.github/workflows/eval.yaml

@@ -1,8 +1,10 @@
 name: Eval NixOS Configurations
 
 on:
-  check_suite:
+  push:
-    types: [completed]
+    branches:
+      - deploy
+  workflow_dispatch:
 
 permissions:
   contents: write
@@ -34,7 +36,7 @@ jobs:
           failed_hosts=""
           for host in $hosts; do
             echo "Eval derivation for $host"
-            if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
+            if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
               echo "❌ Failed to evaluate $host"
               failed_hosts+="$host "
               rm "eval/$host.json"

machines/calcite/configuration.nix

@@ -15,12 +15,23 @@ in
     ../sops.nix
   ];
 
+  services.comin = {
+    enable = true;
+    remotes = [
+      {
+        name = "origin";
+        url = "https://github.com/xinyangli/nixos-config.git";
+        branches.main.name = "deploy-comin-eval";
+      }
+    ];
+    hostname = config.networking.hostName;
+  };
+
   commonSettings = {
     # auth.enable = true;
     nix = {
       signing.enable = true;
     };
-    comin.enable = true;
   };
 
   # Bootloader.

machines/weilite/default.nix

@@ -19,7 +19,6 @@
       nix = {
         enable = true;
       };
-      comin.enable = true;
     };
 
     boot = {
@@ -39,10 +38,7 @@
 
     nixpkgs.config.allowUnfree = true;
 
-    environment.systemPackages = [
+    environment.systemPackages = [ pkgs.virtiofsd ];
-      pkgs.virtiofsd
-      pkgs.intel-gpu-tools
-    ];
 
     sops = {
       defaultSopsFile = ./secrets.yaml;
@@ -98,32 +94,15 @@
         options = "rw,nodev,nosuid";
         wantedBy = [ "restic-rest-server.service" ];
       }
-      # {
-      #   what = "ocis";
-      #   where = "/var/lib/ocis";
-      #   type = "virtiofs";
-      #   options = "rw,nodev,nosuid";
-      #   wantedBy = [ "ocis.service" ];
-      # }
       {
-        what = "media";
+        what = "ocis";
-        where = "/var/lib/jellyfin/media";
+        where = "/var/lib/ocis";
         type = "virtiofs";
         options = "rw,nodev,nosuid";
+        wantedBy = [ "ocis.service" ];
       }
     ];
 
-    hardware.graphics = {
-      enable = true;
-      extraPackages = with pkgs; [
-        intel-media-driver
-        intel-vaapi-driver
-        vaapiVdpau
-        intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
-        intel-media-sdk # QSV up to 11th gen
-      ];
-    };
-
     services.openssh.ports = [
       22
       2222

machines/weilite/services/default.nix

@@ -4,6 +4,5 @@
     ./restic.nix
     ./media-download.nix
     ./immich.nix
-    ./jellyfin.nix
   ];
 }

machines/weilite/services/jellyfin.nix

@@ -1,15 +0,0 @@
-{ config, pkgs, ... }:
-{
-  services.jellyfin.enable = true;
-
-  environment.systemPackages = with pkgs; [
-    jellyfin
-    jellyfin-web
-    jellyfin-ffmpeg
-  ];
-  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = ''
-    reverse_proxy 127.0.0.1:8096
-  '';
-  networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
-  users.users.jellyfin.extraGroups = [ "render" ];
-}

modules/nixos/common-settings/comin.nix

@@ -1,32 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}:
-let
-  inherit (lib)
-    mkEnableOption
-    mkIf
-    ;
-
-  cfg = config.commonSettings.comin;
-in
-{
-  options.commonSettings.comin = {
-    enable = mkEnableOption "auto updater with comin";
-  };
-
-  config = {
-    services.comin = mkIf cfg.enable {
-      enable = true;
-      remotes = [
-        {
-          name = "origin";
-          url = "https://github.com/xinyangli/nixos-config.git";
-          branches.main.name = "deploy-comin-eval";
-        }
-      ];
-      hostname = config.networking.hostName;
-    };
-  };
-}