Experimental Coder

flake.lock

@@ -134,11 +134,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1696343447,
+        "lastModified": 1698882062,
-        "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
+        "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
+        "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
         "type": "github"
       },
       "original": {
@@ -223,11 +223,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1698479159,
+        "lastModified": 1699025595,
-        "narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=",
+        "narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4",
+        "rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d",
         "type": "github"
       },
       "original": {
@@ -263,11 +263,11 @@
         "nixpkgs-lib": "nixpkgs-lib"
       },
       "locked": {
-        "lastModified": 1697976504,
+        "lastModified": 1699186103,
-        "narHash": "sha256-sU8q83TEaafIe5d7L6Dc2alRhWT898aB0+6EXcfao1I=",
+        "narHash": "sha256-B13wpM9/sLYBO2TjxFYLhPUD9v3LVFVOmH12pGB3E0w=",
         "owner": "nix-community",
         "repo": "lib-aggregate",
-        "rev": "2e96d2f9d80f80bd22cd7c603985f2b03cf186fc",
+        "rev": "99ff947f29d9c89fe26072b1927e594ee45ccda0",
         "type": "github"
       },
       "original": {
@@ -279,15 +279,16 @@
     "nix-eval-jobs": {
       "inputs": {
         "flake-parts": "flake-parts",
+        "nix-github-actions": "nix-github-actions",
         "nixpkgs": "nixpkgs_6",
         "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1697679370,
+        "lastModified": 1699060277,
-        "narHash": "sha256-E4iEs004owoShYK0MBDD6uRXCgZdxl//hYijvSakg0k=",
+        "narHash": "sha256-As0PilG8NEQzIMOFIzfI3zkBNH2CJHZJXRL5Rc36Ojc=",
         "owner": "nix-community",
         "repo": "nix-eval-jobs",
-        "rev": "01a606e119963957eefaf1b22ef92b69b90f5b85",
+        "rev": "20a24e8b1004d3293525334ccf3254c083d6fbaa",
         "type": "github"
       },
       "original": {
@@ -296,6 +297,28 @@
         "type": "github"
       }
     },
+    "nix-github-actions": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs-wayland",
+          "nix-eval-jobs",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1698974481,
+        "narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=",
+        "owner": "nix-community",
+        "repo": "nix-github-actions",
+        "rev": "4bb5e752616262457bc7ca5882192a564c0472d2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nix-github-actions",
+        "type": "github"
+      }
+    },
     "nixinate": {
       "inputs": {
         "nixpkgs": "nixpkgs_4"
@@ -368,11 +391,11 @@
     },
     "nixpkgs-lib": {
       "locked": {
-        "lastModified": 1697935651,
+        "lastModified": 1699145078,
-        "narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
+        "narHash": "sha256-OO1b3jiMUGjafD2ErkbTPVgUlhmyWo2Z5i0k2kD1ViU=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
+        "rev": "174d7dc67189bc4a53f1bffb4fb9d0f13b79cd3c",
         "type": "github"
       },
       "original": {
@@ -391,11 +414,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1698459598,
+        "lastModified": 1699222410,
-        "narHash": "sha256-2etAvtTLoPsvEJ4P6rKnHE8Ipp6MVNMGlik1JqHdqL0=",
+        "narHash": "sha256-qGuDXk991Mlws0f8DXNua82G+22jMBwoFG80o1sF66M=",
         "owner": "nix-community",
         "repo": "nixpkgs-wayland",
-        "rev": "bcadcb13f0248fa7e6355a35c3c263fc76edc632",
+        "rev": "74717cb06fc24dbf57002bb1cf6d36fc50293d34",
         "type": "github"
       },
       "original": {
@@ -454,11 +477,11 @@
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1698336494,
+        "lastModified": 1699186365,
-        "narHash": "sha256-sO72WDBKyijYD1GcKPlGsycKbMBiTJMBCnmOxLAs880=",
+        "narHash": "sha256-Pxrw5U8mBsL3NlrJ6q1KK1crzvSUcdfwb9083sKDrcU=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "808c0d8c53c7ae50f82aca8e7df263225cf235bf",
+        "rev": "a0b3b06b7a82c965ae0bb1d59f6e386fe755001d",
         "type": "github"
       },
       "original": {
@@ -470,11 +493,11 @@
     },
     "nixpkgs_6": {
       "locked": {
-        "lastModified": 1697677194,
+        "lastModified": 1698977350,
-        "narHash": "sha256-lN2eJCsOzjhxrvTQsNcW7r0E9hMJ7ABrKDQWpmYFRkM=",
+        "narHash": "sha256-OUDOHWrX3EjX/MlOoCHEb3JMONklbpu4Wa+Xf5s/U+s=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "18e505d654892d057f308c817d220faf962dbf23",
+        "rev": "4285a2a67daf39e63d9564a47773a1c2081c36a8",
         "type": "github"
       },
       "original": {
@@ -608,11 +631,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1697388351,
+        "lastModified": 1698438538,
-        "narHash": "sha256-63N2eBpKaziIy4R44vjpUu8Nz5fCJY7okKrkixvDQmY=",
+        "narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
         "owner": "numtide",
         "repo": "treefmt-nix",
-        "rev": "aae39f64f5ecbe89792d05eacea5cb241891292a",
+        "rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
         "type": "github"
       },
       "original": {

homelab/freshrss-config.yml

@@ -3,7 +3,7 @@ kind: ConfigMap
 metadata:
   name: freshrss-config
 data:
-  CRON_MIN: "*/15"
+  CRON_MIN: "1,31"
   # OIDC_ENABLED: "1"
   OIDC_PROVIDER_METADATA_URL: https://authentik.gmem.ca/application/o/freshrss/.well-known/openid-configuration
   OIDC_REMOTE_USER_CLAIM: preferred_username

homelab/freshrss.yaml

@@ -14,13 +14,16 @@ spec:
     spec:
       containers:
       - name: freshrss
-        image: freshrss/freshrss:arm
+        image: freshrss/freshrss:1.22.1-arm
         resources:
           limits:
             memory: "256Mi"
             cpu: "500m"
         ports:
         - containerPort: 80
+        env:
+          - name: CRON_MIN
+            value: 1,31
         envFrom:
           - configMapRef:
               name: freshrss-config

nix/london/configuration.nix

@@ -129,11 +129,8 @@
       xkbVariant = "";
       videoDrivers = [ "nvidia" ];
       enable = true;
-      displayManager = {
-        gdm.wayland = true;
-        sddm.enable = true;
-      };
       desktopManager.plasma5.enable = true;
+      displayManager.sddm.enable = true;
     };
     pipewire = {
       enable = true;
@@ -174,23 +171,9 @@
     pulseaudio.enable = false;
   };
 
-  xdg = {
+  xdg.portal.enable = true;
-    portal = {
+
-      enable = true;
-      extraPortals = with pkgs; [
-        xdg-desktop-portal-wlr
-        xdg-desktop-portal-gtk
-      ];
-    };
-  };
-  environment.sessionVariables = {
-    NIXOS_OZONE_WL = "1";
-  };
   programs = {
-    hyprland = {
-      enable = true;
-      enableNvidiaPatches = true;
-    };
     gamemode.enable = true;
     zsh.enable = true;
     fish.enable = true;
@@ -198,8 +181,8 @@
     dconf.enable = true;
     steam = {
       enable = true;
-      remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+      remotePlay.openFirewall = true;
-      dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
+      dedicatedServer.openFirewall = false;
     };
     gnupg.agent = {
 	   enable = true;
@@ -261,15 +244,21 @@
       glxinfo
       vulkan-tools
       glmark2
-      waybar
-      waypipe
-      rofi-wayland
-      mako
       libnotify
-      hyprpaper
+      emojione
     ];
   };
 
+  environment.plasma5.excludePackages = with pkgs.libsForQt5; [
+    elisa
+    okular
+    oxygen
+    khelpcenter
+    konsole
+    plasma-browser-integration
+    print-manager
+  ];
+
   security = {
     polkit.enable = true;
     rtkit.enable = true;

nix/london/gsimmer.nix

@@ -10,13 +10,13 @@
     overlays =
       let
         discordOverlay = self: super: {
-          discord = super.discord.override { };
+          discord = super.discord.override { withVencord = true; withOpenASAR = true; };
         };
       in
         [
           (import (builtins.fetchTarball {
             url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
-            sha256 = "0lqk8xl3bpwmfdv8p9147rag1jxa8r0k8sibhyrvsnyp3q5lvxdx";
+            sha256 = "0w50a5dwphqkvlyi4h0bp3fssjkilyr92f9zgdhdxish3dzn4y0d";
           })) discordOverlay];
   };
   home = {
@@ -557,6 +557,17 @@ $env.config = {
     };
   };
 
+  # Prevent clobbering SSH_AUTH_SOCK
+  home.sessionVariables = {
+      SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/yubikey-agent/yubikey-agent.sock";
+  };
+
+  # Disable gnome-keyring ssh-agent
+  xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
+      ${lib.fileContents "${pkgs.gnome3.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop"}
+      Hidden=true
+    '';
+
   home.packages = with pkgs; [
     bitwarden-cli
     vlc
@@ -576,7 +587,6 @@ $env.config = {
     discord
     mangohud
     comma
-    grimblast
   ];
 
   # This value determines the Home Manager release that your

nix/oracle-gitea-runner/coder.nix

@@ -0,0 +1,82 @@
+{ lib
+, fetchurl
+, installShellFiles
+, makeWrapper
+, terraform
+, stdenvNoCC
+, unzip
+}:
+let
+  inherit (stdenvNoCC.hostPlatform) system;
+in
+
+stdenvNoCC.mkDerivation rec {
+  pname = "coder";
+  version = "2.3.3";
+
+  src = fetchurl {
+    sha256 = {
+      x86_64-linux = "sha256-3gO71Eii3KBjn/oQ1Q3OCJ7S6H12iDYjOfqf43ph1nQ=";
+      x86_64-darwin = lib.fakeHash;
+      aarch64-linux = "sha256-v7S22I62EKPcHO9yZGciKKftRlzIowfAeVgnccOdlSs=";
+      aarch64-darwin = "";
+    }.${system};
+
+    url =
+      let
+        systemName = {
+          x86_64-linux = "linux_amd64";
+          aarch64-linux = "linux_arm64";
+          x86_64-darwin = "darwin_amd64";
+          aarch64-darwin = "darwin_arm64";
+        }.${system};
+
+        ext = {
+          x86_64-linux = "tar.gz";
+          aarch64-linux = "tar.gz";
+          x86_64-darwin = "zip";
+          aarch64-darwin = "zip";
+        }.${system};
+      in
+      "https://github.com/coder/coder/releases/download/v${version}/coder_${version}_${systemName}.${ext}";
+  };
+
+  nativeBuildInputs = [
+    installShellFiles
+    makeWrapper
+    unzip
+  ];
+
+  unpackPhase = ''
+    printf 'Decompressing %s\n' "$src"
+    case $src in
+        *.tar.gz) tar -xz -f "$src" ;;
+        *.zip)    unzip      "$src" ;;
+    esac
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp coder $out/bin
+  '';
+
+  postInstall = ''
+    installShellCompletion --cmd coder \
+      --bash <($out/bin/coder completion bash) \
+      --fish <($out/bin/coder completion fish) \
+      --zsh <($out/bin/coder completion zsh)
+
+    wrapProgram $out/bin/coder --prefix PATH : ${lib.makeBinPath [ terraform ]}
+  '';
+
+  # integration tests require network access
+  doCheck = false;
+
+  meta = {
+    description = "Provision software development environments via Terraform on Linux, macOS, Windows, X86, ARM, and of course, Kubernetes";
+    homepage = "https://coder.com";
+    license = lib.licenses.agpl3;
+    maintainers = [ lib.maintainers.ghuntley lib.maintainers.urandom ];
+    broken = false;
+  };
+}

nix/oracle-gitea-runner/configuration.nix

@@ -5,6 +5,8 @@
     [ # Include the results of the hardware scan.
       ./hardware.nix
     ];
+
+  nixpkgs.config.allowUnfree = true;
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;
@@ -16,6 +18,13 @@
     tailscale
   ];
 
+  services.coder = {
+    enable = true;
+    group = "docker";
+    listenAddress = "0.0.0.0:3000";
+    package = (pkgs.callPackage ./coder.nix {});
+  };
+
   services.gitea-actions-runner = {
     package = pkgs.forgejo-actions-runner;
     instances = {