ci: eval deploy

2024-12-20 18:15:18 +08:00
24 changed files with 151 additions and 538 deletions
--- a/.github/workflows/eval.yaml
+++ b/.github/workflows/eval.yaml
@ -1,8 +1,10 @@
 name: Eval NixOS Configurations

 on:
-  check_suite:
-    types: [completed]
+  push:
+    branches:
+      - deploy
+  workflow_dispatch:

 permissions:
  contents: write
@ -18,10 +20,6 @@ jobs:

      - name: Install Nix
        uses: cachix/install-nix-action@v25
-        with:
-          extra_nix_conf: |
-            extra-trusted-public-keys = cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=
-            extra-substituters = https://cache.garnix.io

      - name: Configure Git
        run: |
@ -35,26 +33,19 @@ jobs:
          hosts=$(nix flake show --json | jq -r '.nixosConfigurations | keys[]')
          echo "Found hosts: $hosts"

-          failed_hosts=""
          for host in $hosts; do
            echo "Eval derivation for $host"
-            if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
+            if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
              echo "❌ Failed to evaluate $host"
-              failed_hosts+="$host "
-              rm "eval/$host.json"
            else
              echo "✅ Successfully evaluated $host"
            fi
          done

+          echo "Total hosts: $(echo "$hosts" | wc -w)"
          echo "Failed hosts: $failed_hosts" 
          
          git add eval/
          git commit -m "Update deployment configurations for all hosts"
          
-          git push -f origin deploy-comin-eval
-
-          # After success, reset deploy-comin to new deploy
-          git checkout -b deploy-comin 
-          git reset --hard deploy
-          git push -f origin deploy-comin
+          git push origin deploy-comin-eval
--- a/flake.lock
+++ b/flake.lock
@ -1,25 +1,12 @@
 {
  "nodes": {
    "catppuccin": {
-      "inputs": {
-        "catppuccin-v1_1": "catppuccin-v1_1",
-        "catppuccin-v1_2": "catppuccin-v1_2",
-        "home-manager": [
-          "home-manager"
-        ],
-        "home-manager-stable": "home-manager-stable",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": "nixpkgs-stable",
-        "nuscht-search": "nuscht-search"
-      },
      "locked": {
-        "lastModified": 1735263930,
-        "narHash": "sha256-vU7SkHINr+NqmZeFLA11plsaUfazKKpdEhI/oTJbK3Q=",
+        "lastModified": 1733001911,
+        "narHash": "sha256-uX/9m0TbdhEzuWA0muM5mI/AaWcLiDLjCCyu5Qr9MRk=",
        "owner": "catppuccin",
        "repo": "nix",
-        "rev": "a2e641bc6b17129d81d54019e14c9956784c69c6",
+        "rev": "a817009ebfd2cca7f70a77884e5098d0a8c83f8e",
        "type": "github"
      },
      "original": {
@ -28,38 +15,10 @@
        "type": "github"
      }
    },
-    "catppuccin-v1_1": {
-      "locked": {
-        "lastModified": 1734055249,
-        "narHash": "sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68=",
-        "rev": "7221d6ca17ac36ed20588e1c3a80177ac5843fa7",
-        "revCount": 326,
-        "type": "tarball",
-        "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz"
-      },
-      "original": {
-        "type": "tarball",
-        "url": "https://flakehub.com/f/catppuccin/nix/1.1.%2A.tar.gz"
-      }
-    },
-    "catppuccin-v1_2": {
-      "locked": {
-        "lastModified": 1734728407,
-        "narHash": "sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA=",
-        "rev": "23ee86dbf4ed347878115a78971d43025362fab1",
-        "revCount": 341,
-        "type": "tarball",
-        "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz"
-      },
-      "original": {
-        "type": "tarball",
-        "url": "https://flakehub.com/f/catppuccin/nix/1.2.%2A.tar.gz"
-      }
-    },
    "colmena": {
      "inputs": {
        "flake-compat": "flake-compat",
-        "flake-utils": "flake-utils_2",
+        "flake-utils": "flake-utils",
        "nix-github-actions": "nix-github-actions",
        "nixpkgs": [
          "nixpkgs"
@ -67,11 +26,11 @@
        "stable": "stable"
      },
      "locked": {
-        "lastModified": 1734897875,
-        "narHash": "sha256-LLpiqfOGBippRax9F33kSJ/Imt8gJXb6o0JwSBiNHCk=",
+        "lastModified": 1731527002,
+        "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=",
        "owner": "zhaofengli",
        "repo": "colmena",
-        "rev": "a6b51f5feae9bfb145daa37fd0220595acb7871e",
+        "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1",
        "type": "github"
      },
      "original": {
@ -80,26 +39,6 @@
        "type": "github"
      }
    },
-    "comin": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1734693645,
-        "narHash": "sha256-Vw3YpuQxwBse5JiTGBH5MSPmqXOXFI4ROs7IF3tRc7k=",
-        "owner": "xinyangli",
-        "repo": "comin",
-        "rev": "c8a66bbd129e88ad916cac59f1ad9f45d39b3190",
-        "type": "github"
-      },
-      "original": {
-        "owner": "xinyangli",
-        "repo": "comin",
-        "type": "github"
-      }
-    },
    "devshell": {
      "inputs": {
        "nixpkgs": [
@ -129,11 +68,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735048446,
-        "narHash": "sha256-Tc35Y8H+krA6rZeOIczsaGAtobSSBPqR32AfNTeHDRc=",
+        "lastModified": 1733168902,
+        "narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "3a4de9fa3a78ba7b7170dda6bd8b4cdab87c0b21",
+        "rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
        "type": "github"
      },
      "original": {
@ -250,6 +189,21 @@
      }
    },
    "flake-utils": {
+      "locked": {
+        "lastModified": 1659877975,
+        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
      "inputs": {
        "systems": "systems"
      },
@ -267,43 +221,10 @@
        "type": "github"
      }
    },
-    "flake-utils_2": {
-      "locked": {
-        "lastModified": 1659877975,
-        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
    "flake-utils_3": {
      "inputs": {
        "systems": "systems_2"
      },
-      "locked": {
-        "lastModified": 1731533236,
-        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_4": {
-      "inputs": {
-        "systems": "systems_3"
-      },
      "locked": {
        "lastModified": 1726560853,
        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
@ -381,11 +302,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735343815,
-        "narHash": "sha256-p7IJP/97zJda/wwCn1T2LJBz4olF5LjNf4uwhuyvARo=",
+        "lastModified": 1733754861,
+        "narHash": "sha256-3JKzIou54yjiMVmvgdJwopekEvZxX3JDT8DpKZs4oXY=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "b7a7cd5dd1a74a9fe86ed4e016f91c78483b527a",
+        "rev": "9ebaa80a227eaca9c87c53ed515ade013bc2bca9",
        "type": "github"
      },
      "original": {
@ -394,28 +315,6 @@
        "type": "github"
      }
    },
-    "home-manager-stable": {
-      "inputs": {
-        "nixpkgs": [
-          "catppuccin",
-          "nixpkgs-stable"
-        ]
-      },
-      "locked": {
-        "lastModified": 1734366194,
-        "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "release-24.11",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
    "home-manager_2": {
      "inputs": {
        "nixpkgs": [
@ -439,34 +338,6 @@
      }
    },
    "ixx": {
-      "inputs": {
-        "flake-utils": [
-          "catppuccin",
-          "nuscht-search",
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "catppuccin",
-          "nuscht-search",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1729958008,
-        "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
-        "owner": "NuschtOS",
-        "repo": "ixx",
-        "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NuschtOS",
-        "ref": "v0.0.6",
-        "repo": "ixx",
-        "type": "github"
-      }
-    },
-    "ixx_2": {
      "inputs": {
        "flake-utils": [
          "my-nixvim",
@ -505,11 +376,11 @@
        "nixvim": "nixvim"
      },
      "locked": {
-        "lastModified": 1735219902,
-        "narHash": "sha256-s1aI4l9e0OX861wHsvAPqz/s8B9ZTltAMJzPRXt5Kqo=",
+        "lastModified": 1732936640,
+        "narHash": "sha256-NcluA0L+ZV5MUj3UuQhlkGCj8KoEhX/ObWlMHZ/F/ac=",
        "ref": "refs/heads/master",
-        "rev": "4439691030d1a28f4ad49c542104e3f880f7c183",
-        "revCount": 25,
+        "rev": "a3709a89797ea094f82d38edeb4a538c07c8c3fa",
+        "revCount": 20,
        "type": "git",
        "url": "https://git.xiny.li/xin/nixvim"
      },
@ -568,11 +439,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735222882,
-        "narHash": "sha256-kWNi45/mRjQMG+UpaZQ7KyPavYrKfle3WgLn9YeBBVg=",
+        "lastModified": 1733629314,
+        "narHash": "sha256-U0vivjQFAwjNDYt49Krevs1murX9hKBFe2Ye0cHpgbU=",
        "owner": "Mic92",
        "repo": "nix-index-database",
-        "rev": "7e3246f6ad43b44bc1c16d580d7bf6467f971530",
+        "rev": "f1e477a7dd11e27e7f98b646349cd66bbabf2fb8",
        "type": "github"
      },
      "original": {
@ -592,11 +463,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735350281,
-        "narHash": "sha256-rNhcGVh6Xnc0DKWR5RTTD9OxucfAotd41LEuMCGz228=",
+        "lastModified": 1733795858,
+        "narHash": "sha256-K595Q2PrZv2iiumdBkwM2G456T2lKsLD71bn/fbJiQ0=",
        "owner": "nix-community",
        "repo": "nix-vscode-extensions",
-        "rev": "57719f14beefb91c5b58da26bb9cffbdb4f70bfa",
+        "rev": "66ced222ef9235f90dbdd754ede3d6476722aaa9",
        "type": "github"
      },
      "original": {
@ -607,11 +478,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1734954597,
-        "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=",
+        "lastModified": 1733481457,
+        "narHash": "sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "def1d472c832d77885f174089b0d34854b007198",
+        "rev": "e563803af3526852b6b1d77107a81908c66a9fcf",
        "type": "github"
      },
      "original": {
@ -651,27 +522,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1734600368,
-        "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-24.11",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-stable_2": {
-      "locked": {
-        "lastModified": 1735286948,
-        "narHash": "sha256-JMRV2RI58nV1UqLXqm+lcea1/dr92fYjWU5S+Rz3fmE=",
+        "lastModified": 1733730953,
+        "narHash": "sha256-dlK7n82FEyZlHH7BFHQAM5tua+lQO1Iv7aAtglc1O5s=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "31ac92f9628682b294026f0860e14587a09ffb4b",
+        "rev": "7109b680d161993918b0a126f38bc39763e5a709",
        "type": "github"
      },
      "original": {
@ -683,11 +538,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1734829510,
-        "narHash": "sha256-hb2GwIHunYTjo8d1zBfSC5v46IEY5UZWQdR5R1omvmE=",
+        "lastModified": 1733805440,
+        "narHash": "sha256-AQdCeGt3dMV9/cchlWGMcP0Z8qM47V+B0p7cSRr+HhA=",
        "owner": "xinyangli",
        "repo": "nixpkgs",
-        "rev": "2ad7f9f3c996dd9838a4f68941bcbeed2807b150",
+        "rev": "61b1078fca3a097ce06ada68a6f2766347eed02c",
        "type": "github"
      },
      "original": {
@ -699,11 +554,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1735291276,
-        "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=",
+        "lastModified": 1733581040,
+        "narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "634fd46801442d760e09493a794c4f15db2d0cbb",
+        "rev": "22c3f2cf41a0e70184334a958e6b124fb0ce3e01",
        "type": "github"
      },
      "original": {
@ -746,11 +601,11 @@
        "treefmt-nix": "treefmt-nix_2"
      },
      "locked": {
-        "lastModified": 1735337462,
-        "narHash": "sha256-B+PNIYtTmgnTV/wdA/qrYohmeBHaYrDwVAueODdvtlo=",
+        "lastModified": 1733805328,
+        "narHash": "sha256-5F49/mOzFb40uUZh71uNr7kBXjDCw5ZfHMbpZjjUVBQ=",
        "owner": "nix-community",
        "repo": "NUR",
-        "rev": "538f624930cdfb852e4e3dd055f79e932d5b3c16",
+        "rev": "b54fa3d8c020e077d88be036a12a711b84fe2031",
        "type": "github"
      },
      "original": {
@ -759,33 +614,10 @@
        "type": "github"
      }
    },
-    "nuscht-search": {
-      "inputs": {
-        "flake-utils": "flake-utils",
-        "ixx": "ixx",
-        "nixpkgs": [
-          "catppuccin",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733773348,
-        "narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=",
-        "owner": "NuschtOS",
-        "repo": "search",
-        "rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NuschtOS",
-        "repo": "search",
-        "type": "github"
-      }
-    },
    "nuschtosSearch": {
      "inputs": {
-        "flake-utils": "flake-utils_4",
-        "ixx": "ixx_2",
+        "flake-utils": "flake-utils_3",
+        "ixx": "ixx",
        "nixpkgs": [
          "my-nixvim",
          "nixvim",
@ -810,16 +642,15 @@
      "inputs": {
        "catppuccin": "catppuccin",
        "colmena": "colmena",
-        "comin": "comin",
        "disko": "disko",
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_2",
        "home-manager": "home-manager",
        "my-nixvim": "my-nixvim",
        "nix-index-database": "nix-index-database",
        "nix-vscode-extensions": "nix-vscode-extensions",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_2",
-        "nixpkgs-stable": "nixpkgs-stable_2",
+        "nixpkgs-stable": "nixpkgs-stable",
        "nur": "nur",
        "sops-nix": "sops-nix"
      }
@ -831,11 +662,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1734546875,
-        "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=",
+        "lastModified": 1733785344,
+        "narHash": "sha256-pm4cfEcPXripE36PYCl0A2Tu5ruwHEvTee+HzNk+SQE=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d",
+        "rev": "a80af8929781b5fe92ddb8ae52e9027fae780d2a",
        "type": "github"
      },
      "original": {
@ -890,21 +721,6 @@
        "type": "github"
      }
    },
-    "systems_3": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    },
    "treefmt-nix": {
      "inputs": {
        "nixpkgs": [
--- a/flake.nix
+++ b/flake.nix
@ -49,19 +49,12 @@

    catppuccin = {
      url = "github:catppuccin/nix";
-      inputs.nixpkgs.follows = "nixpkgs";
-      inputs.home-manager.follows = "home-manager";
    };

    disko = {
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-
-    comin = {
-      url = "github:xinyangli/comin";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
  };

  outputs =
@ -79,7 +72,6 @@
      colmena,
      nix-index-database,
      disko,
-      comin,
      ...
    }:
    let
@ -115,7 +107,6 @@
      sharedNixosModules = [
        self.nixosModules.default
        sops-nix.nixosModules.sops
-        comin.nixosModules.comin
      ];
      nodeNixosModules = {
        calcite = [
@ -336,6 +327,7 @@
            packages = with pkgs; [
              nix
              git
+              colmena.packages.${system}.colmena
              sops
              nix-output-monitor
              nil
--- a/garnix.yaml
+++ b/garnix.yaml
@ -1,19 +1,10 @@
 builds:
-  - include:
-      - '*.x86_64-linux.*'
-      - defaultPackage.x86_64-linux
-      - devShell.x86_64-linux
-      - homeConfigurations.x86_64-linux.*
-      - homeConfigurations.aarch64-linux.*
-      - darwinConfigurations.*
-      - nixosConfigurations.*
-    branch: deploy
-  - include:
-      - '*.x86_64-linux.*'
-      - defaultPackage.x86_64-linux
-      - devShell.x86_64-linux
-      - homeConfigurations.x86_64-linux.*
-      - homeConfigurations.aarch64-linux.*
-      - darwinConfigurations.*
-      - nixosConfigurations.*
-    branch: next
+  include:
+    - '*.x86_64-linux.*'
+    - defaultPackage.x86_64-linux
+    - devShell.x86_64-linux
+    - homeConfigurations.x86_64-linux.*
+    - homeConfigurations.aarch64-linux.*
+    - darwinConfigurations.*
+    - nixosConfigurations.*
+
--- a/home/default.nix
+++ b/home/default.nix
@ -1,6 +1,5 @@
 {
  xin = {
    calcite = import ./xin/calcite.nix;
-    gold = import ./xin/gold;
  };
 }
--- a/home/xin/calcite.nix
+++ b/home/xin/calcite.nix
@ -108,12 +108,10 @@ in

  xdg.systemDirs.data = [
    "/usr/share"
+    "/var/lib/flatpak/exports/share"
+    "${homeDirectory}/.local/share/flatpak/exports/share"
  ];

-  xdg.configFile."distrobox/distrobox.conf".text = ''
-    container_additional_volumes="/nix/store:/nix/store:ro /etc/profiles/per-user:/etc/profiles/per-user:ro"
-  '';
-
  programs.man.generateCaches = false;

  programs.atuin = {
--- a/home/xin/raspite/default.nix
+++ b/home/xin/raspite/default.nix
@ -0,0 +1,25 @@
+{ config, pkgs, ... }:
+{
+  imports = [ ../common ];
+
+  home.username = "xin";
+  home.homeDirectory = "/home/xin";
+  home.stateVersion = "23.05";
+
+  # Let Home Manager install and manage itself.
+  programs.home-manager.enable = true;
+
+  accounts.email.accounts.gmail = {
+    primary = true;
+    address = "lixinyang411@gmail.com";
+    flavor = "gmail.com";
+  };
+
+  accounts.email.accounts.whu = {
+    address = "lixinyang411@whu.edu.cn";
+  };
+
+  accounts.email.accounts.foxmail = {
+    address = "lixinyang411@foxmail.com";
+  };
+}
--- a/machines/calcite/configuration.nix
+++ b/machines/calcite/configuration.nix
@ -20,7 +20,6 @@ in
    nix = {
      signing.enable = true;
    };
-    comin.enable = true;
  };

  # Bootloader.
@ -152,18 +151,11 @@ in
  services.keyd = {
    enable = true;
    keyboards = {
-      default = {
-        ids = [ "*" ];
-        settings = {
-          main = {
-            capslock = "overload(control, esc)";
-          };
-        };
-      };
      "internal" = {
        ids = [ "0b05:1866" ];
        settings = {
          main = {
+            capslock = "overload(control, esc)";
            leftcontrol = "capslock";
          };
        };
@ -177,6 +169,17 @@ in
          };
        };
      };
+      "keydous" = {
+        ids = [
+          "25a7:fa14"
+          "3151:4002"
+        ];
+        settings = {
+          main = {
+            capslock = "overload(control, esc)";
+          };
+        };
+      };
    };
  };

@ -298,7 +301,6 @@ in
    zotero
    # onlyoffice-bin

-    # wemeet
    wemeet

    virt-manager
--- a/machines/dolomite/common.nix
+++ b/machines/dolomite/common.nix
@ -37,7 +37,6 @@

    commonSettings = {
      auth.enable = true;
-      comin.enable = true;
      proxyServer = {
        enable = true;
        users = [
--- a/machines/thorite/default.nix
+++ b/machines/thorite/default.nix
@ -37,7 +37,6 @@

    commonSettings = {
      auth.enable = true;
-      comin.enable = true;
    };

    nixpkgs.system = "x86_64-linux";
--- a/machines/thorite/monitoring.nix
+++ b/machines/thorite/monitoring.nix
@ -12,7 +12,6 @@ let
    hedgedocDomain
    grafanaUrl
    ntfyUrl
-    internalDomain
    ;
  removeHttps = s: lib.removePrefix "https://" s;
 in
@ -59,22 +58,7 @@ in
        node.enable = true;
      };
      ruleModules =
-        [
-          {
-            name = "comin_rules";
-            rules = [
-              {
-                alert = "CominBuildFailed";
-                expr = "comin_build_info != 1";
-                for = "1m";
-                labels = {
-                  severity = "critical";
-                };
-              }
-            ];
-          }
-        ]
-        ++ (mkCaddyRules [ { host = "thorite"; } ])
+        (mkCaddyRules [ { host = "thorite"; } ])
        ++ (mkNodeRules [ { host = "thorite"; } ])
        ++ (mkBlackboxRules [ { host = "thorite"; } ]);
    };
@ -97,24 +81,7 @@ in
        ];
        passwordFile = config.sops.secrets."prometheus/metrics_password".path;
      in
-      [
-        {
-          job_name = "comin";
-          scheme = "http";
-          static_configs = [
-            {
-              targets = map (host: "${host}.${internalDomain}:4243") [
-                "weilite"
-                "thorite"
-                "la-00"
-                "hk-00"
-                "fra-00"
-              ];
-            }
-          ];
-        }
-      ]
-      ++ (mkScrapes [
+      (mkScrapes [
        {
          name = "immich";
          scheme = "http";
--- a/machines/weilite/default.nix
+++ b/machines/weilite/default.nix
@ -12,13 +12,6 @@
    ./services
  ];

-  options = {
-    node = lib.mkOption {
-      type = lib.types.attrs;
-      default = { };
-    };
-  };
-
  config = {
    networking.hostName = "weilite";
    commonSettings = {
@ -26,10 +19,6 @@
      nix = {
        enable = true;
      };
-      comin.enable = true;
-    };
-    node = {
-      mediaDir = "/mnt/nixos/media";
    };

    boot = {
@ -44,19 +33,12 @@
        "usb_storage"
        "sd_mod"
      ];
-      kernelModules = [
-        "kvm-intel"
-      ];
-      kernelPackages = pkgs.linuxPackages_6_12;
+      kernelModules = [ "kvm-intel" ];
    };

    nixpkgs.config.allowUnfree = true;

-    environment.systemPackages = [
-      pkgs.virtiofsd
-      pkgs.intel-gpu-tools
-      pkgs.pciutils
-    ];
+    environment.systemPackages = [ pkgs.virtiofsd ];

    sops = {
      defaultSopsFile = ./secrets.yaml;
@ -106,46 +88,21 @@
        wantedBy = [ "immich-server.service" ];
      }
      {
-        what = "nixos";
-        where = "/mnt/nixos";
+        what = "restic";
+        where = "/var/lib/restic";
        type = "virtiofs";
        options = "rw,nodev,nosuid";
-      }
-
-      {
-        what = "/mnt/nixos/ocis";
-        where = "/var/lib/ocis";
-        options = "bind";
-        after = [ "mnt-nixos.mount" ];
-        wantedBy = [ "ocis.service" ];
-      }
-      {
-        what = "/mnt/nixos/restic";
-        where = "/var/lib/restic";
-        options = "bind";
-        after = [ "mnt-nixos.mount" ];
        wantedBy = [ "restic-rest-server.service" ];
      }
      {
-        what = "/mnt/nixos/immich";
-        where = "/var/lib/immich";
-        options = "bind";
-        after = [ "mnt-nixos.mount" ];
-        wantedBy = [ "immich-server.service" ];
+        what = "ocis";
+        where = "/var/lib/ocis";
+        type = "virtiofs";
+        options = "rw,nodev,nosuid";
+        wantedBy = [ "ocis.service" ];
      }
    ];

-    hardware.graphics = {
-      enable = true;
-      extraPackages = with pkgs; [
-        intel-media-driver
-        intel-vaapi-driver
-        vaapiVdpau
-        intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
-        intel-media-sdk # QSV up to 11th gen
-      ];
-    };
-
    services.openssh.ports = [
      22
      2222
--- a/machines/weilite/secrets.yaml
+++ b/machines/weilite/secrets.yaml
@ -4,8 +4,6 @@ immich:
    oauth_client_secret: ENC[AES256_GCM,data:EFs2hPjGMj0idwY3oQVIDTOIWkdwoAoAVjDQE9Z2eAKzUDH3grmYpYE+33V8d/Ux,iv:A9cjwFr/ZqltG62/N8MQ1LhdDbSIVVAqIPVB492zYJw=,tag:VTTtE697BZTVsI32UF53/w==,type:str]
 restic:
    localpass: ENC[AES256_GCM,data:GIQAmkpDmGu4+sSG5/b5yQ==,iv:dcu6F8NnVjeQzEG2vM3fOV5owI0PWc86ts20UP3vN18=,tag:vsG8x062FG1pH5YNcAajeg==,type:str]
-transmission:
-    rpc-password: ENC[AES256_GCM,data:4dumy0hygGOuwU3ANky3xEKRDRBAJWE=,iv:HVV2J+F8HndHZNsMD2YmkWrJOzk5JIapGd0SuQP8VqU=,tag:xqp5pxh5cYYogA4alrmIfg==,type:str]
 sops:
    kms: []
    gcp_kms: []
@ -30,8 +28,8 @@ sops:
            V0thRjU4WGpQRGFpcnoxSjZTZHhTTkUKzNMHh9p7GUY3hL5XZ9S4x20CwaItsXFV
            RKujsFVVBd8Kuq/jyOCBTRCscuHI4LW/wYeZYHFEZFSTK2liAqspgw==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-12-25T00:35:15Z"
-    mac: ENC[AES256_GCM,data:sk4DL+w740RD9A3sPvcGD4fc90Nfw9C8dH11ScGRgt6gS3v4V16pD0Q/bHHZiUCll76phZKjp+sGcZaPw0X7RDlK582WY3uw0pLtqLlm0gejjmvBJYKg47nA0dCD+vDvbMkJlvJG6N3sRuXDBa/7bAe452eXZNS8Xnm7ceDscVc=,iv:Nx4yCfG9rNk0q8akuI1aZr6Wj4GIAxASE8Tc7TH4Vj8=,tag:GodvlMbhIPpPu062spKFxA==,type:str]
+    lastmodified: "2024-12-03T05:59:51Z"
+    mac: ENC[AES256_GCM,data:0dLbfkm7fJvH5Mmct0/qHulg2AtDCeeeOgWMXfeGRUaX3GlLDiLga0zW4uNPDuahVecdh6ofvYfBOxFaGUdBCHk9vq5GzrwrzBNhqObWQ3AqVuq5rjqSxEKoFM4Eb5qoqaOefFzT/9qC94NDETTsHhjiEeIgd4fgSr2dazNiFPE=,iv:Ggw0FHzkrhKh5Uzo3seHGwwHsWW/tTAgAl0iIq9PVk4=,tag:rJvUI5/wsLJ01XyKmkRghw==,type:str]
    pgp: []
    unencrypted_suffix: _unencrypted
-    version: 3.9.2
+    version: 3.9.1
--- a/machines/weilite/services/default.nix
+++ b/machines/weilite/services/default.nix
@ -4,7 +4,5 @@
    ./restic.nix
    ./media-download.nix
    ./immich.nix
-    ./jellyfin.nix
-    ./transmission.nix
  ];
 }
--- a/machines/weilite/services/immich.nix
+++ b/machines/weilite/services/immich.nix
@ -46,6 +46,7 @@ in

    services.immich = {
      enable = true;
+      mediaLocation = "/mnt/XinPhotos/immich";
      host = "127.0.0.1";
      port = 3001;
      openFirewall = true;
--- a/machines/weilite/services/jellyfin.nix
+++ b/machines/weilite/services/jellyfin.nix
@ -1,25 +0,0 @@
-{ config, pkgs, ... }:
-let
-  cfg = config.services.jellyfin;
-in
-{
-  services.jellyfin.enable = true;
-
-  systemd.services.jellyfin.serviceConfig = {
-    BindReadOnlyPaths = [
-      "/mnt/nixos/media:${cfg.dataDir}/media"
-    ];
-  };
-
-  environment.systemPackages = with pkgs; [
-    jellyfin
-    jellyfin-web
-    jellyfin-ffmpeg
-  ];
-  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = ''
-    reverse_proxy 127.0.0.1:8096
-  '';
-  networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
-  users.users.jellyfin.extraGroups = [ "render" ];
-  users.groups.media.members = [ cfg.user ];
-}
--- a/machines/weilite/services/media-download.nix
+++ b/machines/weilite/services/media-download.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ pkgs, ... }:
 {
  services.jackett = {
    enable = true;
@ -27,9 +27,4 @@
  services.radarr = {
    enable = true;
  };
-
-  users.groups.media.members = [
-    config.services.sonarr.user
-    config.services.radarr.user
-  ];
 }
--- a/machines/weilite/services/transmission.nix
+++ b/machines/weilite/services/transmission.nix
@ -1,69 +0,0 @@
-{ config, pkgs, ... }:
-let
-  cfg = config.services.transmission;
-in
-{
-  sops.secrets = {
-    "transmission/rpc-password" = { };
-  };
-
-  sops.templates."transmission-cred.json" = {
-    content = builtins.toJSON {
-      rpc-password = config.sops.placeholder."transmission/rpc-password";
-    };
-  };
-
-  services.transmission = {
-    enable = true;
-    package = pkgs.transmission_4;
-    openPeerPorts = true;
-    credentialsFile = config.sops.templates."transmission-cred.json".path;
-    settings = {
-      download-dir = "/mnt/nixos/media";
-      incomplete-dir = "/mnt/nixos/transmission/incomplete";
-      alt-speed-down = 40960;
-      alt-speed-enabled = true;
-      alt-speed-time-begin = 60;
-      alt-speed-time-day = 127;
-      alt-speed-time-enabled = true;
-      alt-speed-time-end = 420;
-      alt-speed-up = 4096;
-      bind-address-ipv4 = "0.0.0.0";
-      bind-address-ipv6 = "::";
-      download-queue-enabled = true;
-      download-queue-size = 10;
-      incomplete-dir-enabled = true;
-      lpd-enabled = false;
-      message-level = 4;
-      peer-congestion-algorithm = "";
-      peer-id-ttl-hours = 6;
-      peer-limit-global = 200;
-      peer-limit-per-torrent = 50;
-      peer-port = 51413;
-      peer-socket-tos = "cs1";
-      pex-enabled = true;
-      preallocation = 1;
-      prefetch-enabled = true;
-      queue-stalled-enabled = true;
-      queue-stalled-minutes = 30;
-      rename-partial-files = true;
-      rpc-bind-address = "127.0.0.1";
-      rpc-enabled = true;
-      rpc-authentication-required = true;
-      rpc-port = 9092;
-      rpc-username = "xin";
-      rpc-whitelist = "127.0.0.1";
-      speed-limit-down = 20480;
-      speed-limit-down-enabled = true;
-      speed-limit-up = 3072;
-      speed-limit-up-enabled = true;
-      start-added-torrents = true;
-      watch-dir-enabled = false;
-    };
-  };
-  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:9091".extraConfig = ''
-    reverse_proxy 127.0.0.1:${toString cfg.settings.rpc-port}
-  '';
-  networking.firewall.allowedTCPPorts = [ 9091 ]; # allow on lan
-  users.groups.media.members = [ cfg.user ];
-}
--- a/modules/home-manager/gui/themes.nix
+++ b/modules/home-manager/gui/themes.nix
@ -13,10 +13,6 @@
        name = "Catppuccin-GTK-Dark";
        package = pkgs.magnetic-catppuccin-gtk;
      };
-      iconTheme = {
-        name = "Qogir";
-        package = pkgs.qogir-icon-theme;
-      };
      gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc";
    };
  };
--- a/modules/home-manager/gui/waybar.nix
+++ b/modules/home-manager/gui/waybar.nix
@ -44,6 +44,8 @@ in
          modules-right = [
            "network#speed"
            "custom/separator"
+            "network#if"
+            "custom/separator"
            "pulseaudio"
            "custom/separator"
            "memory"
@ -119,6 +121,22 @@ in
            format = "  {percentage}%";
          };

+          "network#if" = {
+            format = "{ifname}";
+            format-disconnected = "󰌙";
+            format-ethernet = "󰌘";
+            format-linked = "{ifname} (No IP)  󰈁";
+            format-wifi = "{icon}";
+            format-icons = [
+              "󰤯"
+              "󰤟"
+              "󰤢"
+              "󰤥"
+              "󰤨"
+            ];
+            interval = 10;
+          };
+
          "network#speed" = {
            format = "{ifname}";
            format-disconnected = "󰌙";
--- a/modules/nixos/common-settings/comin.nix
+++ b/modules/nixos/common-settings/comin.nix
@ -1,32 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}:
-let
-  inherit (lib)
-    mkEnableOption
-    mkIf
-    ;
-
-  cfg = config.commonSettings.comin;
-in
-{
-  options.commonSettings.comin = {
-    enable = mkEnableOption "auto updater with comin";
-  };
-
-  config = {
-    services.comin = mkIf cfg.enable {
-      enable = true;
-      remotes = [
-        {
-          name = "origin";
-          url = "https://github.com/xinyangli/nixos-config.git";
-          branches.main.name = "deploy-comin";
-        }
-      ];
-      hostname = config.networking.hostName;
-    };
-  };
-}
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -2,7 +2,6 @@
  imports = [
    ./common-settings/auth.nix
    ./common-settings/autoupgrade.nix
-    ./common-settings/comin.nix
    ./common-settings/nix-conf.nix
    ./common-settings/proxy-server.nix
    ./common-settings/mainland.nix
--- a/modules/nixos/monitor/exporters.nix
+++ b/modules/nixos/monitor/exporters.nix
@ -11,7 +11,7 @@ let
 in
 {
  config = {
-    systemd.services.tailscaled.before =
+    systemd.services.tailscaled.after =
      (lib.optional cfg.node.enable "prometheus-node-exporters.service")
      ++ (lib.optional cfg.blackbox.enable "prometheus-blackbox-exporters.service")
      ++ (lib.optional config.services.caddy.enable "caddy.service");
--- a/overlays/my-lib/settings.nix
+++ b/overlays/my-lib/settings.nix
@ -16,7 +16,5 @@
    prometheusCollectors = [
      "thorite.coho-tet.ts.net"
    ];
-
-    internalDomain = "coho-tet.ts.net";
  };
 }