From 6fe7504460c6bd50e2f422ba3da118c7dbb7c3da Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 18:03:12 +0800 Subject: [PATCH 01/27] ci: eval deploy --- .github/workflows/eval.yaml | 51 +++++++++++++++++++++++++++++++++++++ flake.lock | 4 +-- flake.nix | 18 ++++++++----- 3 files changed, 65 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/eval.yaml diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml new file mode 100644 index 0000000..528dd53 --- /dev/null +++ b/.github/workflows/eval.yaml @@ -0,0 +1,51 @@ +name: Eval NixOS Configurations + +on: + push: + branches: + - deploy + workflow_dispatch: + +permissions: + contents: write + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + ref: deploy + + - name: Install Nix + uses: cachix/install-nix-action@v25 + + - name: Configure Git + run: | + git config --global user.name "GitHub Actions Bot" + git config --global user.email "actions@github.com" + + - name: Process Configurations + run: | + git checkout -b deploy-comin-eval + mkdir -p eval + hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]') + echo "Found hosts: $hosts" + + for host in $hosts; do + echo "Eval derivation for $host" + if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + echo "❌ Failed to evaluate $host" + else + echo "✅ Successfully evaluated $host" + fi + done + + echo "Total hosts: $(echo "$hosts" | wc -w)" + echo "Failed hosts: $failed_hosts" + + git add eval/ + git commit -m "Update deployment configurations for all hosts" + + git push origin deploy-comin-eval diff --git a/flake.lock b/flake.lock index f46f16e..8b8ea79 100644 --- a/flake.lock +++ b/flake.lock @@ -382,11 +382,11 @@ "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa", "revCount": 20, "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" }, "original": { "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" } }, "nix-darwin": { diff --git a/flake.nix b/flake.nix index d01cdba..4da0466 100644 --- a/flake.nix +++ b/flake.nix @@ -43,7 +43,7 @@ }; my-nixvim = { - url = "git+https://git.xinyang.life/xin/nixvim"; + url = "git+https://git.xiny.li/xin/nixvim"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -286,16 +286,22 @@ { imports = nodeNixosModules.biotite ++ sharedColmenaModules; }; + + osmium = + { ... }: + { + deployment = { + targetHost = "osmium.coho-tet.ts.net"; + buildOnTarget = false; + }; + imports = nodeNixosModules.osmium ++ sharedColmenaModules; + }; }; nixosConfigurations = { calcite = mkNixos { hostname = "calcite"; }; - - osmium = mkNixos { - hostname = "osmium"; - }; } // self.colmenaHive.nodes; } @@ -305,7 +311,7 @@ pkgs = nixpkgs.legacyPackages.${system}; mkHomeConfiguration = user: host: { - name = user; + name = "${user}-${host}"; value = home-manager.lib.homeManagerConfiguration { inherit pkgs; modules = [ From 9b9d923a2537b9e53e68adaeaec94cc4ae8d784a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 18:03:12 +0800 Subject: [PATCH 02/27] ci: eval deploy --- .github/workflows/eval.yaml | 53 +++++++++++++++++++++++++++++++++++++ flake.lock | 4 +-- flake.nix | 18 ++++++++----- 3 files changed, 67 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/eval.yaml diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml new file mode 100644 index 0000000..90a9897 --- /dev/null +++ b/.github/workflows/eval.yaml @@ -0,0 +1,53 @@ +name: Eval NixOS Configurations + +on: + push: + branches: + - deploy + workflow_dispatch: + +permissions: + contents: write + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + ref: deploy + + - name: Install Nix + uses: cachix/install-nix-action@v25 + + - name: Configure Git + run: | + git config --global user.name "GitHub Actions Bot" + git config --global user.email "actions@github.com" + + - name: Process Configurations + run: | + git checkout -b deploy-comin-eval + mkdir -p eval + hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]') + echo "Found hosts: $hosts" + + failed_hosts="" + for host in $hosts; do + echo "Eval derivation for $host" + if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + echo "❌ Failed to evaluate $host" + failed_hosts+="$host " + rm "eval/$host.json" + else + echo "✅ Successfully evaluated $host" + fi + done + + echo "Failed hosts: $failed_hosts" + + git add eval/ + git commit -m "Update deployment configurations for all hosts" + + git push origin deploy-comin-eval diff --git a/flake.lock b/flake.lock index f46f16e..8b8ea79 100644 --- a/flake.lock +++ b/flake.lock @@ -382,11 +382,11 @@ "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa", "revCount": 20, "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" }, "original": { "type": "git", - "url": "https://git.xinyang.life/xin/nixvim" + "url": "https://git.xiny.li/xin/nixvim" } }, "nix-darwin": { diff --git a/flake.nix b/flake.nix index d01cdba..4da0466 100644 --- a/flake.nix +++ b/flake.nix @@ -43,7 +43,7 @@ }; my-nixvim = { - url = "git+https://git.xinyang.life/xin/nixvim"; + url = "git+https://git.xiny.li/xin/nixvim"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -286,16 +286,22 @@ { imports = nodeNixosModules.biotite ++ sharedColmenaModules; }; + + osmium = + { ... }: + { + deployment = { + targetHost = "osmium.coho-tet.ts.net"; + buildOnTarget = false; + }; + imports = nodeNixosModules.osmium ++ sharedColmenaModules; + }; }; nixosConfigurations = { calcite = mkNixos { hostname = "calcite"; }; - - osmium = mkNixos { - hostname = "osmium"; - }; } // self.colmenaHive.nodes; } @@ -305,7 +311,7 @@ pkgs = nixpkgs.legacyPackages.${system}; mkHomeConfiguration = user: host: { - name = user; + name = "${user}-${host}"; value = home-manager.lib.homeManagerConfiguration { inherit pkgs; modules = [ From 2b2aa11c52f0765de7f30ff30df8a3558727992b Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 19:36:28 +0800 Subject: [PATCH 03/27] calcite: test comin --- flake.lock | 21 +++++++++++++++++++++ flake.nix | 7 +++++++ machines/calcite/configuration.nix | 14 +++++++++++++- 3 files changed, 41 insertions(+), 1 deletion(-) diff --git a/flake.lock b/flake.lock index 8b8ea79..4713bdb 100644 --- a/flake.lock +++ b/flake.lock @@ -39,6 +39,26 @@ "type": "github" } }, + "comin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1734693645, + "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=", + "owner": "xinyangli", + "repo": "comin", + "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190", + "type": "github" + }, + "original": { + "owner": "xinyangli", + "repo": "comin", + "type": "github" + } + }, "devshell": { "inputs": { "nixpkgs": [ @@ -642,6 +662,7 @@ "inputs": { "catppuccin": "catppuccin", "colmena": "colmena", + "comin": "comin", "disko": "disko", "flake-utils": "flake-utils_2", "home-manager": "home-manager", diff --git a/flake.nix b/flake.nix index 4da0466..becf4ba 100644 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,11 @@ url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; + + comin = { + url = "github:xinyangli/comin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = @@ -72,6 +77,7 @@ colmena, nix-index-database, disko, + comin, ... }: let @@ -114,6 +120,7 @@ catppuccin.nixosModules.catppuccin machines/calcite/configuration.nix (mkHome "xin" "calcite") + comin.nixosModules.comin ]; hk-00 = [ ./machines/dolomite/claw.nix diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index c5afb73..c8e4e4a 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -15,6 +15,18 @@ in ../sops.nix ]; + services.comin = { + enable = true; + remotes = [ + { + name = "origin"; + url = "https://github.com/xinyangli/nixos-config.git"; + branches.main.name = "deploy-comin-eval"; + } + ]; + hostname = config.networking.hostName; + }; + commonSettings = { # auth.enable = true; nix = { @@ -176,7 +188,7 @@ in ]; settings = { main = { - capslock = "overload(control, esc)"; + leftcontrol = "overload(control, esc)"; }; }; }; From 872849c87567adab55573b514bc5f23f4d0611a6 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Fri, 20 Dec 2024 20:33:35 +0800 Subject: [PATCH 04/27] calcite: drop flatpak --- home/xin/calcite.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/home/xin/calcite.nix b/home/xin/calcite.nix index d90cc4d..c834d39 100644 --- a/home/xin/calcite.nix +++ b/home/xin/calcite.nix @@ -108,10 +108,12 @@ in xdg.systemDirs.data = [ "/usr/share" - "/var/lib/flatpak/exports/share" - "${homeDirectory}/.local/share/flatpak/exports/share" ]; + xdg.configFile."distrobox/distrobox.conf".text = '' + container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro" + ''; + programs.man.generateCaches = false; programs.atuin = { From ade0694d14775369e1c2c1f0aa93d90ce7203fc6 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 20:51:56 +0800 Subject: [PATCH 05/27] modules/comin: init --- .github/workflows/eval.yaml | 2 +- modules/nixos/common-settings/comin.nix | 32 +++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 modules/nixos/common-settings/comin.nix diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 90a9897..1997213 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -36,7 +36,7 @@ jobs: failed_hosts="" for host in $hosts; do echo "Eval derivation for $host" - if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then + if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then echo "❌ Failed to evaluate $host" failed_hosts+="$host " rm "eval/$host.json" diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix new file mode 100644 index 0000000..3d543f2 --- /dev/null +++ b/modules/nixos/common-settings/comin.nix @@ -0,0 +1,32 @@ +{ + config, + lib, + ... +}: +let + inherit (lib) + mkEnableOption + mkIf + ; + + cfg = config.commonSettings.comin; +in +{ + options.commonSettings.comin = { + enable = mkEnableOption "auto updater with comin"; + }; + + config = { + services.comin = mkIf cfg.enable { + enable = true; + remotes = [ + { + name = "origin"; + url = "https://github.com/xinyangli/nixos-config.git"; + branches.main.name = "deploy-comin-eval"; + } + ]; + hostname = config.networking.hostName; + }; + }; +} From 49520149ab8f3c2862e78e64f9f849232c5f5b1e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 20:52:27 +0800 Subject: [PATCH 06/27] calcite,weilite: use comin to auto update --- .github/workflows/eval.yaml | 6 ++---- flake.nix | 2 +- machines/calcite/configuration.nix | 13 +----------- machines/weilite/default.nix | 29 ++++++++++++++++++++++---- machines/weilite/services/default.nix | 1 + machines/weilite/services/jellyfin.nix | 15 +++++++++++++ modules/nixos/default.nix | 1 + 7 files changed, 46 insertions(+), 21 deletions(-) create mode 100644 machines/weilite/services/jellyfin.nix diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 1997213..494704f 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -1,10 +1,8 @@ name: Eval NixOS Configurations on: - push: - branches: - - deploy - workflow_dispatch: + check_suite: + types: [completed] permissions: contents: write diff --git a/flake.nix b/flake.nix index becf4ba..a1362f8 100644 --- a/flake.nix +++ b/flake.nix @@ -113,6 +113,7 @@ sharedNixosModules = [ self.nixosModules.default sops-nix.nixosModules.sops + comin.nixosModules.comin ]; nodeNixosModules = { calcite = [ @@ -120,7 +121,6 @@ catppuccin.nixosModules.catppuccin machines/calcite/configuration.nix (mkHome "xin" "calcite") - comin.nixosModules.comin ]; hk-00 = [ ./machines/dolomite/claw.nix diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index c8e4e4a..a3c84c4 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -15,23 +15,12 @@ in ../sops.nix ]; - services.comin = { - enable = true; - remotes = [ - { - name = "origin"; - url = "https://github.com/xinyangli/nixos-config.git"; - branches.main.name = "deploy-comin-eval"; - } - ]; - hostname = config.networking.hostName; - }; - commonSettings = { # auth.enable = true; nix = { signing.enable = true; }; + comin.enable = true; }; # Bootloader. diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index 9d8cd04..bae1b92 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -19,6 +19,7 @@ nix = { enable = true; }; + comin.enable = true; }; boot = { @@ -38,7 +39,10 @@ nixpkgs.config.allowUnfree = true; - environment.systemPackages = [ pkgs.virtiofsd ]; + environment.systemPackages = [ + pkgs.virtiofsd + pkgs.intel-gpu-tools + ]; sops = { defaultSopsFile = ./secrets.yaml; @@ -94,15 +98,32 @@ options = "rw,nodev,nosuid"; wantedBy = [ "restic-rest-server.service" ]; } + # { + # what = "ocis"; + # where = "/var/lib/ocis"; + # type = "virtiofs"; + # options = "rw,nodev,nosuid"; + # wantedBy = [ "ocis.service" ]; + # } { - what = "ocis"; - where = "/var/lib/ocis"; + what = "media"; + where = "/var/lib/jellyfin/media"; type = "virtiofs"; options = "rw,nodev,nosuid"; - wantedBy = [ "ocis.service" ]; } ]; + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + intel-vaapi-driver + vaapiVdpau + intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + intel-media-sdk # QSV up to 11th gen + ]; + }; + services.openssh.ports = [ 22 2222 diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix index 0a6e4ca..5a5cc25 100644 --- a/machines/weilite/services/default.nix +++ b/machines/weilite/services/default.nix @@ -4,5 +4,6 @@ ./restic.nix ./media-download.nix ./immich.nix + ./jellyfin.nix ]; } diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix new file mode 100644 index 0000000..d321de5 --- /dev/null +++ b/machines/weilite/services/jellyfin.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: +{ + services.jellyfin.enable = true; + + environment.systemPackages = with pkgs; [ + jellyfin + jellyfin-web + jellyfin-ffmpeg + ]; + services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = '' + reverse_proxy 127.0.0.1:8096 + ''; + networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan + users.users.jellyfin.extraGroups = [ "render" ]; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index d2f210d..33929ce 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -2,6 +2,7 @@ imports = [ ./common-settings/auth.nix ./common-settings/autoupgrade.nix + ./common-settings/comin.nix ./common-settings/nix-conf.nix ./common-settings/proxy-server.nix ./common-settings/mainland.nix From cc9d6c362d67dc79c7c92fd17e351d22640787c0 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:13:25 +0800 Subject: [PATCH 07/27] ci: use garnix cache in ci --- .github/workflows/eval.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 494704f..63c71ec 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -18,6 +18,10 @@ jobs: - name: Install Nix uses: cachix/install-nix-action@v25 + with: + extra_nix_conf: | + extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= + extra-substituters = https://cache.garnix.io - name: Configure Git run: | From 3059bdce30bb4bdf78abd419227a24019f37881b Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:18:33 +0800 Subject: [PATCH 08/27] home: cleanup profiles --- home/default.nix | 1 + home/xin/raspite/default.nix | 25 ------------------------- 2 files changed, 1 insertion(+), 25 deletions(-) delete mode 100644 home/xin/raspite/default.nix diff --git a/home/default.nix b/home/default.nix index ddd31bf..ea2911a 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,6 @@ { xin = { calcite = import ./xin/calcite.nix; + gold = import ./xin/gold; }; } diff --git a/home/xin/raspite/default.nix b/home/xin/raspite/default.nix deleted file mode 100644 index 888383c..0000000 --- a/home/xin/raspite/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, pkgs, ... }: -{ - imports = [ ../common ]; - - home.username = "xin"; - home.homeDirectory = "/home/xin"; - home.stateVersion = "23.05"; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; - - accounts.email.accounts.gmail = { - primary = true; - address = "lixinyang411@gmail.com"; - flavor = "gmail.com"; - }; - - accounts.email.accounts.whu = { - address = "lixinyang411@whu.edu.cn"; - }; - - accounts.email.accounts.foxmail = { - address = "lixinyang411@foxmail.com"; - }; -} From c3934c2b56022e8d99a21c1f859c988198babce1 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:19:53 +0800 Subject: [PATCH 09/27] hm/waybar: fix missing icon and remove unused tray icon --- modules/home-manager/gui/themes.nix | 4 ++++ modules/home-manager/gui/waybar.nix | 18 ------------------ 2 files changed, 4 insertions(+), 18 deletions(-) diff --git a/modules/home-manager/gui/themes.nix b/modules/home-manager/gui/themes.nix index ad0de1c..6278692 100644 --- a/modules/home-manager/gui/themes.nix +++ b/modules/home-manager/gui/themes.nix @@ -13,6 +13,10 @@ name = "Catppuccin-GTK-Dark"; package = pkgs.magnetic-catppuccin-gtk; }; + iconTheme = { + name = "Qogir"; + package = pkgs.qogir-icon-theme; + }; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; }; diff --git a/modules/home-manager/gui/waybar.nix b/modules/home-manager/gui/waybar.nix index 3890a00..66b9ecb 100644 --- a/modules/home-manager/gui/waybar.nix +++ b/modules/home-manager/gui/waybar.nix @@ -44,8 +44,6 @@ in modules-right = [ "network#speed" "custom/separator" - "network#if" - "custom/separator" "pulseaudio" "custom/separator" "memory" @@ -121,22 +119,6 @@ in format = " {percentage}%"; }; - "network#if" = { - format = "{ifname}"; - format-disconnected = "󰌙"; - format-ethernet = "󰌘"; - format-linked = "{ifname} (No IP) 󰈁"; - format-wifi = "{icon}"; - format-icons = [ - "󰤯" - "󰤟" - "󰤢" - "󰤥" - "󰤨" - ]; - interval = 10; - }; - "network#speed" = { format = "{ifname}"; format-disconnected = "󰌙"; From 133e70967fcff465535442585e3ad664f4beb21a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:34:44 +0800 Subject: [PATCH 10/27] ci: point branch 'deploy-comin' to successful evaluations --- .github/workflows/eval.yaml | 4 ++++ modules/nixos/common-settings/comin.nix | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 63c71ec..1e2d0bd 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -53,3 +53,7 @@ jobs: git commit -m "Update deployment configurations for all hosts" git push origin deploy-comin-eval + + # After success, reset deploy-comin to new deploy + git checkout -b deploy-comin + git reset --hard deploy diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix index 3d543f2..70a23ee 100644 --- a/modules/nixos/common-settings/comin.nix +++ b/modules/nixos/common-settings/comin.nix @@ -23,7 +23,7 @@ in { name = "origin"; url = "https://github.com/xinyangli/nixos-config.git"; - branches.main.name = "deploy-comin-eval"; + branches.main.name = "deploy-comin"; } ]; hostname = config.networking.hostName; From 5220cceda806929ae5e9fd274ef18e16c61e6f38 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:39:25 +0800 Subject: [PATCH 11/27] ci: fix recursive job trigger --- .github/workflows/eval.yaml | 3 ++- garnix.yaml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml index 1e2d0bd..1bc00bd 100644 --- a/.github/workflows/eval.yaml +++ b/.github/workflows/eval.yaml @@ -52,8 +52,9 @@ jobs: git add eval/ git commit -m "Update deployment configurations for all hosts" - git push origin deploy-comin-eval + git push -f origin deploy-comin-eval # After success, reset deploy-comin to new deploy git checkout -b deploy-comin git reset --hard deploy + git push -f origin deploy-comin diff --git a/garnix.yaml b/garnix.yaml index 38563a7..0fc1635 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -7,4 +7,4 @@ builds: - homeConfigurations.aarch64-linux.* - darwinConfigurations.* - nixosConfigurations.* - + branch: deploy From 8a9e317c14e738acf19d9b7a90abbff516866ddc Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 21:50:05 +0800 Subject: [PATCH 12/27] thorite,dolomite: enable comin --- machines/dolomite/common.nix | 1 + machines/thorite/default.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/machines/dolomite/common.nix b/machines/dolomite/common.nix index 65b10c7..0b80ae4 100644 --- a/machines/dolomite/common.nix +++ b/machines/dolomite/common.nix @@ -37,6 +37,7 @@ commonSettings = { auth.enable = true; + comin.enable = true; proxyServer = { enable = true; users = [ diff --git a/machines/thorite/default.nix b/machines/thorite/default.nix index f2de662..2ea7cf4 100644 --- a/machines/thorite/default.nix +++ b/machines/thorite/default.nix @@ -37,6 +37,7 @@ commonSettings = { auth.enable = true; + comin.enable = true; }; nixpkgs.system = "x86_64-linux"; From 7017421f6afaeb2b2f56bf2e2abeb940dd31db74 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 22:37:32 +0800 Subject: [PATCH 13/27] flake.lock: update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • Updated input 'catppuccin': 'github:catppuccin/nix/a817009ebfd2cca7f70a77884e5098d0a8c83f8e?narHash=sha256-uX/9m0TbdhEzuWA0muM5mI/AaWcLiDLjCCyu5Qr9MRk%3D' (20 24-11-30) → 'github:catppuccin/nix/1e4c3803b8da874ff75224ec8512cb173036bbd8?narHash=sha256-CFX4diEQHKvZYjnhf7TLg20m3ge1O4vqgplsk/Kuaek%3D' (20 24-12-20) • Updated input 'disko': 'github:nix-community/disko/785c1e02c7e465375df971949b8dcbde9ec362e5?narHash=sha256-8dupm9GfK%2BBowGdQd7EHK5V61nneLfr9xR6sc5vtDi0% 3D' (2024-12-02) → 'github:nix-community/disko/2ee76c861af3b895b3b104bae04777b61397485b?narHash=sha256-hk0roBX10j/hospoWIJIJj3i2skd7Oml6yKQBx7mTFk%3D ' (2024-12-20) • Updated input 'home-manager': 'github:nix-community/home-manager/9ebaa80a227eaca9c87c53ed515ade013bc2bca9?narHash=sha256-3JKzIou54yjiMVmvgdJwopekEvZxX3JDT8DpKZs 4oXY%3D' (2024-12-09) → 'github:nix-community/home-manager/1395379a7a36e40f2a76e7b9936cc52950baa1be?narHash=sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2t CbiI%3D' (2024-12-19) • Updated input 'my-nixvim': 'git+https://git.xiny.li/xin/nixvim?ref=refs/heads/master&rev=a3709a89797ea094f82d38edeb4a538c07c8c3fa' (2024-11-30) → 'git+https://git.xiny.li/xin/nixvim?ref=refs/heads/master&rev=fdf7775c738e2eb6bb8cb707d35a900bc47cd53e' (2024-12-21) • Updated input 'nix-index-database': 'github:Mic92/nix-index-database/f1e477a7dd11e27e7f98b646349cd66bbabf2fb8?narHash=sha256-U0vivjQFAwjNDYt49Krevs1murX9hKBFe2Ye0cHpg bU%3D' (2024-12-08) → 'github:Mic92/nix-index-database/311d6cf3ad3f56cb051ffab1f480b2909b3f754d?narHash=sha256-icEMqBt4HtGH52PU5FHidgBrNJvOfXH6VQKNtnD1a w8%3D' (2024-12-15) • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/66ced222ef9235f90dbdd754ede3d6476722aaa9?narHash=sha256-K595Q2PrZv2iiumdBkwM2G456T2lKs LD71bn/fbJiQ0%3D' (2024-12-10) → 'github:nix-community/nix-vscode-extensions/113779a6601d5b5c8ef7c5b5c4ab3f377fd3e2c3?narHash=sha256-rTGDkcbzfcTL7jE4TtxhNQtDssD1QY 8yLo8ApAv3XRs%3D' (2024-12-21) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/e563803af3526852b6b1d77107a81908c66a9fcf?narHash=sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is%3 D' (2024-12-06) → 'github:NixOS/nixos-hardware/b12e314726a4226298fe82776b4baeaa7bcf3dcd?narHash=sha256-mfv%2BJ/vO4nqmIOlq8Y1rRW8hVsGH3M%2BI2ESMjhueb Ds%3D' (2024-12-16) • Updated input 'nixpkgs': 'github:xinyangli/nixpkgs/61b1078fca3a097ce06ada68a6f2766347eed02c?narHash=sha256-AQdCeGt3dMV9/cchlWGMcP0Z8qM47V%2BB0p7cSRr%2BHhA% 3D' (2024-12-10) → 'github:xinyangli/nixpkgs/540fcd82c3de04893afaa30051de48871cc428b4?narHash=sha256-//RKBYxuo0PwIlijrnOr57yNpnp6g1opt3zb3xIS30M%3D' (2024-12-21) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/7109b680d161993918b0a126f38bc39763e5a709?narHash=sha256-dlK7n82FEyZlHH7BFHQAM5tua%2BlQO1Iv7aAtglc1O5s%3D' (2 024-12-09) → 'github:nixos/nixpkgs/72d11d40b9878a67c38f003c240c2d2e1811e72a?narHash=sha256-ze3IJksru9dN0keqUxY0WNf8xrwfs8Ty/z9v/keyBbg%3D' (202 4-12-18) • Updated input 'nur': 'github:nix-community/NUR/b54fa3d8c020e077d88be036a12a711b84fe2031?narHash=sha256-5F49/mOzFb40uUZh71uNr7kBXjDCw5ZfHMbpZjjUVBQ%3D' (2024-12-10) → 'github:nix-community/NUR/db4e0d95cd1f9f77113cd9c3c9de5974fa721a98?narHash=sha256-ZRG0vNJHRyKnzyWOFciCzodQlv4Sb2%2BH5I7xKIH2EL0%3D ' (2024-12-21) • Updated input 'nur/nixpkgs': 'github:nixos/nixpkgs/22c3f2cf41a0e70184334a958e6b124fb0ce3e01?narHash=sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY%3D' (202 4-12-07) → 'github:nixos/nixpkgs/d3c42f187194c26d9f0309a8ecc469d6c878ce33?narHash=sha256-cHar1vqHOOyC7f1%2BtVycPoWTfKIaqkoe1Q6TnKzuti4%3D' (2 024-12-17) • Updated input 'sops-nix': 'github:Mic92/sops-nix/a80af8929781b5fe92ddb8ae52e9027fae780d2a?narHash=sha256-pm4cfEcPXripE36PYCl0A2Tu5ruwHEvTee%2BHzNk%2BSQE%3D' (2024-12-09) → 'github:Mic92/sops-nix/ed091321f4dd88afc28b5b4456e0a15bd8374b4d?narHash=sha256-6OvJbqQ6qPpNw3CA%2BW8Myo5aaLhIJY/nNFDk3zMXLfM%3D' (2024-12-18) --- flake.lock | 74 +++++++++++++++++++++++++++--------------------------- flake.nix | 1 - 2 files changed, 37 insertions(+), 38 deletions(-) diff --git a/flake.lock b/flake.lock index 4713bdb..4a533fe 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "catppuccin": { "locked": { - "lastModified": 1733001911, - "narHash": "sha256-uX/9m0TbdhEzuWA0muM5mI/AaWcLiDLjCCyu5Qr9MRk=", + "lastModified": 1734734291, + "narHash": "sha256-CFX4diEQHKvZYjnhf7TLg20m3ge1O4vqgplsk/Kuaek=", "owner": "catppuccin", "repo": "nix", - "rev": "a817009ebfd2cca7f70a77884e5098d0a8c83f8e", + "rev": "1e4c3803b8da874ff75224ec8512cb173036bbd8", "type": "github" }, "original": { @@ -88,11 +88,11 @@ ] }, "locked": { - "lastModified": 1733168902, - "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=", + "lastModified": 1734701201, + "narHash": "sha256-hk0roBX10j/hospoWIJIJj3i2skd7Oml6yKQBx7mTFk=", "owner": "nix-community", "repo": "disko", - "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5", + "rev": "2ee76c861af3b895b3b104bae04777b61397485b", "type": "github" }, "original": { @@ -322,11 +322,11 @@ ] }, "locked": { - "lastModified": 1733754861, - "narHash": "sha256-3JKzIou54yjiMVmvgdJwopekEvZxX3JDT8DpKZs4oXY=", + "lastModified": 1734622215, + "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=", "owner": "nix-community", "repo": "home-manager", - "rev": "9ebaa80a227eaca9c87c53ed515ade013bc2bca9", + "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be", "type": "github" }, "original": { @@ -396,11 +396,11 @@ "nixvim": "nixvim" }, "locked": { - "lastModified": 1732936640, - "narHash": "sha256-NcluA0L+ZV5MUj3UuQhlkGCj8KoEhX/ObWlMHZ/F/ac=", + "lastModified": 1734791154, + "narHash": "sha256-J/h0nh3iOnOqXnv28NahNH45xZ035tKpabPPKMPFTfo=", "ref": "refs/heads/master", - "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa", - "revCount": 20, + "rev": "fdf7775c738e2eb6bb8cb707d35a900bc47cd53e", + "revCount": 24, "type": "git", "url": "https://git.xiny.li/xin/nixvim" }, @@ -459,11 +459,11 @@ ] }, "locked": { - "lastModified": 1733629314, - "narHash": "sha256-U0vivjQFAwjNDYt49Krevs1murX9hKBFe2Ye0cHpgbU=", + "lastModified": 1734234111, + "narHash": "sha256-icEMqBt4HtGH52PU5FHidgBrNJvOfXH6VQKNtnD1aw8=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "f1e477a7dd11e27e7f98b646349cd66bbabf2fb8", + "rev": "311d6cf3ad3f56cb051ffab1f480b2909b3f754d", "type": "github" }, "original": { @@ -483,11 +483,11 @@ ] }, "locked": { - "lastModified": 1733795858, - "narHash": "sha256-K595Q2PrZv2iiumdBkwM2G456T2lKsLD71bn/fbJiQ0=", + "lastModified": 1734745696, + "narHash": "sha256-rTGDkcbzfcTL7jE4TtxhNQtDssD1QY8yLo8ApAv3XRs=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "66ced222ef9235f90dbdd754ede3d6476722aaa9", + "rev": "113779a6601d5b5c8ef7c5b5c4ab3f377fd3e2c3", "type": "github" }, "original": { @@ -498,11 +498,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1733481457, - "narHash": "sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is=", + "lastModified": 1734352517, + "narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e563803af3526852b6b1d77107a81908c66a9fcf", + "rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd", "type": "github" }, "original": { @@ -542,11 +542,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1733730953, - "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=", + "lastModified": 1734529975, + "narHash": "sha256-ze3IJksru9dN0keqUxY0WNf8xrwfs8Ty/z9v/keyBbg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7109b680d161993918b0a126f38bc39763e5a709", + "rev": "72d11d40b9878a67c38f003c240c2d2e1811e72a", "type": "github" }, "original": { @@ -558,11 +558,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1733805440, - "narHash": "sha256-AQdCeGt3dMV9/cchlWGMcP0Z8qM47V+B0p7cSRr+HhA=", + "lastModified": 1734791212, + "narHash": "sha256-//RKBYxuo0PwIlijrnOr57yNpnp6g1opt3zb3xIS30M=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "61b1078fca3a097ce06ada68a6f2766347eed02c", + "rev": "540fcd82c3de04893afaa30051de48871cc428b4", "type": "github" }, "original": { @@ -574,11 +574,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1733581040, - "narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=", + "lastModified": 1734424634, + "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "22c3f2cf41a0e70184334a958e6b124fb0ce3e01", + "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", "type": "github" }, "original": { @@ -621,11 +621,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1733805328, - "narHash": "sha256-5F49/mOzFb40uUZh71uNr7kBXjDCw5ZfHMbpZjjUVBQ=", + "lastModified": 1734785773, + "narHash": "sha256-ZRG0vNJHRyKnzyWOFciCzodQlv4Sb2+H5I7xKIH2EL0=", "owner": "nix-community", "repo": "NUR", - "rev": "b54fa3d8c020e077d88be036a12a711b84fe2031", + "rev": "db4e0d95cd1f9f77113cd9c3c9de5974fa721a98", "type": "github" }, "original": { @@ -683,11 +683,11 @@ ] }, "locked": { - "lastModified": 1733785344, - "narHash": "sha256-pm4cfEcPXripE36PYCl0A2Tu5ruwHEvTee+HzNk+SQE=", + "lastModified": 1734546875, + "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=", "owner": "Mic92", "repo": "sops-nix", - "rev": "a80af8929781b5fe92ddb8ae52e9027fae780d2a", + "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a1362f8..23b83a7 100644 --- a/flake.nix +++ b/flake.nix @@ -334,7 +334,6 @@ packages = with pkgs; [ nix git - colmena.packages.${system}.colmena sops nix-output-monitor nil From a659c3b3974defd5bb3b027fdbda8af13d48c490 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 21 Dec 2024 23:18:27 +0800 Subject: [PATCH 14/27] monitoring: monitor comin status --- machines/thorite/monitoring.nix | 20 +++++++++++++++++++- overlays/my-lib/settings.nix | 2 ++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/machines/thorite/monitoring.nix b/machines/thorite/monitoring.nix index 981fd14..e35fb13 100644 --- a/machines/thorite/monitoring.nix +++ b/machines/thorite/monitoring.nix @@ -12,6 +12,7 @@ let hedgedocDomain grafanaUrl ntfyUrl + internalDomain ; removeHttps = s: lib.removePrefix "https://" s; in @@ -81,7 +82,24 @@ in ]; passwordFile = config.sops.secrets."prometheus/metrics_password".path; in - (mkScrapes [ + [ + { + job_name = "comin"; + scheme = "http"; + static_configs = [ + { + targets = map (host: "${host}.${internalDomain}:4243") [ + "weilite" + "thorite" + "la-00" + "hk-00" + "fra-00" + ]; + } + ]; + } + ] + ++ (mkScrapes [ { name = "immich"; scheme = "http"; diff --git a/overlays/my-lib/settings.nix b/overlays/my-lib/settings.nix index 46bdb04..be97568 100644 --- a/overlays/my-lib/settings.nix +++ b/overlays/my-lib/settings.nix @@ -16,5 +16,7 @@ prometheusCollectors = [ "thorite.coho-tet.ts.net" ]; + + internalDomain = "coho-tet.ts.net"; }; } From f4fe93ae229d7b8e4b2cbf14bd27d720e42beb3e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 22 Dec 2024 00:00:51 +0800 Subject: [PATCH 15/27] thorite/monitoring: alert comin build failure --- machines/thorite/monitoring.nix | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/machines/thorite/monitoring.nix b/machines/thorite/monitoring.nix index e35fb13..afb0b6e 100644 --- a/machines/thorite/monitoring.nix +++ b/machines/thorite/monitoring.nix @@ -59,7 +59,22 @@ in node.enable = true; }; ruleModules = - (mkCaddyRules [ { host = "thorite"; } ]) + [ + { + name = "comin_rules"; + rules = [ + { + alert = "CominBuildFailed"; + expr = "comin_build_info != 1"; + for = "1m"; + labels = { + severity = "critical"; + }; + } + ]; + } + ] + ++ (mkCaddyRules [ { host = "thorite"; } ]) ++ (mkNodeRules [ { host = "thorite"; } ]) ++ (mkBlackboxRules [ { host = "thorite"; } ]); }; From fde693bfe0f0ede0c837a362abde5b898d9f68a0 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 22 Dec 2024 09:08:41 +0800 Subject: [PATCH 16/27] flake.lock: update nixpkgs for newer ocis --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 4a533fe..3320dcb 100644 --- a/flake.lock +++ b/flake.lock @@ -558,11 +558,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1734791212, - "narHash": "sha256-//RKBYxuo0PwIlijrnOr57yNpnp6g1opt3zb3xIS30M=", + "lastModified": 1734829510, + "narHash": "sha256-hb2GwIHunYTjo8d1zBfSC5v46IEY5UZWQdR5R1omvmE=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "540fcd82c3de04893afaa30051de48871cc428b4", + "rev": "2ad7f9f3c996dd9838a4f68941bcbeed2807b150", "type": "github" }, "original": { From d31c7ad8a79a166129211855672b0fced6bb7c28 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 22 Dec 2024 09:11:41 +0800 Subject: [PATCH 17/27] weilite: add back ocis volume --- machines/weilite/default.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index bae1b92..6d9870a 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -98,13 +98,13 @@ options = "rw,nodev,nosuid"; wantedBy = [ "restic-rest-server.service" ]; } - # { - # what = "ocis"; - # where = "/var/lib/ocis"; - # type = "virtiofs"; - # options = "rw,nodev,nosuid"; - # wantedBy = [ "ocis.service" ]; - # } + { + what = "ocis"; + where = "/var/lib/ocis"; + type = "virtiofs"; + options = "rw,nodev,nosuid"; + wantedBy = [ "ocis.service" ]; + } { what = "media"; where = "/var/lib/jellyfin/media"; From 404badefec2d95903721724e283cbf480d75ef0a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 22 Dec 2024 14:10:58 +0800 Subject: [PATCH 18/27] weilite: fix virtiofs mount --- machines/weilite/default.nix | 39 ++++++++++++++++++++-------- machines/weilite/services/immich.nix | 1 - modules/nixos/monitor/exporters.nix | 2 +- 3 files changed, 29 insertions(+), 13 deletions(-) diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index 6d9870a..c151e1b 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -34,7 +34,10 @@ "usb_storage" "sd_mod" ]; - kernelModules = [ "kvm-intel" ]; + kernelModules = [ + "kvm-intel" + ]; + kernelPackages = pkgs.linuxPackages_6_12; }; nixpkgs.config.allowUnfree = true; @@ -42,6 +45,7 @@ environment.systemPackages = [ pkgs.virtiofsd pkgs.intel-gpu-tools + pkgs.pciutils ]; sops = { @@ -92,18 +96,10 @@ wantedBy = [ "immich-server.service" ]; } { - what = "restic"; - where = "/var/lib/restic"; + what = "nixos"; + where = "/mnt/nixos"; type = "virtiofs"; options = "rw,nodev,nosuid"; - wantedBy = [ "restic-rest-server.service" ]; - } - { - what = "ocis"; - where = "/var/lib/ocis"; - type = "virtiofs"; - options = "rw,nodev,nosuid"; - wantedBy = [ "ocis.service" ]; } { what = "media"; @@ -111,6 +107,27 @@ type = "virtiofs"; options = "rw,nodev,nosuid"; } + { + what = "/mnt/nixos/ocis"; + where = "/var/lib/ocis"; + options = "bind"; + after = [ "mnt-nixos.mount" ]; + wantedBy = [ "ocis.service" ]; + } + { + what = "/mnt/nixos/restic"; + where = "/var/lib/restic"; + options = "bind"; + after = [ "mnt-nixos.mount" ]; + wantedBy = [ "restic-rest-server.service" ]; + } + { + what = "/mnt/nixos/immich"; + where = "/var/lib/immich"; + options = "bind"; + after = [ "mnt-nixos.mount" ]; + wantedBy = [ "immich-server.service" ]; + } ]; hardware.graphics = { diff --git a/machines/weilite/services/immich.nix b/machines/weilite/services/immich.nix index 33a98d3..0b97f5c 100644 --- a/machines/weilite/services/immich.nix +++ b/machines/weilite/services/immich.nix @@ -46,7 +46,6 @@ in services.immich = { enable = true; - mediaLocation = "/mnt/XinPhotos/immich"; host = "127.0.0.1"; port = 3001; openFirewall = true; diff --git a/modules/nixos/monitor/exporters.nix b/modules/nixos/monitor/exporters.nix index 56750ef..d0e006f 100644 --- a/modules/nixos/monitor/exporters.nix +++ b/modules/nixos/monitor/exporters.nix @@ -11,7 +11,7 @@ let in { config = { - systemd.services.tailscaled.after = + systemd.services.tailscaled.before = (lib.optional cfg.node.enable "prometheus-node-exporters.service") ++ (lib.optional cfg.blackbox.enable "prometheus-blackbox-exporters.service") ++ (lib.optional config.services.caddy.enable "caddy.service"); From 533cfbb560b881d34cd9307d49a93478d387b856 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Wed, 25 Dec 2024 11:32:34 +0800 Subject: [PATCH 19/27] weilite: add transmission --- machines/weilite/default.nix | 14 +++-- machines/weilite/secrets.yaml | 8 ++- machines/weilite/services/default.nix | 1 + machines/weilite/services/transmission.nix | 67 ++++++++++++++++++++++ 4 files changed, 81 insertions(+), 9 deletions(-) create mode 100644 machines/weilite/services/transmission.nix diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index c151e1b..c3a70d0 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -101,12 +101,7 @@ type = "virtiofs"; options = "rw,nodev,nosuid"; } - { - what = "media"; - where = "/var/lib/jellyfin/media"; - type = "virtiofs"; - options = "rw,nodev,nosuid"; - } + { what = "/mnt/nixos/ocis"; where = "/var/lib/ocis"; @@ -128,6 +123,13 @@ after = [ "mnt-nixos.mount" ]; wantedBy = [ "immich-server.service" ]; } + { + what = "/mnt/nixos/media"; + where = "/var/lib/jellyfin/media"; + options = "bind"; + after = [ "mnt-nixos.mount" ]; + wantedBy = [ "jellyfin.service" ]; + } ]; hardware.graphics = { diff --git a/machines/weilite/secrets.yaml b/machines/weilite/secrets.yaml index 0394a80..b5c3aa5 100644 --- a/machines/weilite/secrets.yaml +++ b/machines/weilite/secrets.yaml @@ -4,6 +4,8 @@ immich: oauth_client_secret: ENC[AES256_GCM,data:EFs2hPjGMj0idwY3oQVIDTOIWkdwoAoAVjDQE9Z2eAKzUDH3grmYpYE+33V8d/Ux,iv:A9cjwFr/ZqltG62/N8MQ1LhdDbSIVVAqIPVB492zYJw=,tag:VTTtE697BZTVsI32UF53/w==,type:str] restic: localpass: ENC[AES256_GCM,data:GIQAmkpDmGu4+sSG5/b5yQ==,iv:dcu6F8NnVjeQzEG2vM3fOV5owI0PWc86ts20UP3vN18=,tag:vsG8x062FG1pH5YNcAajeg==,type:str] +transmission: + rpc-password: ENC[AES256_GCM,data:4dumy0hygGOuwU3ANky3xEKRDRBAJWE=,iv:HVV2J+F8HndHZNsMD2YmkWrJOzk5JIapGd0SuQP8VqU=,tag:xqp5pxh5cYYogA4alrmIfg==,type:str] sops: kms: [] gcp_kms: [] @@ -28,8 +30,8 @@ sops: V0thRjU4WGpQRGFpcnoxSjZTZHhTTkUKzNMHh9p7GUY3hL5XZ9S4x20CwaItsXFV RKujsFVVBd8Kuq/jyOCBTRCscuHI4LW/wYeZYHFEZFSTK2liAqspgw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-03T05:59:51Z" - mac: ENC[AES256_GCM,data:0dLbfkm7fJvH5Mmct0/qHulg2AtDCeeeOgWMXfeGRUaX3GlLDiLga0zW4uNPDuahVecdh6ofvYfBOxFaGUdBCHk9vq5GzrwrzBNhqObWQ3AqVuq5rjqSxEKoFM4Eb5qoqaOefFzT/9qC94NDETTsHhjiEeIgd4fgSr2dazNiFPE=,iv:Ggw0FHzkrhKh5Uzo3seHGwwHsWW/tTAgAl0iIq9PVk4=,tag:rJvUI5/wsLJ01XyKmkRghw==,type:str] + lastmodified: "2024-12-25T00:35:15Z" + mac: ENC[AES256_GCM,data:sk4DL+w740RD9A3sPvcGD4fc90Nfw9C8dH11ScGRgt6gS3v4V16pD0Q/bHHZiUCll76phZKjp+sGcZaPw0X7RDlK582WY3uw0pLtqLlm0gejjmvBJYKg47nA0dCD+vDvbMkJlvJG6N3sRuXDBa/7bAe452eXZNS8Xnm7ceDscVc=,iv:Nx4yCfG9rNk0q8akuI1aZr6Wj4GIAxASE8Tc7TH4Vj8=,tag:GodvlMbhIPpPu062spKFxA==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.1 + version: 3.9.2 diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix index 5a5cc25..ca5ee33 100644 --- a/machines/weilite/services/default.nix +++ b/machines/weilite/services/default.nix @@ -5,5 +5,6 @@ ./media-download.nix ./immich.nix ./jellyfin.nix + ./transmission.nix ]; } diff --git a/machines/weilite/services/transmission.nix b/machines/weilite/services/transmission.nix new file mode 100644 index 0000000..be7bb39 --- /dev/null +++ b/machines/weilite/services/transmission.nix @@ -0,0 +1,67 @@ +{ config, ... }: +let + cfg = config.services.transmission; +in +{ + sops.secrets = { + "transmission/rpc-password" = { }; + }; + + sops.templates."transmission-cred.json" = { + content = builtins.toJSON { + rpc-password = config.sops.placeholder."transmission/rpc-password"; + }; + }; + + services.transmission = { + enable = true; + openPeerPorts = true; + credentialsFile = config.sops.templates."transmission-cred.json".path; + settings = { + download-dir = "/mnt/nixos/media"; + incomplete-dir = "/mnt/nixos/transmission/incomplete"; + alt-speed-down = 40960; + alt-speed-enabled = false; + alt-speed-time-begin = 60; + alt-speed-time-day = 127; + alt-speed-time-enabled = true; + alt-speed-time-end = 420; + alt-speed-up = 4096; + bind-address-ipv4 = "0.0.0.0"; + bind-address-ipv6 = "::"; + download-queue-enabled = true; + download-queue-size = 5; + incomplete-dir-enabled = true; + lpd-enabled = false; + message-level = 2; + peer-congestion-algorithm = ""; + peer-id-ttl-hours = 6; + peer-limit-global = 200; + peer-limit-per-torrent = 50; + peer-port = 51413; + peer-socket-tos = "cs2"; + pex-enabled = true; + preallocation = 1; + prefetch-enabled = true; + queue-stalled-enabled = true; + queue-stalled-minutes = 30; + rename-partial-files = true; + rpc-bind-address = "127.0.0.1"; + rpc-enabled = true; + rpc-authentication-required = true; + rpc-port = 9092; + rpc-username = "xin"; + rpc-whitelist = "127.0.0.1"; + speed-limit-down = 20480; + speed-limit-down-enabled = true; + speed-limit-up = 3072; + speed-limit-up-enabled = true; + start-added-torrents = true; + watch-dir-enabled = false; + }; + }; + services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:9091".extraConfig = '' + reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port} + ''; + networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan +} From 408ea16f6dedc3cedc1779bbcee4dd74407ccd9e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 26 Dec 2024 20:26:07 +0800 Subject: [PATCH 20/27] calcite/keyd: global caplock reload --- machines/calcite/configuration.nix | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index a3c84c4..68bd802 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -152,11 +152,14 @@ in services.keyd = { enable = true; keyboards = { + defualt = { + id = [ "*" ]; + capslock = "overload(control, esc)"; + }; "internal" = { ids = [ "0b05:1866" ]; settings = { main = { - capslock = "overload(control, esc)"; leftcontrol = "capslock"; }; }; @@ -170,17 +173,6 @@ in }; }; }; - "keydous" = { - ids = [ - "25a7:fa14" - "3151:4002" - ]; - settings = { - main = { - leftcontrol = "overload(control, esc)"; - }; - }; - }; }; }; @@ -302,7 +294,8 @@ in zotero # onlyoffice-bin - wemeet + # wemeet + config.nur.repos.linyinfeng.wemeet virt-manager wineWowPackages.waylandFull From 6bf9d771a1a66a92811e1e816d75f6aff039b84f Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 26 Dec 2024 20:27:18 +0800 Subject: [PATCH 21/27] weilite/media: add group "media" --- machines/weilite/default.nix | 17 ++++++++++------- machines/weilite/services/jellyfin.nix | 10 ++++++++++ machines/weilite/services/media-download.nix | 7 ++++++- machines/weilite/services/transmission.nix | 12 +++++++----- 4 files changed, 33 insertions(+), 13 deletions(-) diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix index c3a70d0..cb5804b 100644 --- a/machines/weilite/default.nix +++ b/machines/weilite/default.nix @@ -12,6 +12,13 @@ ./services ]; + options = { + node = lib.mkOption { + type = lib.types.attrs; + default = { }; + }; + }; + config = { networking.hostName = "weilite"; commonSettings = { @@ -21,6 +28,9 @@ }; comin.enable = true; }; + node = { + mediaDir = "/mnt/nixos/media"; + }; boot = { loader = { @@ -123,13 +133,6 @@ after = [ "mnt-nixos.mount" ]; wantedBy = [ "immich-server.service" ]; } - { - what = "/mnt/nixos/media"; - where = "/var/lib/jellyfin/media"; - options = "bind"; - after = [ "mnt-nixos.mount" ]; - wantedBy = [ "jellyfin.service" ]; - } ]; hardware.graphics = { diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix index d321de5..025386b 100644 --- a/machines/weilite/services/jellyfin.nix +++ b/machines/weilite/services/jellyfin.nix @@ -1,7 +1,16 @@ { config, pkgs, ... }: +let + cfg = config.services.jellyfin; +in { services.jellyfin.enable = true; + systemd.services.jellyfin.serviceConfig = { + BindReadOnlyPaths = [ + "/mnt/nixos/media:${cfg.dataDir}/media" + ]; + }; + environment.systemPackages = with pkgs; [ jellyfin jellyfin-web @@ -12,4 +21,5 @@ ''; networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan users.users.jellyfin.extraGroups = [ "render" ]; + users.groups.media.members = [ cfg.user ]; } diff --git a/machines/weilite/services/media-download.nix b/machines/weilite/services/media-download.nix index 6f22744..a161931 100644 --- a/machines/weilite/services/media-download.nix +++ b/machines/weilite/services/media-download.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: { services.jackett = { enable = true; @@ -27,4 +27,9 @@ services.radarr = { enable = true; }; + + users.groups.media.members = [ + config.services.sonarr.user + config.services.radarr.user + ]; } diff --git a/machines/weilite/services/transmission.nix b/machines/weilite/services/transmission.nix index be7bb39..b025819 100644 --- a/machines/weilite/services/transmission.nix +++ b/machines/weilite/services/transmission.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, pkgs, ... }: let cfg = config.services.transmission; in @@ -15,13 +15,14 @@ in services.transmission = { enable = true; + package = pkgs.transmission_4; openPeerPorts = true; credentialsFile = config.sops.templates."transmission-cred.json".path; settings = { download-dir = "/mnt/nixos/media"; incomplete-dir = "/mnt/nixos/transmission/incomplete"; alt-speed-down = 40960; - alt-speed-enabled = false; + alt-speed-enabled = true; alt-speed-time-begin = 60; alt-speed-time-day = 127; alt-speed-time-enabled = true; @@ -30,16 +31,16 @@ in bind-address-ipv4 = "0.0.0.0"; bind-address-ipv6 = "::"; download-queue-enabled = true; - download-queue-size = 5; + download-queue-size = 10; incomplete-dir-enabled = true; lpd-enabled = false; - message-level = 2; + message-level = 4; peer-congestion-algorithm = ""; peer-id-ttl-hours = 6; peer-limit-global = 200; peer-limit-per-torrent = 50; peer-port = 51413; - peer-socket-tos = "cs2"; + peer-socket-tos = "cs1"; pex-enabled = true; preallocation = 1; prefetch-enabled = true; @@ -64,4 +65,5 @@ in reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port} ''; networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan + users.groups.media.members = [ cfg.user ]; } From efbfb72030680eb608e1a12dc740fbe2ef4de48a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Thu, 26 Dec 2024 21:32:51 +0800 Subject: [PATCH 22/27] flake.lock: update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • Updated input 'my-nixvim': 'git+https://git.xiny.li/xin/nixvim?ref=refs/heads/master&rev=fdf7775c738e2eb6bb8cb707d35a900bc47cd53e' (2024-12-21) → 'git+https://git.xiny.li/xin/nixvim?ref=refs/heads/master&rev=4439691030d1a28f4ad49c542104e3f880f7c183' (2024-12-26) --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 3320dcb..f468ae0 100644 --- a/flake.lock +++ b/flake.lock @@ -396,11 +396,11 @@ "nixvim": "nixvim" }, "locked": { - "lastModified": 1734791154, - "narHash": "sha256-J/h0nh3iOnOqXnv28NahNH45xZ035tKpabPPKMPFTfo=", + "lastModified": 1735219902, + "narHash": "sha256-s1aI4l9e0OX861wHsvAPqz/s8B9ZTltAMJzPRXt5Kqo=", "ref": "refs/heads/master", - "rev": "fdf7775c738e2eb6bb8cb707d35a900bc47cd53e", - "revCount": 24, + "rev": "4439691030d1a28f4ad49c542104e3f880f7c183", + "revCount": 25, "type": "git", "url": "https://git.xiny.li/xin/nixvim" }, From 601eb4127e66d14b5709cb19f24b16bb4d9a7a86 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 28 Dec 2024 09:56:48 +0800 Subject: [PATCH 23/27] flake.lock: update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • Updated input 'catppuccin': 'github:catppuccin/nix/1e4c3803b8da874ff75224ec8512cb173036bbd8?narHash=sha256-CFX4diEQHKvZYjnhf7TLg20m3ge1O4vqgplsk/Kuaek%3D' (2024-12-20) → 'github:catppuccin/nix/a2e641bc6b17129d81d54019e14c9956784c69c6?narHash=sha256-vU7SkHINr%2BNqmZeFLA11plsaUfazKKpdEhI/oTJbK3Q%3D' (2024-12-27) • Added input 'catppuccin/catppuccin-v1_1': 'https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz?narHash=sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68%3D' (2024-12-13) • Added input 'catppuccin/catppuccin-v1_2': 'https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz?narHash=sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA%3D' (2024-12-20) • Added input 'catppuccin/home-manager': follows 'home-manager' • Added input 'catppuccin/home-manager-stable': 'github:nix-community/home-manager/80b0fdf483c5d1cb75aaad909bd390d48673857f?narHash=sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw%3D' (2024-12-16) • Added input 'catppuccin/home-manager-stable/nixpkgs': follows 'catppuccin/nixpkgs-stable' • Added input 'catppuccin/nixpkgs': follows 'nixpkgs' • Added input 'catppuccin/nixpkgs-stable': 'github:NixOS/nixpkgs/b47fd6fa00c6afca88b8ee46cfdb00e104f50bca?narHash=sha256-nbG9TijTMcfr%2Bau7ZVbKpAhMJzzE2nQBYmRvSdXUD8g%3D' (2024-12-19) • Added input 'catppuccin/nuscht-search': 'github:NuschtOS/search/3051be7f403bff1d1d380e4612f0c70675b44fc9?narHash=sha256-Y47y%2BLesOCkJaLvj%2BdI/Oa6FAKj/T9sKVKDXLNsViPw%3D' (2024-12-09) • Added input 'catppuccin/nuscht-search/flake-utils': 'github:numtide/flake-utils/11707dc2f618dd54ca8739b309ec4fc024de578b?narHash=sha256-l0KFg5HjrsfsO/JpG%2Br7fRrqm12kzFHyUHqHCVpMMbI%3D' (2024-11-13) • Added input 'catppuccin/nuscht-search/flake-utils/systems': 'github:nix-systems/default/da67096a3b9bf56a91d16901293e51ba5b49a27e?narHash=sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768%3D' (2023-04-09) • Added input 'catppuccin/nuscht-search/ixx': 'github:NuschtOS/ixx/9fd01aad037f345350eab2cd45e1946cc66da4eb?narHash=sha256-EiOq8jF4Z/zQe0QYVc3%2BqSKxRK//CFHMB84aYrYGwEs%3D' (2024-10-26) • Added input 'catppuccin/nuscht-search/ixx/flake-utils': follows 'catppuccin/nuscht-search/flake-utils' • Added input 'catppuccin/nuscht-search/ixx/nixpkgs': follows 'catppuccin/nuscht-search/nixpkgs' • Added input 'catppuccin/nuscht-search/nixpkgs': follows 'catppuccin/nixpkgs' • Updated input 'colmena': 'github:zhaofengli/colmena/e3ad42138015fcdf2524518dd564a13145c72ea1?narHash=sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8%3D' (2024-11-13) → 'github:zhaofengli/colmena/a6b51f5feae9bfb145daa37fd0220595acb7871e?narHash=sha256-LLpiqfOGBippRax9F33kSJ/Imt8gJXb6o0JwSBiNHCk%3D' (2024-12-22) • Updated input 'disko': 'github:nix-community/disko/2ee76c861af3b895b3b104bae04777b61397485b?narHash=sha256-hk0roBX10j/hospoWIJIJj3i2skd7Oml6yKQBx7mTFk%3D' (2024-12-20) → 'github:nix-community/disko/3a4de9fa3a78ba7b7170dda6bd8b4cdab87c0b21?narHash=sha256-Tc35Y8H%2BkrA6rZeOIczsaGAtobSSBPqR32AfNTeHDRc%3D' (2024-12-24) • Updated input 'home-manager': 'github:nix-community/home-manager/1395379a7a36e40f2a76e7b9936cc52950baa1be?narHash=sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI%3D' (2024-12-19) → 'github:nix-community/home-manager/b7a7cd5dd1a74a9fe86ed4e016f91c78483b527a?narHash=sha256-p7IJP/97zJda/wwCn1T2LJBz4olF5LjNf4uwhuyvARo%3D' (2024-12-27) • Updated input 'nix-index-database': 'github:Mic92/nix-index-database/311d6cf3ad3f56cb051ffab1f480b2909b3f754d?narHash=sha256-icEMqBt4HtGH52PU5FHidgBrNJvOfXH6VQKNtnD1aw8%3D' (2024-12-15) → 'github:Mic92/nix-index-database/7e3246f6ad43b44bc1c16d580d7bf6467f971530?narHash=sha256-kWNi45/mRjQMG%2BUpaZQ7KyPavYrKfle3WgLn9YeBBVg%3D' (2024-12-26) • Updated input 'nix-vscode-extensions': 'github:nix-community/nix-vscode-extensions/113779a6601d5b5c8ef7c5b5c4ab3f377fd3e2c3?narHash=sha256-rTGDkcbzfcTL7jE4TtxhNQtDssD1QY8yLo8ApAv3XRs%3D' (2024-12-21) → 'github:nix-community/nix-vscode-extensions/57719f14beefb91c5b58da26bb9cffbdb4f70bfa?narHash=sha256-rNhcGVh6Xnc0DKWR5RTTD9OxucfAotd41LEuMCGz228%3D' (2024-12-28) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/b12e314726a4226298fe82776b4baeaa7bcf3dcd?narHash=sha256-mfv%2BJ/vO4nqmIOlq8Y1rRW8hVsGH3M%2BI2ESMjhuebDs%3D' (2024-12-16) → 'github:NixOS/nixos-hardware/def1d472c832d77885f174089b0d34854b007198?narHash=sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl%2Bfk%3D' (2024-12-23) • Updated input 'nixpkgs-stable': 'github:nixos/nixpkgs/72d11d40b9878a67c38f003c240c2d2e1811e72a?narHash=sha256-ze3IJksru9dN0keqUxY0WNf8xrwfs8Ty/z9v/keyBbg%3D' (2024-12-18) → 'github:nixos/nixpkgs/31ac92f9628682b294026f0860e14587a09ffb4b?narHash=sha256-JMRV2RI58nV1UqLXqm%2Blcea1/dr92fYjWU5S%2BRz3fmE%3D' (2024-12-27) • Updated input 'nur': 'github:nix-community/NUR/db4e0d95cd1f9f77113cd9c3c9de5974fa721a98?narHash=sha256-ZRG0vNJHRyKnzyWOFciCzodQlv4Sb2%2BH5I7xKIH2EL0%3D' (2024-12-21) → 'github:nix-community/NUR/538f624930cdfb852e4e3dd055f79e932d5b3c16?narHash=sha256-B%2BPNIYtTmgnTV/wdA/qrYohmeBHaYrDwVAueODdvtlo%3D' (2024-12-27) • Updated input 'nur/nixpkgs': 'github:nixos/nixpkgs/d3c42f187194c26d9f0309a8ecc469d6c878ce33?narHash=sha256-cHar1vqHOOyC7f1%2BtVycPoWTfKIaqkoe1Q6TnKzuti4%3D' (2024-12-17) → 'github:nixos/nixpkgs/634fd46801442d760e09493a794c4f15db2d0cbb?narHash=sha256-NYVcA06%2BblsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M%3D' (2024-12-27) --- flake.lock | 263 +++++++++++++++++++++++++++++++++++++++++++---------- flake.nix | 2 + 2 files changed, 215 insertions(+), 50 deletions(-) diff --git a/flake.lock b/flake.lock index f468ae0..a3527f7 100644 --- a/flake.lock +++ b/flake.lock @@ -1,12 +1,25 @@ { "nodes": { "catppuccin": { + "inputs": { + "catppuccin-v1_1": "catppuccin-v1_1", + "catppuccin-v1_2": "catppuccin-v1_2", + "home-manager": [ + "home-manager" + ], + "home-manager-stable": "home-manager-stable", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable", + "nuscht-search": "nuscht-search" + }, "locked": { - "lastModified": 1734734291, - "narHash": "sha256-CFX4diEQHKvZYjnhf7TLg20m3ge1O4vqgplsk/Kuaek=", + "lastModified": 1735263930, + "narHash": "sha256-vU7SkHINr+NqmZeFLA11plsaUfazKKpdEhI/oTJbK3Q=", "owner": "catppuccin", "repo": "nix", - "rev": "1e4c3803b8da874ff75224ec8512cb173036bbd8", + "rev": "a2e641bc6b17129d81d54019e14c9956784c69c6", "type": "github" }, "original": { @@ -15,10 +28,38 @@ "type": "github" } }, + "catppuccin-v1_1": { + "locked": { + "lastModified": 1734055249, + "narHash": "sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68=", + "rev": "7221d6ca17ac36ed20588e1c3a80177ac5843fa7", + "revCount": 326, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/catppuccin/nix/1.1.%2A.tar.gz" + } + }, + "catppuccin-v1_2": { + "locked": { + "lastModified": 1734728407, + "narHash": "sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA=", + "rev": "23ee86dbf4ed347878115a78971d43025362fab1", + "revCount": 341, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/catppuccin/nix/1.2.%2A.tar.gz" + } + }, "colmena": { "inputs": { "flake-compat": "flake-compat", - "flake-utils": "flake-utils", + "flake-utils": "flake-utils_2", "nix-github-actions": "nix-github-actions", "nixpkgs": [ "nixpkgs" @@ -26,11 +67,11 @@ "stable": "stable" }, "locked": { - "lastModified": 1731527002, - "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=", + "lastModified": 1734897875, + "narHash": "sha256-LLpiqfOGBippRax9F33kSJ/Imt8gJXb6o0JwSBiNHCk=", "owner": "zhaofengli", "repo": "colmena", - "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1", + "rev": "a6b51f5feae9bfb145daa37fd0220595acb7871e", "type": "github" }, "original": { @@ -88,11 +129,11 @@ ] }, "locked": { - "lastModified": 1734701201, - "narHash": "sha256-hk0roBX10j/hospoWIJIJj3i2skd7Oml6yKQBx7mTFk=", + "lastModified": 1735048446, + "narHash": "sha256-Tc35Y8H+krA6rZeOIczsaGAtobSSBPqR32AfNTeHDRc=", "owner": "nix-community", "repo": "disko", - "rev": "2ee76c861af3b895b3b104bae04777b61397485b", + "rev": "3a4de9fa3a78ba7b7170dda6bd8b4cdab87c0b21", "type": "github" }, "original": { @@ -209,21 +250,6 @@ } }, "flake-utils": { - "locked": { - "lastModified": 1659877975, - "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_2": { "inputs": { "systems": "systems" }, @@ -241,10 +267,43 @@ "type": "github" } }, + "flake-utils_2": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flake-utils_3": { "inputs": { "systems": "systems_2" }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_3" + }, "locked": { "lastModified": 1726560853, "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=", @@ -322,11 +381,11 @@ ] }, "locked": { - "lastModified": 1734622215, - "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=", + "lastModified": 1735343815, + "narHash": "sha256-p7IJP/97zJda/wwCn1T2LJBz4olF5LjNf4uwhuyvARo=", "owner": "nix-community", "repo": "home-manager", - "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be", + "rev": "b7a7cd5dd1a74a9fe86ed4e016f91c78483b527a", "type": "github" }, "original": { @@ -335,6 +394,28 @@ "type": "github" } }, + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "catppuccin", + "nixpkgs-stable" + ] + }, + "locked": { + "lastModified": 1734366194, + "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, "home-manager_2": { "inputs": { "nixpkgs": [ @@ -358,6 +439,34 @@ } }, "ixx": { + "inputs": { + "flake-utils": [ + "catppuccin", + "nuscht-search", + "flake-utils" + ], + "nixpkgs": [ + "catppuccin", + "nuscht-search", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729958008, + "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.0.6", + "repo": "ixx", + "type": "github" + } + }, + "ixx_2": { "inputs": { "flake-utils": [ "my-nixvim", @@ -459,11 +568,11 @@ ] }, "locked": { - "lastModified": 1734234111, - "narHash": "sha256-icEMqBt4HtGH52PU5FHidgBrNJvOfXH6VQKNtnD1aw8=", + "lastModified": 1735222882, + "narHash": "sha256-kWNi45/mRjQMG+UpaZQ7KyPavYrKfle3WgLn9YeBBVg=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "311d6cf3ad3f56cb051ffab1f480b2909b3f754d", + "rev": "7e3246f6ad43b44bc1c16d580d7bf6467f971530", "type": "github" }, "original": { @@ -483,11 +592,11 @@ ] }, "locked": { - "lastModified": 1734745696, - "narHash": "sha256-rTGDkcbzfcTL7jE4TtxhNQtDssD1QY8yLo8ApAv3XRs=", + "lastModified": 1735350281, + "narHash": "sha256-rNhcGVh6Xnc0DKWR5RTTD9OxucfAotd41LEuMCGz228=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "113779a6601d5b5c8ef7c5b5c4ab3f377fd3e2c3", + "rev": "57719f14beefb91c5b58da26bb9cffbdb4f70bfa", "type": "github" }, "original": { @@ -498,11 +607,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1734352517, - "narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=", + "lastModified": 1734954597, + "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd", + "rev": "def1d472c832d77885f174089b0d34854b007198", "type": "github" }, "original": { @@ -542,11 +651,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1734529975, - "narHash": "sha256-ze3IJksru9dN0keqUxY0WNf8xrwfs8Ty/z9v/keyBbg=", + "lastModified": 1734600368, + "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1735286948, + "narHash": "sha256-JMRV2RI58nV1UqLXqm+lcea1/dr92fYjWU5S+Rz3fmE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "72d11d40b9878a67c38f003c240c2d2e1811e72a", + "rev": "31ac92f9628682b294026f0860e14587a09ffb4b", "type": "github" }, "original": { @@ -574,11 +699,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1734424634, - "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "lastModified": 1735291276, + "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", "type": "github" }, "original": { @@ -621,11 +746,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1734785773, - "narHash": "sha256-ZRG0vNJHRyKnzyWOFciCzodQlv4Sb2+H5I7xKIH2EL0=", + "lastModified": 1735337462, + "narHash": "sha256-B+PNIYtTmgnTV/wdA/qrYohmeBHaYrDwVAueODdvtlo=", "owner": "nix-community", "repo": "NUR", - "rev": "db4e0d95cd1f9f77113cd9c3c9de5974fa721a98", + "rev": "538f624930cdfb852e4e3dd055f79e932d5b3c16", "type": "github" }, "original": { @@ -634,10 +759,33 @@ "type": "github" } }, + "nuscht-search": { + "inputs": { + "flake-utils": "flake-utils", + "ixx": "ixx", + "nixpkgs": [ + "catppuccin", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733773348, + "narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=", + "owner": "NuschtOS", + "repo": "search", + "rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "repo": "search", + "type": "github" + } + }, "nuschtosSearch": { "inputs": { - "flake-utils": "flake-utils_3", - "ixx": "ixx", + "flake-utils": "flake-utils_4", + "ixx": "ixx_2", "nixpkgs": [ "my-nixvim", "nixvim", @@ -664,14 +812,14 @@ "colmena": "colmena", "comin": "comin", "disko": "disko", - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "home-manager": "home-manager", "my-nixvim": "my-nixvim", "nix-index-database": "nix-index-database", "nix-vscode-extensions": "nix-vscode-extensions", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", - "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-stable": "nixpkgs-stable_2", "nur": "nur", "sops-nix": "sops-nix" } @@ -742,6 +890,21 @@ "type": "github" } }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "treefmt-nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 23b83a7..27f8265 100644 --- a/flake.nix +++ b/flake.nix @@ -49,6 +49,8 @@ catppuccin = { url = "github:catppuccin/nix"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.home-manager.follows = "home-manager"; }; disko = { From 1c6f33b09453fc2aebb451eb93614f8e78cc1ae2 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 28 Dec 2024 10:02:28 +0800 Subject: [PATCH 24/27] fixup! flake.lock: update --- garnix.yaml | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/garnix.yaml b/garnix.yaml index 0fc1635..630fac6 100644 --- a/garnix.yaml +++ b/garnix.yaml @@ -1,10 +1,19 @@ builds: - include: - - '*.x86_64-linux.*' - - defaultPackage.x86_64-linux - - devShell.x86_64-linux - - homeConfigurations.x86_64-linux.* - - homeConfigurations.aarch64-linux.* - - darwinConfigurations.* - - nixosConfigurations.* - branch: deploy + - include: + - '*.x86_64-linux.*' + - defaultPackage.x86_64-linux + - devShell.x86_64-linux + - homeConfigurations.x86_64-linux.* + - homeConfigurations.aarch64-linux.* + - darwinConfigurations.* + - nixosConfigurations.* + branch: deploy + - include: + - '*.x86_64-linux.*' + - defaultPackage.x86_64-linux + - devShell.x86_64-linux + - homeConfigurations.x86_64-linux.* + - homeConfigurations.aarch64-linux.* + - darwinConfigurations.* + - nixosConfigurations.* + branch: next From 83aa3004b2f65188750c3a585e6fbbe9af3f525a Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 28 Dec 2024 10:07:44 +0800 Subject: [PATCH 25/27] fixup! fixup! flake.lock: update --- machines/calcite/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 68bd802..faa968a 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -295,7 +295,7 @@ in # onlyoffice-bin # wemeet - config.nur.repos.linyinfeng.wemeet + wemeet virt-manager wineWowPackages.waylandFull From b256f9c7ba9153b957bc99385b80f64407d59112 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 28 Dec 2024 10:13:04 +0800 Subject: [PATCH 26/27] calcite: global ctrl overload with keyd --- machines/calcite/configuration.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index faa968a..6e0ebda 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -152,9 +152,13 @@ in services.keyd = { enable = true; keyboards = { - defualt = { + default = { id = [ "*" ]; - capslock = "overload(control, esc)"; + settings = { + main = { + capslock = "overload(control, esc)"; + }; + }; }; "internal" = { ids = [ "0b05:1866" ]; From ca45be2816977bd913d0b2085a0dee486519d2ae Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 28 Dec 2024 10:17:19 +0800 Subject: [PATCH 27/27] fixup! calcite: global ctrl overload with keyd --- machines/calcite/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix index 6e0ebda..9a70f52 100644 --- a/machines/calcite/configuration.nix +++ b/machines/calcite/configuration.nix @@ -153,7 +153,7 @@ in enable = true; keyboards = { default = { - id = [ "*" ]; + ids = [ "*" ]; settings = { main = { capslock = "overload(control, esc)";