3", + "ixx": "ixx", "nixpkgs": [ "my-nixvim", "nixvim", @@ -810,16 +642,15 @@ "inputs": { "catppuccin": "catppuccin", "colmena": "colmena", - "comin": "comin", "disko": "disko", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_2", "home-manager": "home-manager", "my-nixvim": "my-nixvim", "nix-index-database": "nix-index-database", "nix-vscode-extensions": "nix-vscode-extensions", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable_2", + "nixpkgs-stable": "nixpkgs-stable", "nur": "nur", "sops-nix": "sops-nix" } @@ -831,11 +662,11 @@ ] }, "locked": { - "lastModified": 1734546875, - "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=", + "lastModified": 1733785344, + "narHash": "sha256-pm4cfEcPXripE36PYCl0A2Tu5ruwHEvTee+HzNk+SQE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d", + "rev": "a80af8929781b5fe92ddb8ae52e9027fae780d2a", "type": "github" }, "original": { @@ -890,21 +721,6 @@ "type": "github" } }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "treefmt-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 27f8265..4da0466 100644 --- a/flake.nix +++ b/flake.nix @@ -49,19 +49,12 @@ catppuccin = { url = "github:catppuccin/nix"; - inputs.nixpkgs.follows = "nixpkgs"; - inputs.home-manager.follows = "home-manager"; }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; - - comin = { - url = "github:xinyangli/comin"; - inputs.nixpkgs.follows = "nixpkgs"; - }; }; outputs = @@ -79,7 +72,6 @@ colmena, nix-index-database, disko, - comin, ... }: let @@ -115,7 +107,6 @@ sharedNixosModules = [ self.nixosModules.default sops-nix.nixosModules.sops - comin.nixosModules.comin ]; nodeNixosModules = { calcite = [ @@ -336,6 +327,7 @@ packages = with pkgs; [ nix git + colmena.packages.${system}.colmena sops nix-output-monitor nil diff --git a/garnix.yaml b/garnix.yaml index 630fac6..38563a7 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -1,19 +1,10 @@ builds: - - include: - - '*.x86_64-linux.*' - - defaultPackage.x86_64-linux - - devShell.x86_64-linux - - homeConfigurations.x86_64-linux.* - - homeConfigurations.aarch64-linux.* - - darwinConfigurations.* - - nixosConfigurations.* - branch: deploy - - include: - - '*.x86_64-linux.*' - - defaultPackage.x86_64-linux - - devShell.x86_64-linux - - homeConfigurations.x86_64-linux.* - - homeConfigurations.aarch64-linux.* - - darwinConfigurations.* - - nixosConfigurations.* - branch: next + include: + - '*.x86_64-linux.*' + - defaultPackage.x86_64-linux + - devShell.x86_64-linux + - homeConfigurations.x86_64-linux.* + - homeConfigurations.aarch64-linux.* + - darwinConfigurations.* + - nixosConfigurations.* + diff --git a/home/default.nix b/home/default.nix index ea2911a..ddd31bf 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,6 +1,5 @@ { xin = { calcite = import ./xin/calcite.nix; - gold = import ./xin/gold; }; } diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index c834d39..d90cc4d 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -108,12 +108,10 @@ in xdg.systemDirs.data = [ "/usr/share" + "/var/lib/flatpak/exports/share" + "${homeDirectory}/.local/share/flatpak/exports/share" ]; - xdg.configFile."distrobox/distrobox.conf".text = '' - container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro" - ''; - programs.man.generateCaches = false; programs.atuin = { diff --git a/home/xin/raspite/default.nix b/home/xin/raspite/default.nix new file mode 100644 index 0000000..888383c --- /dev/null +++ b/home/xin/raspite/default.nix @@ -0,0 +1,25 @@ +{ config, pkgs, ... }: +{ + imports = [ ../common ]; + + home.username = "xin"; + home.homeDirectory = "/home/xin"; + home.stateVersion = "23.05"; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; + + accounts.email.accounts.gmail = { + primary = true; + address = "lixinyang411@gmail.com"; + flavor = "gmail.com"; + }; + + accounts.email.accounts.whu = { + address = "lixinyang411@whu.edu.cn"; + }; + + accounts.email.accounts.foxmail = { + address = "lixinyang411@foxmail.com"; + }; +} diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 9a70f52..c5afb73 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -20,7 +20,6 @@ in nix = { signing.enable = true; }; - comin.enable = true; }; # Bootloader. @@ -152,18 +151,11 @@ in services.keyd = { enable = true; keyboards = { - default = { - ids = [ "*" ]; - settings = { - main = { - capslock = "overload(control, esc)"; - }; - }; - }; "internal" = { ids = [ "0b05:1866" ]; settings = { main = { + capslock = "overload(control, esc)"; leftcontrol = "capslock"; }; }; @@ -177,6 +169,17 @@ in }; }; }; + "keydous" = { + ids = [ + "25a7:fa14" + "3151:4002" + ]; + settings = { + main = { + capslock = "overload(control, esc)"; + }; + }; + }; }; }; @@ -298,7 +301,6 @@ in zotero # onlyoffice-bin - # wemeet wemeet virt-manager diff --git a/machines/dolomite/common.nix b/machines/dolomite/common.nix index 0b80ae4..65b10c7 100644 --- a/machines/dolomite/common.nix +++ b/machines/dolomite/common.nix @@ -37,7 +37,6 @@ commonSettings = { auth.enable = true; - comin.enable = true; proxyServer = { enable = true; users = [ diff --git a/machines/thorite/default.nix b/machines/thorite/default.nix index 2ea7cf4..f2de662 100644 --- a/machines/thorite/default.nix +++ b/machines/thorite/default.nix @@ -37,7 +37,6 @@ commonSettings = { auth.enable = true; - comin.enable = true; }; nixpkgs.system = "x86_64-linux"; diff --git a/machines/thorite/monitoring.nix b/machines/thorite/monitoring.nix index afb0b6e..981fd14 100644 --- a/machines/thorite/monitoring.nix +++ b/machines/thorite/monitoring.nix @@ -12,7 +12,6 @@ let hedgedocDomain grafanaUrl ntfyUrl - internalDomain ; removeHttps = s: lib.removePrefix "https://" s; in @@ -59,22 +58,7 @@ in node.enable = true; }; ruleModules = - [ - { - name = "comin_rules"; - rules = [ - { - alert = "CominBuildFailed"; - expr = "comin_build_info != 1"; - for = "1m"; - labels = { - severity = "critical"; - }; - } - ]; - } - ] - ++ (mkCaddyRules [ { host = "thorite"; } ]) + (mkCaddyRules [ { host = "thorite"; } ]) ++ (mkNodeRules [ { host = "thorite"; } ]) ++ (mkBlackboxRules [ { host = "thorite"; } ]); }; @@ -97,24 +81,7 @@ in ]; passwordFile = config.sops.secrets."prometheus/metrics_password".path; in - [ - { - job_name = "comin"; - scheme = "http"; - static_configs = [ - { - targets = map (host: "${host}.${internalDomain}:4243") [ - "weilite" - "thorite" - "la-00" - "hk-00" - "fra-00" - ]; - } - ]; - } - ] - ++ (mkScrapes [ + (mkScrapes [ { name = "immich"; scheme = "http"; diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index cb5804b..9d8cd04 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -12,13 +12,6 @@ ./services ]; - options = { - node = lib.mkOption { - type = lib.types.attrs; - default = { }; - }; - }; - config = { networking.hostName = "weilite"; commonSettings = { @@ -26,10 +19,6 @@ nix = { enable = true; }; - comin.enable = true; - }; - node = { - mediaDir = "/mnt/nixos/media"; }; boot = { @@ -44,19 +33,12 @@ "usb_storage" "sd_mod" ]; - kernelModules = [ - "kvm-intel" - ]; - kernelPackages = pkgs.linuxPackages_6_12; + kernelModules = [ "kvm-intel" ]; }; nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ - pkgs.virtiofsd - pkgs.intel-gpu-tools - pkgs.pciutils - ]; + environment.systemPackages = [ pkgs.virtiofsd ]; sops = { defaultSopsFile = ./secrets.yaml; @@ -106,46 +88,21 @@ wantedBy = [ "immich-server.service" ]; } { - what = "nixos"; - where = "/mnt/nixos"; + what = "restic"; + where = "/var/lib/restic"; type = "virtiofs"; options = "rw,nodev,nosuid"; - } - - { - what = "/mnt/nixos/ocis"; - where = "/var/lib/ocis"; - options = "bind"; - after = [ "mnt-nixos.mount" ]; - wantedBy = [ "ocis.service" ]; - } - { - what = "/mnt/nixos/restic"; - where = "/var/lib/restic"; - options = "bind"; - after = [ "mnt-nixos.mount" ]; wantedBy = [ "restic-rest-server.service" ]; } { - what = "/mnt/nixos/immich"; - where = "/var/lib/immich"; - options = "bind"; - after = [ "mnt-nixos.mount" ]; - wantedBy = [ "immich-server.service" ]; + what = "ocis"; + where = "/var/lib/ocis"; + type = "virtiofs"; + options = "rw,nodev,nosuid"; + wantedBy = [ "ocis.service" ]; } ]; - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver - intel-vaapi-driver - vaapiVdpau - intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) - intel-media-sdk # QSV up to 11th gen - ]; - }; - services.openssh.ports = [ 22 2222 diff --git a/machines/weilite/secrets.yaml b/machines/weilite/secrets.yaml index b5c3aa5..0394a80 100644 --- a/machines/weilite/secrets.yaml +++ b/machines/weilite/secrets.yaml @@ -4,8 +4,6 @@ immich: oauth_client_secret: ENC[AES256_GCM,data:EFs2hPjGMj0idwY3oQVIDTOIWkdwoAoAVjDQE9Z2eAKzUDH3grmYpYE+33V8d/Ux,iv:A9cjwFr/ZqltG62/N8MQ1LhdDbSIVVAqIPVB492zYJw=,tag:VTTtE697BZTVsI32UF53/w==,type:str] restic: localpass: ENC[AES256_GCM,data:GIQAmkpDmGu4+sSG5/b5yQ==,iv:dcu6F8NnVjeQzEG2vM3fOV5owI0PWc86ts20UP3vN18=,tag:vsG8x062FG1pH5YNcAajeg==,type:str] -transmission: - rpc-password: ENC[AES256_GCM,data:4dumy0hygGOuwU3ANky3xEKRDRBAJWE=,iv:HVV2J+F8HndHZNsMD2YmkWrJOzk5JIapGd0SuQP8VqU=,tag:xqp5pxh5cYYogA4alrmIfg==,type:str] sops: kms: [] gcp_kms: [] @@ -30,8 +28,8 @@ sops: V0thRjU4WGpQRGFpcnoxSjZTZHhTTkUKzNMHh9p7GUY3hL5XZ9S4x20CwaItsXFV RKujsFVVBd8Kuq/jyOCBTRCscuHI4LW/wYeZYHFEZFSTK2liAqspgw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-25T00:35:15Z" - mac: ENC[AES256_GCM,data:sk4DL+w740RD9A3sPvcGD4fc90Nfw9C8dH11ScGRgt6gS3v4V16pD0Q/bHHZiUCll76phZKjp+sGcZaPw0X7RDlK582WY3uw0pLtqLlm0gejjmvBJYKg47nA0dCD+vDvbMkJlvJG6N3sRuXDBa/7bAe452eXZNS8Xnm7ceDscVc=,iv:Nx4yCfG9rNk0q8akuI1aZr6Wj4GIAxASE8Tc7TH4Vj8=,tag:GodvlMbhIPpPu062spKFxA==,type:str] + lastmodified: "2024-12-03T05:59:51Z" + mac: ENC[AES256_GCM,data:0dLbfkm7fJvH5Mmct0/qHulg2AtDCeeeOgWMXfeGRUaX3GlLDiLga0zW4uNPDuahVecdh6ofvYfBOxFaGUdBCHk9vq5GzrwrzBNhqObWQ3AqVuq5rjqSxEKoFM4Eb5qoqaOefFzT/9qC94NDETTsHhjiEeIgd4fgSr2dazNiFPE=,iv:Ggw0FHzkrhKh5Uzo3seHGwwHsWW/tTAgAl0iIq9PVk4=,tag:rJvUI5/wsLJ01XyKmkRghw==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.2 + version: 3.9.1 diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix index ca5ee33..0a6e4ca 100644 --- a/machines/weilite/services/default.nix +++ b/machines/weilite/services/default.nix @@ -4,7 +4,5 @@ ./restic.nix ./media-download.nix ./immich.nix - ./jellyfin.nix - ./transmission.nix ]; } diff --git a/machines/weilite/services/immich.nix b/machines/weilite/services/immich.nix index 0b97f5c..33a98d3 100644 --- a/machines/weilite/services/immich.nix +++ b/machines/weilite/services/immich.nix @@ -46,6 +46,7 @@ in services.immich = { enable = true; + mediaLocation = "/mnt/XinPhotos/immich"; host = "127.0.0.1"; port = 3001; openFirewall = true; diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix deleted file mode 100644 index 025386b..0000000 --- a/machines/weilite/services/jellyfin.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: -let - cfg = config.services.jellyfin; -in -{ - services.jellyfin.enable = true; - - systemd.services.jellyfin.serviceConfig = { - BindReadOnlyPaths = [ - "/mnt/nixos/media:${cfg.dataDir}/media" - ]; - }; - - environment.systemPackages = with pkgs; [ - jellyfin - jellyfin-web - jellyfin-ffmpeg - ]; - services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = '' - reverse_proxy 127.0.0.1:8096 - ''; - networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan - users.users.jellyfin.extraGroups = [ "render" ]; - users.groups.media.members = [ cfg.user ]; -} diff --git a/machines/weilite/services/media-download.nix b/machines/weilite/services/media-download.nix index a161931..6f22744 100644 --- a/machines/weilite/services/media-download.nix +++ b/machines/weilite/services/media-download.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ pkgs, ... }: { services.jackett = { enable = true; @@ -27,9 +27,4 @@ services.radarr = { enable = true; }; - - users.groups.media.members = [ - config.services.sonarr.user - config.services.radarr.user - ]; } diff --git a/machines/weilite/services/transmission.nix b/machines/weilite/services/transmission.nix deleted file mode 100644 index b025819..0000000 --- a/machines/weilite/services/transmission.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ config, pkgs, ... }: -let - cfg = config.services.transmission; -in -{ - sops.secrets = { - "transmission/rpc-password" = { }; - }; - - sops.templates."transmission-cred.json" = { - content = builtins.toJSON { - rpc-password = config.sops.placeholder."transmission/rpc-password"; - }; - }; - - services.transmission = { - enable = true; - package = pkgs.transmission_4; - openPeerPorts = true; - credentialsFile = config.sops.templates."transmission-cred.json".path; - settings = { - download-dir = "/mnt/nixos/media"; - incomplete-dir = "/mnt/nixos/transmission/incomplete"; - alt-speed-down = 40960; - alt-speed-enabled = true; - alt-speed-time-begin = 60; - alt-speed-time-day = 127; - alt-speed-time-enabled = true; - alt-speed-time-end = 420; - alt-speed-up = 4096; - bind-address-ipv4 = "0.0.0.0"; - bind-address-ipv6 = "::"; - download-queue-enabled = true; - download-queue-size = 10; - incomplete-dir-enabled = true; - lpd-enabled = false; - message-level = 4; - peer-congestion-algorithm = ""; - peer-id-ttl-hours = 6; - peer-limit-global = 200; - peer-limit-per-torrent = 50; - peer-port = 51413; - peer-socket-tos = "cs1"; - pex-enabled = true; - preallocation = 1; - prefetch-enabled = true; - queue-stalled-enabled = true; - queue-stalled-minutes = 30; - rename-partial-files = true; - rpc-bind-address = "127.0.0.1"; - rpc-enabled = true; - rpc-authentication-required = true; - rpc-port = 9092; - rpc-username = "xin"; - rpc-whitelist = "127.0.0.1"; - speed-limit-down = 20480; - speed-limit-down-enabled = true; - speed-limit-up = 3072; - speed-limit-up-enabled = true; - start-added-torrents = true; - watch-dir-enabled = false; - }; - }; - services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:9091".extraConfig = '' - reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port} - ''; - networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan - users.groups.media.members = [ cfg.user ]; -} diff --git a/modules/home-manager/gui/themes.nix b/modules/home-manager/gui/themes.nix index 6278692..ad0de1c 100644 --- a/modules/home-manager/gui/themes.nix +++ b/modules/home-manager/gui/themes.nix @@ -13,10 +13,6 @@ name = "Catppuccin-GTK-Dark"; package = pkgs.magnetic-catppuccin-gtk; }; - iconTheme = { - name = "Qogir"; - package = pkgs.qogir-icon-theme; - }; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; }; diff --git a/modules/home-manager/gui/waybar.nix b/modules/home-manager/gui/waybar.nix index 66b9ecb..3890a00 100644 --- a/modules/home-manager/gui/waybar.nix +++ b/modules/home-manager/gui/waybar.nix @@ -44,6 +44,8 @@ in modules-right = [ "network#speed" "custom/separator" + "network#if" + "custom/separator" "pulseaudio" "custom/separator" "memory" @@ -119,6 +121,22 @@ in format = " {percentage}%"; }; + "network#if" = { + format = "{ifname}"; + format-disconnected = "󰌙"; + format-ethernet = "󰌘"; + format-linked = "{ifname} (No IP) 󰈁"; + format-wifi = "{icon}"; + format-icons = [ + "󰤯" + "󰤟" + "󰤢" + "󰤥" + "󰤨" + ]; + interval = 10; + }; + "network#speed" = { format = "{ifname}"; format-disconnected = "󰌙"; diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix deleted file mode 100644 index 70a23ee..0000000 --- a/modules/nixos/common-settings/comin.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - ... -}: -let - inherit (lib) - mkEnableOption - mkIf - ; - - cfg = config.commonSettings.comin; -in -{ - options.commonSettings.comin = { - enable = mkEnableOption "auto updater with comin"; - }; - - config = { - services.comin = mkIf cfg.enable { - enable = true; - remotes = [ - { - name = "origin"; - url = "https://github.com/xinyangli/nixos-config.git"; - branches.main.name = "deploy-comin"; - } - ]; - hostname = config.networking.hostName; - }; - }; -} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 33929ce..d2f210d 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -2,7 +2,6 @@ imports = [ ./common-settings/auth.nix ./common-settings/autoupgrade.nix - ./common-settings/comin.nix ./common-settings/nix-conf.nix ./common-settings/proxy-server.nix ./common-settings/mainland.nix diff --git a/modules/nixos/monitor/exporters.nix b/modules/nixos/monitor/exporters.nix index d0e006f..56750ef 100644 --- a/modules/nixos/monitor/exporters.nix +++ b/modules/nixos/monitor/exporters.nix @@ -11,7 +11,7 @@ let in { config = { - systemd.services.tailscaled.before = + systemd.services.tailscaled.after = (lib.optional cfg.node.enable "prometheus-node-exporters.service") ++ (lib.optional cfg.blackbox.enable "prometheus-blackbox-exporters.service") ++ (lib.optional config.services.caddy.enable "caddy.service"); diff --git a/overlays/my-lib/settings.nix b/overlays/my-lib/settings.nix index be97568..46bdb04 100644 --- a/overlays/my-lib/settings.nix +++ b/overlays/my-lib/settings.nix @@ -16,7 +16,5 @@ prometheusCollectors = [ "thorite.coho-tet.ts.net" ]; - - internalDomain = "coho-tet.ts.net"; }; }