Let's see if this'll prevent my system from locking up when I try to do
too much compilation at once
Change-Id: Ie1ecb973801a6ea51f57ed5f25a1964647f54e77
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5156
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
This avoids leaking $HOME from the environment into the build, which was
previously causing yerenHome to get rebuilt on every single depot CI
invocation.
Change-Id: Icb3c32e91186468e548c7b86b1a12bf9adef4fe9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5118
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Use a nixos-unstable revision the channel has not yet advanced to (but
the tested jobset has succeeded already), so we'll benefit from the
polkit security update.
* //users/grfn/home/games: replace multimc with polymc.
Seems like this is the conclusion in in the trademark saga.
* //third_party/terrform-provider-glesys: use new mkProvider interface
See https://github.com/nixos/nixpkgs/commit/e7dbfd7ece0e
Change-Id: Ieb76a3d73c42ce1fa34050ac797fa4e3a905e8ef
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5075
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
This extra nixpkgs import has been around for a while, but seems to no
longer be needed (this software is in nixpkgs).
Change-Id: I9932fe01bda97bd8b50ec9192ab185bea69657f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5050
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Basically any system I have is going to want to be able to flash an
ergodox, so it makes sense to have these always present
Change-Id: I88f556d4484e282e712062a488321bf80baa87ac
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5028
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Use agenix for the buildkite ssh key and agent token on mugwump, instead
of storing stuff in /etc/secrets
Change-Id: I56951587b949fc0854e56f5c4e33b601e9cd964e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5027
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Can no longer be null and has been renamed to security.acme.defaults.email:
377c6bcefc
Change-Id: Icac9506185da176365369ed3c7db3c71ffc90b1b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4784
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
I have a (unconfirmed) suspicion that this is paying more in CPU time
than it's saving in disk space - regardless, I have a bounty of the
latter and a deficit of the former.
Change-Id: I3375b8d904e0878fd47c1845e3c3b9b6c6359189
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4700
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Start setting up agenix with secrets in //users/grfn/secrets for
mugwump, starting with my cloudflare API key which I use for the ddns
from my home apartment
Change-Id: Ida66cb91da3415357a512039d6c23402f0ae9388
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4683
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Git recently started warning about this behavior, which it's always had
and I've always liked, and I don't want the warning.
Change-Id: I19ae397770b271924cc975e5f8c50d6351ed29ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4569
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: grfn <grfn@gws.fyi>
Dunst as of 1.7.0 apparently no longer supports keyboard shortcuts (so
much for semantic versioning) in favor of having them be bound in the
window manager to invocations of `dunstctl`.
Change-Id: Ic3f10a29061c19ea0002e0f6d596baeafa58d968
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3815
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Add a nixos module for running the xanthous server in a docker
container, and install it on mugwump including a prometheus scrape
config.
Change-Id: Ifeb315845b7eef2ee33af98fa3f71acdd3d9fe6b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3812
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
This is really just not worth the performance hit
Change-Id: I6f603aa154c562da2803bd8f73b1135faad243be
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3642
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
`config.home.homeDirectory` is never set, meaning that when this builds
in CI it just uses the $HOME of the buildkite agent that's running,
causing it to almost always rebuild on new changes - I'm never going to
have a username on a system other than `grfn`, so this is fine to just
hardcode.
Change-Id: I920a0c546f4c06d0429534d116465e8f732218e7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3495
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
I have some secret stuff here (not security-secret, just secret that I'm
installing it in my system) so this has to be conditionally included
Change-Id: Idb12e5bbab507ad3dc5eb610199fd384789c0e20
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3491
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
I no longer use this, I just use the rebuild-system that all nixos
systems get now.
Change-Id: I2272ff13b21b3194c06b51dbc340c19b8bb336a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3430
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Wanted to port my emacs config to depot, but missing a dependency from
the channel. Adjustments:
* Downgrade grfn's Kernel to 5.10: The ck1 patch is not yet available
for 5.13 unfortunately and the 5.12 set has been removed upstream.
Change-Id: Ifaf315427bda2af590549ca0abec02a79f19a3ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3375
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
I used //tools/depot-nixpkgs-update for this - thanks again, sterni!
Included fixes:
* temporary workaround for building notmuch python package, fixed in
upstream already (but channel hasn't advanced there)
* Disable fprintd in grfn.system.yeren, as the fprintd-tod package
currently has a version mismatch in nixpkgs
Co-authored-by: Griffin Smith <grfn@gws.fyi>
Change-Id: If6d71b08ace9db57daadfe3b69b9cd4aec6a5a4e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3274
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Didn't bother to update the stable channel as it is unused currently.
Changes required:
* tazjin/frog, grfn/modules/obs:
Remove obs-v4l2sink as it has been integrated into upstream OBS and
the package removed from nixpkgs subsequently (at least according to
the `builtins.throw`-message).
Change-Id: I4335ed060eef2c4ff8ac55a68d894bcc3d8ef4a3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3243
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
Telegram adds this itself, which means the file is different from what
home-manager knows about, which means running home-manager switch
breaks unless this is here.
Change-Id: Iad507bf63365a630b7eef349228b633f5b83d78b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3251
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
I'm typesetting a type system! `semantic` is the big winner here, but
also `mathpartir` is nice
Change-Id: I27ee91d30e0fe680377ce48f7539553fd0707684
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3212
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Break out the configuration for the prometheus fail2ban exporter, which
is a simple python script that exports stats from fail2ban as a
prometheus-scrapable textfile, from Mugwump into a reusable nixos module
in //ops/nixos/modules.
Change-Id: I5451c9c5de6c7bc4431150ae596a9c758bf1b693
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3136
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Includes the following depot changes & fixes:
* stable moves to NixOS 21.05
* stable isn't used anymore (but we'll keep the mechanism)
* haskell overlay's `random` override is removed (YAY!)
* grfn/iso: Switch to regular kernel rather than
latest kernel, as latest kernel is currently marked as broken due to zfs
* grfn/home: Use julia_16-bin temporarily
julia 1.5 (current julia-stable, source built release in nixpkgs)
doesn't pass its own test suite. Julia 1.6 doesn't have a source built
package in nixpkgs yet, so julia_16-bin appears to be the only working
julia derivation currently.
* tazjin/tverskoy: Use zfs unstable, as stable zfs doesn't work with the
latest kernel
Co-Authored-By: Griffin Smith <grfn@gws.fyi>
Co-Authored-By: sterni <sternenseemann@systemli.org>
Change-Id: I6f2e3d9f75077e4755de6bde9104d44b584cbe4c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3174
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: grfn <grfn@gws.fyi>
This reverts commit e1c45be3f5. I'm back
in NY now T.T
Change-Id: Iaae2bf778195b9a99ac1a46068703a58e6b69053
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3166
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI