Start setting up agenix with secrets in //users/grfn/secrets for
mugwump, starting with my cloudflare API key which I use for the ddns
from my home apartment
Change-Id: Ida66cb91da3415357a512039d6c23402f0ae9388
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4683
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Git recently started warning about this behavior, which it's always had
and I've always liked, and I don't want the warning.
Change-Id: I19ae397770b271924cc975e5f8c50d6351ed29ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4569
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Dunst as of 1.7.0 apparently no longer supports keyboard shortcuts (so
much for semantic versioning) in favor of having them be bound in the
window manager to invocations of `dunstctl`.
Change-Id: Ic3f10a29061c19ea0002e0f6d596baeafa58d968
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3815
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Add a nixos module for running the xanthous server in a docker
container, and install it on mugwump including a prometheus scrape
config.
Change-Id: Ifeb315845b7eef2ee33af98fa3f71acdd3d9fe6b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3812
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
This is really just not worth the performance hit
Change-Id: I6f603aa154c562da2803bd8f73b1135faad243be
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3642
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
`config.home.homeDirectory` is never set, meaning that when this builds
in CI it just uses the $HOME of the buildkite agent that's running,
causing it to almost always rebuild on new changes - I'm never going to
have a username on a system other than `grfn`, so this is fine to just
hardcode.
Change-Id: I920a0c546f4c06d0429534d116465e8f732218e7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3495
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
I have some secret stuff here (not security-secret, just secret that I'm
installing it in my system) so this has to be conditionally included
Change-Id: Idb12e5bbab507ad3dc5eb610199fd384789c0e20
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3491
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
I no longer use this, I just use the rebuild-system that all nixos
systems get now.
Change-Id: I2272ff13b21b3194c06b51dbc340c19b8bb336a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3430
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Wanted to port my emacs config to depot, but missing a dependency from
the channel. Adjustments:
* Downgrade grfn's Kernel to 5.10: The ck1 patch is not yet available
for 5.13 unfortunately and the 5.12 set has been removed upstream.
Change-Id: Ifaf315427bda2af590549ca0abec02a79f19a3ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3375
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
I used //tools/depot-nixpkgs-update for this - thanks again, sterni!
Included fixes:
* temporary workaround for building notmuch python package, fixed in
upstream already (but channel hasn't advanced there)
* Disable fprintd in grfn.system.yeren, as the fprintd-tod package
currently has a version mismatch in nixpkgs
Co-authored-by: Griffin Smith <grfn@gws.fyi>
Change-Id: If6d71b08ace9db57daadfe3b69b9cd4aec6a5a4e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3274
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Didn't bother to update the stable channel as it is unused currently.
Changes required:
* tazjin/frog, grfn/modules/obs:
Remove obs-v4l2sink as it has been integrated into upstream OBS and
the package removed from nixpkgs subsequently (at least according to
the `builtins.throw`-message).
Change-Id: I4335ed060eef2c4ff8ac55a68d894bcc3d8ef4a3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3243
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Telegram adds this itself, which means the file is different from what
home-manager knows about, which means running home-manager switch
breaks unless this is here.
Change-Id: Iad507bf63365a630b7eef349228b633f5b83d78b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3251
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
I'm typesetting a type system! `semantic` is the big winner here, but
also `mathpartir` is nice
Change-Id: I27ee91d30e0fe680377ce48f7539553fd0707684
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3212
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Break out the configuration for the prometheus fail2ban exporter, which
is a simple python script that exports stats from fail2ban as a
prometheus-scrapable textfile, from Mugwump into a reusable nixos module
in //ops/nixos/modules.
Change-Id: I5451c9c5de6c7bc4431150ae596a9c758bf1b693
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3136
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Includes the following depot changes & fixes:
* stable moves to NixOS 21.05
* stable isn't used anymore (but we'll keep the mechanism)
* haskell overlay's `random` override is removed (YAY!)
* grfn/iso: Switch to regular kernel rather than
latest kernel, as latest kernel is currently marked as broken due to zfs
* grfn/home: Use julia_16-bin temporarily
julia 1.5 (current julia-stable, source built release in nixpkgs)
doesn't pass its own test suite. Julia 1.6 doesn't have a source built
package in nixpkgs yet, so julia_16-bin appears to be the only working
julia derivation currently.
* tazjin/tverskoy: Use zfs unstable, as stable zfs doesn't work with the
latest kernel
Co-Authored-By: Griffin Smith <grfn@gws.fyi>
Co-Authored-By: sterni <sternenseemann@systemli.org>
Change-Id: I6f2e3d9f75077e4755de6bde9104d44b584cbe4c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3174
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
This reverts commit e1c45be3f5. I'm back
in NY now T.T
Change-Id: Iaae2bf778195b9a99ac1a46068703a58e6b69053
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3166
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
* users/grfn/system/home/yeren: remove obsolete awscli2 overrides
* ops: make new isSystemUser || isNormalUser assertion happy
* users/grfn/system/system/mugwump: make buildkite agents system users
* users/tazjin/nixos/camden: set isSystemUser = true for git
* users/tazjin/emacs: Remove missing & broken packages
* third_party/openldap: remove, as the argon2 module is now enabled upstream
* third_party/gerrit_plugins: Pinned new unstable hashes
* third_party/nix, third_party/grpc: Disabled CI as these are broken
* third_party/overlays/emacs: Bumped version to stay in sync with channel
* third_party/buzz: Update LIBCLANG_PATH to reference libclang.lib,
since libclang's default output no longer contains libclang.so
* users/grfn/system/home: Install julia-stable instead of julia (which
aliases to julia-lts), as the latter depends on an insecure version of
libgit
Change-Id: Iff33b0ecb0ef07a82d1de35e23c40d2f4bf0f8ed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3001
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Add a script (to PATH, so I can launch it from rofi) to take whatever's
in the clipboard, pass it through `dot -Tpng`, and then open the result
with feh.
Change-Id: I1842fca3585a33d902da20dfa6101d1c6d2f2062
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3160
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
* This was mostly for //third_party/nix and its dependencies which now
have been set to use llvmPackages_11 manually.
* For //users/grfn/achilles we also manually select the newer LLVM version.
* //tools/cheddar doesn't seem to need llvm anymore.
* //third_party/buzz also compiles with clang 7.1.0
* replace clang-tools everywhere with new attribute clang-tools_11
For the future we may want to have something similar again, but it may
not be necessary to invest too much time into it: nixpkgs is set to
upgrade their default llvmPackages to LLVM 11 as well at some point in
the near future.
Co-Authored-By: sterni <sternenseemann@systemli.org>
Change-Id: Id83868dbc476a6c776b59518b856c933f30ea79d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3135
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
This service performes automatic power tuning and has effectively
replaced powertop's tuning functionality in modern systems.
Change-Id: I63c6999beed64d96c77b8b9287ed0d5fa6ddd9fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3121
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
This might help with the issue of devices being stuck in a slow
power-saving mode after hibernation. Dell enables this on laptops
shipping with Linux by default according to some forum posts.
Change-Id: I3d7fdb5c2ed5e24289a6c20f21d027e11b7826e5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3120
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
We don't need these in the depot anymore as the Emacs overlay now
provides newer versions of them, or because they are not used anymore.
Change-Id: I393e1580b66450d0bb128213bc79668172dadacc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3005
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
This... mostly works! I had to install it from the latest master branch
to get it functioning on my CPU, hopefully once they release a new
version I can remove the override.
Change-Id: I863d2e822b149838c58aa1c1e7dc73a127a0aeb8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3022
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI