diff --git a/configs/users/eliribble/pi/AGENTS.md b/configs/users/eliribble/pi/AGENTS.md deleted file mode 100644 index ec4c80b..0000000 --- a/configs/users/eliribble/pi/AGENTS.md +++ /dev/null @@ -1,11 +0,0 @@ -# For agents - -We're working together on building something. We're experts. We don't need to sugar-coat things. Prefer terseness over flowery language. Prefer facts over encouragement. Explain when asked, correct when wrong, but err on the side of trusting the other people to push for clarification. - -## Environment - -Everything happens on NixOS where we live. We are a NixOS-only shop. If you're thinking in terms of generic Linux, that's fine, it mostly applies, but if you're thinking in Debian, Fedora, or even Arch, you might as well translate. We're using flakes in NixOS, and the new-style nix command. - -## Mood - -Occasional sardonic points and passive-aggressive ribbing is worth bonus points. diff --git a/flake.lock b/flake.lock index cb46215..95a2aaf 100644 --- a/flake.lock +++ b/flake.lock @@ -63,65 +63,6 @@ "type": "github" } }, - "blueprint": { - "inputs": { - "nixpkgs": [ - "llm-agents", - "nixpkgs" - ], - "systems": [ - "llm-agents", - "systems" - ] - }, - "locked": { - "lastModified": 1776249299, - "narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=", - "owner": "numtide", - "repo": "blueprint", - "rev": "56131e8628f173d24a27f6d27c0215eff57e40dd", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "blueprint", - "type": "github" - } - }, - "bun2nix": { - "inputs": { - "flake-parts": [ - "llm-agents", - "flake-parts" - ], - "nixpkgs": [ - "llm-agents", - "nixpkgs" - ], - "systems": [ - "llm-agents", - "systems" - ], - "treefmt-nix": [ - "llm-agents", - "treefmt-nix" - ] - }, - "locked": { - "lastModified": 1777369708, - "narHash": "sha256-1xW7cRZNsFNPQD+cE0fwnLVStnDth0HSoASEIFeT7uI=", - "owner": "nix-community", - "repo": "bun2nix", - "rev": "e659e1cc4b8e1b21d0aa85f1c481f9db61ecfa98", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "staging-2.1.0", - "repo": "bun2nix", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -197,27 +138,6 @@ } }, "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "llm-agents", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1777988971, - "narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": [ "nixvim", @@ -279,7 +199,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_4" + "systems": "systems_3" }, "locked": { "lastModified": 1731533236, @@ -297,7 +217,7 @@ }, "flake-utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_4" }, "locked": { "lastModified": 1731533236, @@ -315,7 +235,7 @@ }, "flake-utils_5": { "inputs": { - "systems": "systems_6" + "systems": "systems_5" }, "locked": { "lastModified": 1731533236, @@ -380,29 +300,6 @@ "type": "github" } }, - "llm-agents": { - "inputs": { - "blueprint": "blueprint", - "bun2nix": "bun2nix", - "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_2", - "systems": "systems_3", - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1778276681, - "narHash": "sha256-8rXO94K3Ic6GnV7Ln2tjoeXFR7dCLsNKlPI7iFuPEfs=", - "owner": "numtide", - "repo": "llm-agents.nix", - "rev": "14a8ef979265f7795800842ea178cfef844ede47", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "llm-agents.nix", - "type": "github" - } - }, "napalm": { "inputs": { "flake-utils": [ @@ -432,7 +329,7 @@ "nidus-sync": { "inputs": { "flake-utils": "flake-utils_3", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "proj": "proj" }, "locked": { @@ -496,39 +393,7 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1777954456, - "narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_2": { - "locked": { - "lastModified": 1778124196, - "narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "68a8af93ff4297686cb68880845e61e5e2e41d92", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1772465433, "narHash": "sha256-ywy9troNEfpgh0Ee+zaV1UTgU8kYBVKtvPSxh6clYGU=", @@ -544,7 +409,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1772542754, "narHash": "sha256-WGV2hy+VIeQsYXpsLjdr4GvHv5eECMISX1zKLTedhdg=", @@ -560,7 +425,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1776734388, "narHash": "sha256-vl3dkhlE5gzsItuHoEMVe+DlonsK+0836LIRDnm6MXQ=", @@ -576,7 +441,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1775888245, "narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=", @@ -592,7 +457,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1758763312, "narHash": "sha256-puBMviZhYlqOdUUgEmMVJpXqC/ToEqSvkyZ30qQ09xM=", @@ -608,12 +473,12 @@ }, "nixvim": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_2", "nixpkgs": [ "nixpkgs" ], "nuschtosSearch": "nuschtosSearch", - "systems": "systems_7" + "systems": "systems_6" }, "locked": { "lastModified": 1769049374, @@ -656,7 +521,7 @@ "proj": { "inputs": { "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1772585816, @@ -749,11 +614,9 @@ "disko": "disko", "fieldseeker-sync": "fieldseeker-sync", "home-manager": "home-manager", - "llm-agents": "llm-agents", "nidus-sync": "nidus-sync", "nixos-facter-modules": "nixos-facter-modules", - "nixpkgs": "nixpkgs_5", - "nixpkgs-unstable": "nixpkgs-unstable", + "nixpkgs": "nixpkgs_4", "nixvim": "nixvim", "sops-nix": "sops-nix", "timecard-bot": "timecard-bot" @@ -761,7 +624,7 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_5" }, "locked": { "lastModified": 1776771786, @@ -867,24 +730,9 @@ "type": "github" } }, - "systems_7": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "timecard-bot": { "inputs": { - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_6", "pyproject-nix": "pyproject-nix_2" }, "locked": { @@ -902,27 +750,6 @@ "type": "github" } }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "llm-agents", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1775636079, - "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "uv2nix": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index bc91ff6..bece9ac 100644 --- a/flake.nix +++ b/flake.nix @@ -20,7 +20,6 @@ url = "github:nix-community/home-manager/release-25.11"; inputs.nixpkgs.follows = "nixpkgs"; }; - llm-agents.url = "github:numtide/llm-agents.nix"; nidus-sync = { type = "github"; owner = "Gleipnir-Technology"; @@ -29,7 +28,6 @@ }; nixos-facter-modules.url = "github:numtide/nixos-facter-modules"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; - nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixvim = { url = "github:nix-community/nixvim/nixos-25.11"; inputs.nixpkgs.follows = "nixpkgs"; @@ -38,44 +36,48 @@ timecard-bot.url = "github:Gleipnir-Technology/timecard-bot?rev=8c81b6683f97aa2712323836e629adf102be58ac"; }; - outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, ... }: { - nixosConfigurations = { - "nocix-amd-legacy-octacore" = import ./system.nix { - inherit inputs; - configuration = ./host/nocix/amd-legacy-octacore; - nixpkgs = nixpkgs; - roles = [ - ./roles/corp.nix - ]; - system = "x86_64-linux"; + outputs = inputs@{ self, disko, home-manager, nixpkgs, nixvim, sops-nix, timecard-bot, ...}: + let + configFiles = pkgs.stdenv.mkDerivation { + installPhase = '' + mkdir -p $out + cp -r * $out/ + ''; + name = "config-files"; + src = ./configs; }; - "nocix-amd-legacy-quadcore" = import ./system.nix { - inherit inputs; - configuration = ./host/nocix/amd-legacy-quadcore; - nixpkgs = nixpkgs; - roles = [ - ./roles/nidus-sync.nix - ]; - system = "x86_64-linux"; - }; - "nocix-amd-legacy-quadcore-292465" = import ./system.nix { - inherit inputs; - configuration = ./host/nocix/amd-legacy-quadcore-292465; - nixpkgs = nixpkgs-unstable; - roles = [ ./roles/llm.nix ]; - system = "x86_64-linux"; - }; - "nocix-amd-legacy-sexcore" = import ./system.nix { - inherit inputs; - configuration = ./host/nocix/amd-legacy-sexcore; - nixpkgs = nixpkgs; - roles = [ - ./roles/nidus-marketing.nix - ./roles/nidus-sync.nix - ./roles/sovr.nix - ]; - system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + system = "x86_64-linux"; + in { + nixosConfigurations = { + "nocix-amd-legacy-octacore" = import ./system.nix { + configuration = ./host/nocix/amd-legacy-octacore; + roles = [ + ./roles/corp.nix + ]; + inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot; + }; + "nocix-amd-legacy-quadcore" = import ./system.nix { + configuration = ./host/nocix/amd-legacy-quadcore; + roles = [ + ./roles/nidus-sync.nix + ]; + inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot; + }; + "nocix-amd-legacy-quadcore-292465" = import ./system.nix { + configuration = ./host/nocix/amd-legacy-quadcore-292465; + roles = [ ]; + inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot; + }; + "nocix-amd-legacy-sexcore" = import ./system.nix { + configuration = ./host/nocix/amd-legacy-sexcore; + roles = [ + ./roles/nidus-marketing.nix + ./roles/nidus-sync.nix + ./roles/sovr.nix + ]; + inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot; + }; }; }; - }; } diff --git a/home/eliribble/config/tmux/tmux.conf b/home/eliribble/config/tmux/tmux.conf index 59626ce..678d927 100644 --- a/home/eliribble/config/tmux/tmux.conf +++ b/home/eliribble/config/tmux/tmux.conf @@ -20,7 +20,3 @@ set-window-option -g bell-action other set -g window-status-style bg=yellow set -g window-status-current-style bg=red,fg=white -# Set up modifier keys so that Shift+Enter and Ctrl+Enter are distinguishable -# based on https://github.com/earendil-works/pi/blob/main/packages/coding-agent/docs/tmux.md -set -g extended-keys on -set -g extended-keys-format csi-u diff --git a/host/nocix/amd-legacy-quadcore-292465/disk-config.nix b/host/nocix/amd-legacy-quadcore-292465/disk-config.nix index a59ea6e..1bfa8b4 100644 --- a/host/nocix/amd-legacy-quadcore-292465/disk-config.nix +++ b/host/nocix/amd-legacy-quadcore-292465/disk-config.nix @@ -35,8 +35,9 @@ }; }; }; + /* data = { - device = "/dev/disk/by-id/ata-Hitachi_HUA722020ALA331_B9HMU2WF"; + device = "/dev/sdb"; type = "disk"; content = { type = "gpt"; @@ -55,6 +56,7 @@ }; }; }; + */ }; lvm_vg = { pool = { diff --git a/llm/flake.lock b/llm/flake.lock new file mode 100644 index 0000000..041cbaf --- /dev/null +++ b/llm/flake.lock @@ -0,0 +1,672 @@ +{ + "nodes": { + "authentik-go": { + "flake": false, + "locked": { + "lastModified": 1771856219, + "narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=", + "owner": "goauthentik", + "repo": "client-go", + "rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d", + "type": "github" + }, + "original": { + "owner": "goauthentik", + "repo": "client-go", + "type": "github" + } + }, + "authentik-nix": { + "inputs": { + "authentik-go": "authentik-go", + "authentik-src": "authentik-src", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "flake-utils": "flake-utils", + "napalm": "napalm", + "nixpkgs": [ + "nixpkgs" + ], + "pyproject-build-systems": "pyproject-build-systems", + "pyproject-nix": "pyproject-nix", + "systems": "systems", + "uv2nix": "uv2nix" + }, + "locked": { + "lastModified": 1776085803, + "narHash": "sha256-JvvWVbXJYSY8qOReMbAOD4lxcN2cjKV6lg/jLz8CEuY=", + "owner": "nix-community", + "repo": "authentik-nix", + "rev": "4370b561c8bafb59773ce3a518506bcf1161dbdb", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "authentik-nix", + "type": "github" + } + }, + "authentik-src": { + "flake": false, + "locked": { + "lastModified": 1775573258, + "narHash": "sha256-Xq7JGI/8ppIydIuWd9KRJKUrh7UpeniwvZ4NAtXbYJ4=", + "owner": "goauthentik", + "repo": "authentik", + "rev": "5249546862986202b901c2afd860992ec48c6ef6", + "type": "github" + }, + "original": { + "owner": "goauthentik", + "ref": "version/2026.2.2", + "repo": "authentik", + "type": "github" + } + }, + "blueprint": { + "inputs": { + "nixpkgs": [ + "llm-agents", + "nixpkgs" + ], + "systems": [ + "llm-agents", + "systems" + ] + }, + "locked": { + "lastModified": 1776249299, + "narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=", + "owner": "numtide", + "repo": "blueprint", + "rev": "56131e8628f173d24a27f6d27c0215eff57e40dd", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "blueprint", + "type": "github" + } + }, + "bun2nix": { + "inputs": { + "flake-parts": [ + "llm-agents", + "flake-parts" + ], + "nixpkgs": [ + "llm-agents", + "nixpkgs" + ], + "systems": [ + "llm-agents", + "systems" + ], + "treefmt-nix": [ + "llm-agents", + "treefmt-nix" + ] + }, + "locked": { + "lastModified": 1777369708, + "narHash": "sha256-1xW7cRZNsFNPQD+cE0fwnLVStnDth0HSoASEIFeT7uI=", + "owner": "nix-community", + "repo": "bun2nix", + "rev": "e659e1cc4b8e1b21d0aa85f1c481f9db61ecfa98", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "staging-2.1.0", + "repo": "bun2nix", + "type": "github" + } + }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1777713215, + "narHash": "sha256-8GzXDOXckDWwST8TY5DbwYFjdvQLlP7K9CLSVx6iTTo=", + "owner": "nix-community", + "repo": "disko", + "rev": "63b4e7e6cf75307c1d26ac3762b886b5b0247267", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1767039857, + "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "llm-agents", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1777988971, + "narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": [ + "nixvim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1768135262, + "narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": [ + "authentik-nix", + "systems" + ] + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1777851538, + "narHash": "sha256-Gp8qwTEYNoy2yvmErVGlvLOQvrtEECCAKbonW7VJef8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "cc09c0f9b7eaa95c2d9827338a5eb03d32505ca5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, + "ixx": { + "inputs": { + "flake-utils": [ + "nixvim", + "nuschtosSearch", + "flake-utils" + ], + "nixpkgs": [ + "nixvim", + "nuschtosSearch", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1754860581, + "narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=", + "owner": "NuschtOS", + "repo": "ixx", + "rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "ref": "v0.1.1", + "repo": "ixx", + "type": "github" + } + }, + "llm-agents": { + "inputs": { + "blueprint": "blueprint", + "bun2nix": "bun2nix", + "flake-parts": "flake-parts_2", + "nixpkgs": "nixpkgs", + "systems": "systems_2", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1778219255, + "narHash": "sha256-fAJUly400K2SoP75LaZ7x1fhwau2BxI7XBY4UgFXm6A=", + "owner": "numtide", + "repo": "llm-agents.nix", + "rev": "8dc08cc44249bacfabaf4e25e223ec9d1e7d677b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "llm-agents.nix", + "type": "github" + } + }, + "napalm": { + "inputs": { + "flake-utils": [ + "authentik-nix", + "flake-utils" + ], + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1725806412, + "narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=", + "owner": "willibutz", + "repo": "napalm", + "rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5", + "type": "github" + }, + "original": { + "owner": "willibutz", + "ref": "avoid-foldl-stack-overflow", + "repo": "napalm", + "type": "github" + } + }, + "nixos-facter-modules": { + "locked": { + "lastModified": 1773858690, + "narHash": "sha256-oW0/lC0oRG5H5LaK6Rmh9L1wmkn9TbenM4bXwnIEDKA=", + "owner": "numtide", + "repo": "nixos-facter-modules", + "rev": "139dcef4dfc97009629c445806f197883351ab4a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nixos-facter-modules", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1778124196, + "narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "68a8af93ff4297686cb68880845e61e5e2e41d92", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1769909678, + "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "72716169fe93074c333e8d0173151350670b824c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1777954456, + "narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1775888245, + "narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "13043924aaa7375ce482ebe2494338e058282925", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixvim": { + "inputs": { + "flake-parts": "flake-parts_3", + "nixpkgs": [ + "nixpkgs" + ], + "nuschtosSearch": "nuschtosSearch", + "systems": "systems_4" + }, + "locked": { + "lastModified": 1769049374, + "narHash": "sha256-h0Os2qqNyycDY1FyZgtbn28VF1ySP74/n0f+LDd8j+w=", + "owner": "nix-community", + "repo": "nixvim", + "rev": "b8f76bf5751835647538ef8784e4e6ee8deb8f95", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "nixos-25.11", + "repo": "nixvim", + "type": "github" + } + }, + "nuschtosSearch": { + "inputs": { + "flake-utils": "flake-utils_2", + "ixx": "ixx", + "nixpkgs": [ + "nixvim", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1768249818, + "narHash": "sha256-ANfn5OqIxq3HONPIXZ6zuI5sLzX1sS+2qcf/Pa0kQEc=", + "owner": "NuschtOS", + "repo": "search", + "rev": "b6f77b88e9009bfde28e2130e218e5123dc66796", + "type": "github" + }, + "original": { + "owner": "NuschtOS", + "repo": "search", + "type": "github" + } + }, + "pyproject-build-systems": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" + ], + "uv2nix": [ + "authentik-nix", + "uv2nix" + ] + }, + "locked": { + "lastModified": 1771423342, + "narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "rev": "04e9c186e01f0830dad3739088070e4c551191a4", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "type": "github" + } + }, + "pyproject-nix": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1771518446, + "narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=", + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "authentik-nix": "authentik-nix", + "disko": "disko", + "home-manager": "home-manager", + "llm-agents": "llm-agents", + "nixos-facter-modules": "nixos-facter-modules", + "nixpkgs": "nixpkgs_2", + "nixvim": "nixvim", + "sops-nix": "sops-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1777944972, + "narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "c591bf665727040c6cc5cb409079acb22dcce33c", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "llm-agents", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1775636079, + "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "uv2nix": { + "inputs": { + "nixpkgs": [ + "authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "authentik-nix", + "pyproject-nix" + ] + }, + "locked": { + "lastModified": 1772187362, + "narHash": "sha256-gCojeIlQ/rfWMe3adif3akyHsT95wiMkLURpxTeqmPc=", + "owner": "pyproject-nix", + "repo": "uv2nix", + "rev": "abe65de114300de41614002fe9dce2152ac2ac23", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "uv2nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/llm/flake.nix b/llm/flake.nix new file mode 100644 index 0000000..8b7f86a --- /dev/null +++ b/llm/flake.nix @@ -0,0 +1,48 @@ +{ + description = "Multi-host NixOS configuration"; + + inputs = { + authentik-nix = { + inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/authentik-nix"; + }; + disko = { + inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/disko"; + }; + home-manager = { + url = "github:nix-community/home-manager/release-25.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + llm-agents.url = "github:numtide/llm-agents.nix"; + nixos-facter-modules.url = "github:numtide/nixos-facter-modules"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixvim = { + url = "github:nix-community/nixvim/nixos-25.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix.url = "github:Mic92/sops-nix"; + }; + + outputs = inputs@{ self, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}: + let + configFiles = pkgs.stdenv.mkDerivation { + installPhase = '' + mkdir -p $out + cp -r * $out/ + ''; + name = "config-files"; + src = ../configs; + }; + pkgs = nixpkgs.legacyPackages.${system}; + system = "x86_64-linux"; + in { + nixosConfigurations = { + "nocix-amd-legacy-quadcore-292465" = import ../system.nix { + configuration = ../host/nocix/amd-legacy-quadcore-292465; + roles = [../roles/llm.nix ]; + inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system; + }; + }; + }; +} diff --git a/modules/home/default.nix b/modules/home/default.nix index 8f6fa7a..a9c09f1 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -3,7 +3,5 @@ ./base.nix ./fish.nix ./git.nix - ./nixvim.nix - ./pi.nix ]; } diff --git a/modules/home/pi.nix b/modules/home/pi.nix deleted file mode 100644 index 914434d..0000000 --- a/modules/home/pi.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, configFiles, lib, pkgs, ... }: - -with lib; - -{ - options.myModules.home.pi = { - enable = mkEnableOption "custom pi agent configuration"; - }; - - config = mkIf config.myModules.home.pi.enable ( - let - # Use user-specific config if it exists - configPath = (configFiles + "/users/${config.myModules.home.user}/pi"); - in { - # Use the correct Home Manager option - home.file.".pi" = { - source = configPath; - recursive = true; - }; - } - ); -} diff --git a/modules/system/default.nix b/modules/system/default.nix index bad9e7e..8658c7b 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -14,7 +14,6 @@ ./element-web.nix #./fieldseeker-sync.nix ./fish.nix - ./forgejo.nix ./label-studio.nix ./librechat.nix ./minio.nix diff --git a/modules/system/forgejo.nix b/modules/system/forgejo.nix deleted file mode 100644 index 04858fe..0000000 --- a/modules/system/forgejo.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; - -let - cfg = config.services.forgejo; - srv = cfg.settings.server; -in { - options.myModules.forgejo.enable = mkEnableOption "custom forgejo configuration"; - - config = mkIf config.myModules.forgejo.enable { - services.caddy.virtualHosts."source.gleipnir.technology".extraConfig = '' - reverse_proxy unix//var/run/forgejo/socket - ''; - services.forgejo = { - database.type = "postgres"; - enable = true; - # Enable support for Git Large File Storage - lfs.enable = true; - settings = { - # Add support for actions, based on act: https://github.com/nektos/act - actions = { - ENABLED = false; - DEFAULT_ACTIONS_URL = "github"; - }; - # Sending emails is completely optional - # You can send a test email from the web UI at: - # Profile Picture > Site Administration > Configuration > Mailer Configuration - #mailer = { - #ENABLED = false; - #SMTP_ADDR = "mail.example.com"; - #FROM = "noreply@${srv.DOMAIN}"; - #USER = "noreply@${srv.DOMAIN}"; - #}; - server = { - DOMAIN = "source.gleipnir.technology"; - # You need to specify this to remove the port from URLs in the web UI. - HTTP_ADDR = "/var/run/forgejo/socket"; - PROTOCOL = "http+unix"; - ROOT_URL = "https://${srv.DOMAIN}/"; - }; - # You can temporarily allow registration to create an admin user. - service.DISABLE_REGISTRATION = true; - # Enable ssh user for 'git push' - ssh = { - PORT = 22; - }; - }; - stateDir = "/mnt/bigdisk/forgejo"; - #mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path; - }; - systemd.tmpfiles.rules = [ - "d /var/run/forgejo 0750 forgejo forgejo - -" - ]; - }; -} diff --git a/modules/system/pgadmin.nix b/modules/system/pgadmin.nix index 95abf08..af4cf16 100644 --- a/modules/system/pgadmin.nix +++ b/modules/system/pgadmin.nix @@ -2,8 +2,6 @@ with lib; let - databaseName = "nidus-sync"; - dbUsername = "pgadmin"; cfg = config.myModules.pgadmin; group = "root"; port = 10100; @@ -30,73 +28,8 @@ in { services.pgadmin = { enable = true; initialEmail = "eli@gleipnir.technology"; - initialPasswordFile = config.sops.secrets."pgadmin-initial-password-file".path; + initialPasswordFile = "/var/run/secrets/pgadmin.yaml"; port = port; - settings = { - # Pre-configure the database server - Servers = { - "1" = { - Name = "Local ${databaseName}"; - Group = "Servers"; - Host = "/run/postgresql"; # unix socket directory - Port = 5432; - MaintenanceDB = "postgres"; - Username = dbUsername; - SSLMode = "prefer"; - }; - }; - }; - }; - services.postgresql = { - ensureUsers = [{ - # Read only user for pgadmin - ensureClauses.login = true; - name = dbUsername; - }]; - }; - systemd.services.pgadmin-setup-permissions = { - description = "Setup read-only permissions for pgadmin user"; - after = [ "postgresql.service" ]; - requires = [ "postgresql.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - Type = "oneshot"; - User = "postgres"; - RemainAfterExit = true; - }; - - script = '' - ${config.services.postgresql.package}/bin/psql -d ${databaseName} << 'EOF' - -- Grant connection to database - GRANT CONNECT ON DATABASE ${databaseName} TO pgadmin; - - -- Dynamically grant permissions on all non-system schemas - DO $$ - DECLARE - schema_name text; - BEGIN - FOR schema_name IN - SELECT nspname - FROM pg_namespace - WHERE nspname NOT IN ('pg_catalog', 'information_schema', 'pg_toast') - AND nspname NOT LIKE 'pg_temp%' - AND nspname NOT LIKE 'pg_toast_temp%' - LOOP - EXECUTE format('GRANT USAGE ON SCHEMA %I TO pgadmin', schema_name); - EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO pgadmin', schema_name); - EXECUTE format('GRANT SELECT ON ALL SEQUENCES IN SCHEMA %I TO pgadmin', schema_name); - EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO pgadmin', schema_name); - END LOOP; - END $$; - EOF - ''; - - # This ensures the service runs again when you deploy changes - restartTriggers = [ - config.services.postgresql.package - "${databaseName}" - ]; }; sops.secrets."pgadmin-initial-password-file" = { format = "yaml"; diff --git a/modules/system/pi.nix b/modules/system/pi.nix index 7052ac4..33b0419 100644 --- a/modules/system/pi.nix +++ b/modules/system/pi.nix @@ -16,7 +16,6 @@ in { config = mkIf config.myModules.pi.enable { environment.systemPackages = with inputs.llm-agents.packages.${pkgs.stdenv.hostPlatform.system}; [ - pkgs.nodejs_24 pi ]; sops.secrets."pi-env" = { @@ -28,14 +27,4 @@ in { sopsFile = ../../secrets/pi.env; }; }; - /* notes on other stuff I did - - I'm installing pi-semaphore and pi-tmux with: - - ```shell - pi install git:github.com/offline-ant/pi-semaphore - pi install git:github.com/offline-ant/pi-tmux - ``` - */ - } diff --git a/modules/system/timecardbot.nix b/modules/system/timecardbot.nix index dd73f4c..aa01617 100644 --- a/modules/system/timecardbot.nix +++ b/modules/system/timecardbot.nix @@ -1,7 +1,7 @@ -{ config, inputs, lib, pkgs, ... }: +{ config, lib, pkgs, timecard-bot, ... }: with lib; let - timecard-bot-pkg = inputs.timecard-bot.packages.x86_64-linux.default; + timecard-bot-pkg = timecard-bot.packages.x86_64-linux.default; in { options.myModules.timecardbot.enable = mkEnableOption "custom timecardbot configuration"; diff --git a/nixos-anywhere/nocix/disk-config.nix b/nixos-anywhere/nocix/disk-config.nix index a59ea6e..1bfa8b4 100644 --- a/nixos-anywhere/nocix/disk-config.nix +++ b/nixos-anywhere/nocix/disk-config.nix @@ -35,8 +35,9 @@ }; }; }; + /* data = { - device = "/dev/disk/by-id/ata-Hitachi_HUA722020ALA331_B9HMU2WF"; + device = "/dev/sdb"; type = "disk"; content = { type = "gpt"; @@ -55,6 +56,7 @@ }; }; }; + */ }; lvm_vg = { pool = { diff --git a/roles/corp.nix b/roles/corp.nix index 1bcfdda..f365a8f 100644 --- a/roles/corp.nix +++ b/roles/corp.nix @@ -4,7 +4,6 @@ caddy.enable = true; cloudreve.enable = true; collabora.enable = true; - forgejo.enable = true; glitchtip.enable = true; element-web.enable = true; label-studio.enable = true; diff --git a/system.nix b/system.nix index 1513fef..aeffb6c 100644 --- a/system.nix +++ b/system.nix @@ -1,59 +1,44 @@ -{ configuration, inputs, nixpkgs, roles ? [], system}: -let +{ configFiles, configuration, disko, home-manager, inputs, nixpkgs, nixvim, roles, sops-nix, system }: +let allowed-unfree-packages = [ "corefonts" "google-chrome" "mongodb" ]; - - configFiles = nixpkgs.legacyPackages.${system}.stdenv.mkDerivation { - name = "config-files"; - src = ./configs; - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; - }; - - pkgs = import nixpkgs { - inherit system; - config = { - allowUnfreePredicate = pkg: - builtins.elem (nixpkgs.lib.getName pkg) allowed-unfree-packages; - }; - }; -in -nixpkgs.lib.nixosSystem { - inherit system pkgs; - - specialArgs = { - inherit inputs configFiles; - }; - +in nixpkgs.lib.nixosSystem { modules = [ - configuration inputs.authentik-nix.nixosModules.default - inputs.disko.nixosModules.disko - inputs.home-manager.nixosModules.home-manager + disko.nixosModules.disko + home-manager.nixosModules.home-manager { home-manager.extraSpecialArgs = { inherit configFiles inputs; }; home-manager.sharedModules = [ - inputs.nixvim.homeModules.nixvim + nixvim.homeModules.nixvim ./modules/home/nixvim.nix ]; home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; } - inputs.sops-nix.nixosModules.sops - { + configuration + ./modules + sops-nix.nixosModules.sops { sops = { age.generateKey = true; - age.keyFile = "/var/lib/sops-nix/key.txt"; + age.keyFile = "/var/libs/sops-nix/key.txt"; age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; defaultSopsFile = ./secrets/secrets.yaml; }; } - ./modules ./users ] ++ roles; + pkgs = import nixpkgs { + config = { + allowUnfreePredicate = pkg: builtins.elem (nixpkgs.lib.getName pkg) allowed-unfree-packages; + }; + system = "${system}"; + }; + specialArgs = { + inherit configFiles inputs; + }; + system = "${system}"; } diff --git a/users/eliribble.nix b/users/eliribble.nix index b170bb4..f76a727 100644 --- a/users/eliribble.nix +++ b/users/eliribble.nix @@ -9,7 +9,6 @@ with lib; myModules.home = { fish.enable = true; git.enable = true; - pi.enable = true; user = "eliribble"; };