Experimental Coder

Switch from GNOME to KDE Plasma
Add cron_min back to freshrss pod template
2023-11-07 12:33:12 +00:00 · 2023-11-07 12:32:55 +00:00 · 2023-11-07 12:32:11 +00:00 · 2023-11-06 22:01:41 +00:00
7 changed files with 177 additions and 61 deletions
--- a/flake.lock
+++ b/flake.lock
@ -134,11 +134,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1696343447,
-        "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
+        "lastModified": 1698882062,
+        "narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
+        "rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
        "type": "github"
      },
      "original": {
@ -223,11 +223,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1698479159,
-        "narHash": "sha256-rJHBDwW4LbADEfhkgGHjKGfL2dF44NrlyXdXeZrQahs=",
+        "lastModified": 1699025595,
+        "narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "f92a54fef4eacdbe86b0a2054054dd58b0e2a2a4",
+        "rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d",
        "type": "github"
      },
      "original": {
@ -263,11 +263,11 @@
        "nixpkgs-lib": "nixpkgs-lib"
      },
      "locked": {
-        "lastModified": 1697976504,
-        "narHash": "sha256-sU8q83TEaafIe5d7L6Dc2alRhWT898aB0+6EXcfao1I=",
+        "lastModified": 1699186103,
+        "narHash": "sha256-B13wpM9/sLYBO2TjxFYLhPUD9v3LVFVOmH12pGB3E0w=",
        "owner": "nix-community",
        "repo": "lib-aggregate",
-        "rev": "2e96d2f9d80f80bd22cd7c603985f2b03cf186fc",
+        "rev": "99ff947f29d9c89fe26072b1927e594ee45ccda0",
        "type": "github"
      },
      "original": {
@ -279,15 +279,16 @@
    "nix-eval-jobs": {
      "inputs": {
        "flake-parts": "flake-parts",
+        "nix-github-actions": "nix-github-actions",
        "nixpkgs": "nixpkgs_6",
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1697679370,
-        "narHash": "sha256-E4iEs004owoShYK0MBDD6uRXCgZdxl//hYijvSakg0k=",
+        "lastModified": 1699060277,
+        "narHash": "sha256-As0PilG8NEQzIMOFIzfI3zkBNH2CJHZJXRL5Rc36Ojc=",
        "owner": "nix-community",
        "repo": "nix-eval-jobs",
-        "rev": "01a606e119963957eefaf1b22ef92b69b90f5b85",
+        "rev": "20a24e8b1004d3293525334ccf3254c083d6fbaa",
        "type": "github"
      },
      "original": {
@ -296,6 +297,28 @@
        "type": "github"
      }
    },
+    "nix-github-actions": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs-wayland",
+          "nix-eval-jobs",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1698974481,
+        "narHash": "sha256-yPncV9Ohdz1zPZxYHQf47S8S0VrnhV7nNhCawY46hDA=",
+        "owner": "nix-community",
+        "repo": "nix-github-actions",
+        "rev": "4bb5e752616262457bc7ca5882192a564c0472d2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nix-github-actions",
+        "type": "github"
+      }
+    },
    "nixinate": {
      "inputs": {
        "nixpkgs": "nixpkgs_4"
@ -368,11 +391,11 @@
    },
    "nixpkgs-lib": {
      "locked": {
-        "lastModified": 1697935651,
-        "narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
+        "lastModified": 1699145078,
+        "narHash": "sha256-OO1b3jiMUGjafD2ErkbTPVgUlhmyWo2Z5i0k2kD1ViU=",
        "owner": "nix-community",
        "repo": "nixpkgs.lib",
-        "rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
+        "rev": "174d7dc67189bc4a53f1bffb4fb9d0f13b79cd3c",
        "type": "github"
      },
      "original": {
@ -391,11 +414,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1698459598,
-        "narHash": "sha256-2etAvtTLoPsvEJ4P6rKnHE8Ipp6MVNMGlik1JqHdqL0=",
+        "lastModified": 1699222410,
+        "narHash": "sha256-qGuDXk991Mlws0f8DXNua82G+22jMBwoFG80o1sF66M=",
        "owner": "nix-community",
        "repo": "nixpkgs-wayland",
-        "rev": "bcadcb13f0248fa7e6355a35c3c263fc76edc632",
+        "rev": "74717cb06fc24dbf57002bb1cf6d36fc50293d34",
        "type": "github"
      },
      "original": {
@ -454,11 +477,11 @@
    },
    "nixpkgs_5": {
      "locked": {
-        "lastModified": 1698336494,
-        "narHash": "sha256-sO72WDBKyijYD1GcKPlGsycKbMBiTJMBCnmOxLAs880=",
+        "lastModified": 1699186365,
+        "narHash": "sha256-Pxrw5U8mBsL3NlrJ6q1KK1crzvSUcdfwb9083sKDrcU=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "808c0d8c53c7ae50f82aca8e7df263225cf235bf",
+        "rev": "a0b3b06b7a82c965ae0bb1d59f6e386fe755001d",
        "type": "github"
      },
      "original": {
@ -470,11 +493,11 @@
    },
    "nixpkgs_6": {
      "locked": {
-        "lastModified": 1697677194,
-        "narHash": "sha256-lN2eJCsOzjhxrvTQsNcW7r0E9hMJ7ABrKDQWpmYFRkM=",
+        "lastModified": 1698977350,
+        "narHash": "sha256-OUDOHWrX3EjX/MlOoCHEb3JMONklbpu4Wa+Xf5s/U+s=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "18e505d654892d057f308c817d220faf962dbf23",
+        "rev": "4285a2a67daf39e63d9564a47773a1c2081c36a8",
        "type": "github"
      },
      "original": {
@ -608,11 +631,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1697388351,
-        "narHash": "sha256-63N2eBpKaziIy4R44vjpUu8Nz5fCJY7okKrkixvDQmY=",
+        "lastModified": 1698438538,
+        "narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "aae39f64f5ecbe89792d05eacea5cb241891292a",
+        "rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
        "type": "github"
      },
      "original": {
--- a/homelab/freshrss-config.yml
+++ b/homelab/freshrss-config.yml
@ -3,7 +3,7 @@ kind: ConfigMap
 metadata:
  name: freshrss-config
 data:
-  CRON_MIN: "*/15"
+  CRON_MIN: "1,31"
  # OIDC_ENABLED: "1"
  OIDC_PROVIDER_METADATA_URL: https://authentik.gmem.ca/application/o/freshrss/.well-known/openid-configuration
  OIDC_REMOTE_USER_CLAIM: preferred_username
--- a/homelab/freshrss.yaml
+++ b/homelab/freshrss.yaml
@ -14,13 +14,16 @@ spec:
    spec:
      containers:
      - name: freshrss
-        image: freshrss/freshrss:arm
+        image: freshrss/freshrss:1.22.1-arm
        resources:
          limits:
            memory: "256Mi"
            cpu: "500m"
        ports:
        - containerPort: 80
+        env:
+          - name: CRON_MIN
+            value: 1,31
        envFrom:
          - configMapRef:
              name: freshrss-config
--- a/nix/london/configuration.nix
+++ b/nix/london/configuration.nix
@ -129,11 +129,8 @@
      xkbVariant = "";
      videoDrivers = [ "nvidia" ];
      enable = true;
-      displayManager = {
-        gdm.wayland = true;
-        sddm.enable = true;
-      };
      desktopManager.plasma5.enable = true;
+      displayManager.sddm.enable = true;
    };
    pipewire = {
      enable = true;
@ -174,23 +171,9 @@
    pulseaudio.enable = false;
  };

-  xdg = {
-    portal = {
-      enable = true;
-      extraPortals = with pkgs; [
-        xdg-desktop-portal-wlr
-        xdg-desktop-portal-gtk
-      ];
-    };
-  };
-  environment.sessionVariables = {
-    NIXOS_OZONE_WL = "1";
-  };
+  xdg.portal.enable = true;
+
  programs = {
-    hyprland = {
-      enable = true;
-      enableNvidiaPatches = true;
-    };
    gamemode.enable = true;
    zsh.enable = true;
    fish.enable = true;
@ -198,8 +181,8 @@
    dconf.enable = true;
    steam = {
      enable = true;
-      remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
-      dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
+      remotePlay.openFirewall = true;
+      dedicatedServer.openFirewall = false;
    };
    gnupg.agent = {
 	   enable = true;
@ -261,14 +244,20 @@
      glxinfo
      vulkan-tools
      glmark2
-      waybar
-      waypipe
-      rofi-wayland
-      mako
      libnotify
-      hyprpaper
+      emojione
    ];
-  };  
+  };
+
+  environment.plasma5.excludePackages = with pkgs.libsForQt5; [
+    elisa
+    okular
+    oxygen
+    khelpcenter
+    konsole
+    plasma-browser-integration
+    print-manager
+  ];

  security = {
    polkit.enable = true;
--- a/nix/london/gsimmer.nix
+++ b/nix/london/gsimmer.nix
@ -10,13 +10,13 @@
    overlays =
      let
        discordOverlay = self: super: {
-          discord = super.discord.override { };
+          discord = super.discord.override { withVencord = true; withOpenASAR = true; };
        };
      in
        [
          (import (builtins.fetchTarball {
            url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
-            sha256 = "0lqk8xl3bpwmfdv8p9147rag1jxa8r0k8sibhyrvsnyp3q5lvxdx";
+            sha256 = "0w50a5dwphqkvlyi4h0bp3fssjkilyr92f9zgdhdxish3dzn4y0d";
          })) discordOverlay];
  };
  home = {
@ -556,7 +556,18 @@ $env.config = {
      enable = true;
    };
  };
-  
+
+  # Prevent clobbering SSH_AUTH_SOCK
+  home.sessionVariables = {
+      SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/yubikey-agent/yubikey-agent.sock";
+  };
+
+  # Disable gnome-keyring ssh-agent
+  xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
+      ${lib.fileContents "${pkgs.gnome3.gnome-keyring}/etc/xdg/autostart/gnome-keyring-ssh.desktop"}
+      Hidden=true
+    '';
+
  home.packages = with pkgs; [
    bitwarden-cli
    vlc
@ -576,7 +587,6 @@ $env.config = {
    discord
    mangohud
    comma
-    grimblast
  ];

  # This value determines the Home Manager release that your
--- a/nix/oracle-gitea-runner/coder.nix
+++ b/nix/oracle-gitea-runner/coder.nix
@ -0,0 +1,82 @@
+{ lib
+, fetchurl
+, installShellFiles
+, makeWrapper
+, terraform
+, stdenvNoCC
+, unzip
+}:
+let
+  inherit (stdenvNoCC.hostPlatform) system;
+in
+
+stdenvNoCC.mkDerivation rec {
+  pname = "coder";
+  version = "2.3.3";
+
+  src = fetchurl {
+    sha256 = {
+      x86_64-linux = "sha256-3gO71Eii3KBjn/oQ1Q3OCJ7S6H12iDYjOfqf43ph1nQ=";
+      x86_64-darwin = lib.fakeHash;
+      aarch64-linux = "sha256-v7S22I62EKPcHO9yZGciKKftRlzIowfAeVgnccOdlSs=";
+      aarch64-darwin = "";
+    }.${system};
+
+    url =
+      let
+        systemName = {
+          x86_64-linux = "linux_amd64";
+          aarch64-linux = "linux_arm64";
+          x86_64-darwin = "darwin_amd64";
+          aarch64-darwin = "darwin_arm64";
+        }.${system};
+
+        ext = {
+          x86_64-linux = "tar.gz";
+          aarch64-linux = "tar.gz";
+          x86_64-darwin = "zip";
+          aarch64-darwin = "zip";
+        }.${system};
+      in
+      "https://github.com/coder/coder/releases/download/v${version}/coder_${version}_${systemName}.${ext}";
+  };
+
+  nativeBuildInputs = [
+    installShellFiles
+    makeWrapper
+    unzip
+  ];
+
+  unpackPhase = ''
+    printf 'Decompressing %s\n' "$src"
+    case $src in
+        *.tar.gz) tar -xz -f "$src" ;;
+        *.zip)    unzip      "$src" ;;
+    esac
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp coder $out/bin
+  '';
+
+  postInstall = ''
+    installShellCompletion --cmd coder \
+      --bash <($out/bin/coder completion bash) \
+      --fish <($out/bin/coder completion fish) \
+      --zsh <($out/bin/coder completion zsh)
+
+    wrapProgram $out/bin/coder --prefix PATH : ${lib.makeBinPath [ terraform ]}
+  '';
+
+  # integration tests require network access
+  doCheck = false;
+
+  meta = {
+    description = "Provision software development environments via Terraform on Linux, macOS, Windows, X86, ARM, and of course, Kubernetes";
+    homepage = "https://coder.com";
+    license = lib.licenses.agpl3;
+    maintainers = [ lib.maintainers.ghuntley lib.maintainers.urandom ];
+    broken = false;
+  };
+}
--- a/nix/oracle-gitea-runner/configuration.nix
+++ b/nix/oracle-gitea-runner/configuration.nix
@ -5,6 +5,8 @@
    [ # Include the results of the hardware scan.
      ./hardware.nix
    ];
+
+  nixpkgs.config.allowUnfree = true;
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;
@ -16,6 +18,13 @@
    tailscale
  ];

+  services.coder = {
+    enable = true;
+    group = "docker";
+    listenAddress = "0.0.0.0:3000";
+    package = (pkgs.callPackage ./coder.nix {});
+  };
+
  services.gitea-actions-runner = {
    package = pkgs.forgejo-actions-runner;
    instances = {
Author	SHA1	Message	Date
Gabriel Simmer	d21c8fac35	Experimental Coder All checks were successful Lint / lint (push) Successful in 22s Details	2023-11-07 12:33:12 +00:00
Gabriel Simmer	da290991d3	Switch from GNOME to KDE Plasma	2023-11-07 12:32:55 +00:00
Gabriel Simmer	82e593fd6c	Add cron_min back to freshrss pod template	2023-11-07 12:32:11 +00:00
Gabriel Simmer	f714bff04f	Switch to GNOME4 on London	2023-11-06 22:01:41 +00:00