From 04a3417eddd872fe14480fc530a5633b7b43ee8b Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 14:38:40 -0400
Subject: [PATCH 1/6] add a setting to fall back to default dns for public wifi
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
systems/artemision/wifi.nix | 46 +++++++++++++++++++++----------------
users/alice/home/git.nix | 1 +
2 files changed, 27 insertions(+), 20 deletions(-)
diff --git a/systems/artemision/wifi.nix b/systems/artemision/wifi.nix
index a7b6f6f..72463e1 100644
--- a/systems/artemision/wifi.nix
+++ b/systems/artemision/wifi.nix
@@ -1,7 +1,8 @@
-{ config, ... }:
+{ config, lib, ... }:
let
always = 100;
home = 99;
+ public_wifi = false;
in
{
networking.wireless = {
@@ -24,29 +25,13 @@ in
"24HuFios".pskRaw = "ext:PASS_longboat_home";
"Verizon_ZLHQ3H".pskRaw = "ext:PASS_angie";
"Fios-Qn3RB".pskRaw = "ext:PASS_parkridge";
- "optimumwifi" = { };
- "CableWiFi" = { };
+ #"optimumwifi" = { };
+ #"CableWiFi" = { };
"JPMCVisitor" = { };
+ #"Hilton Honors" = { };
};
};
- networking.nameservers = [
- "9.9.9.9"
- "1.1.1.1"
- "192.168.76.1"
- ];
-
- services.resolved = {
- enable = true;
- dnssec = "true";
- domains = [ "~." ];
- fallbackDns = [
- "1.1.1.1#one.one.one.one"
- "1.0.0.1#one.one.one.one"
- ];
- dnsovertls = "true";
- };
-
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
@@ -57,3 +42,24 @@ in
};
};
}
+//
+
+ lib.mkIf (!public_wifi) {
+
+ networking.nameservers = [
+ "9.9.9.9"
+ "1.1.1.1"
+ "192.168.76.1"
+ ];
+
+ services.resolved = {
+ enable = true;
+ dnssec = "false";
+ domains = [ "~." ];
+ fallbackDns = [
+ "1.1.1.1#one.one.one.one"
+ "1.0.0.1#one.one.one.one"
+ ];
+ dnsovertls = "true";
+ };
+ }
diff --git a/users/alice/home/git.nix b/users/alice/home/git.nix
index 849bf29..3dddb55 100644
--- a/users/alice/home/git.nix
+++ b/users/alice/home/git.nix
@@ -3,6 +3,7 @@
{
programs.git = {
enable = true;
+ lfs.enable = true;
signing = {
key = "5EFFB75F7C9B74EAA5C4637547940175096C1330";
signByDefault = true;
From 6b8abf9972554cc693af4d0e3c9626926ee63da5 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 14:41:17 -0400
Subject: [PATCH 2/6] add git pack settings
---
users/alice/home/git.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/users/alice/home/git.nix b/users/alice/home/git.nix
index 3dddb55..4f79be1 100644
--- a/users/alice/home/git.nix
+++ b/users/alice/home/git.nix
@@ -29,6 +29,8 @@
color.ui = true;
init.defaultBranch = "main";
format.signoff = true;
+ pack.windowMemory = "2g";
+ pack.packSizeLimit = "1g";
};
};
}
From 83befed09a77de76abd1b5bf31f094f8df64894b Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 15:34:15 -0400
Subject: [PATCH 3/6] move public/private wifi logic into its own module
---
flake.nix | 6 +++---
systems/artemision/private-wifi.nix | 19 +++++++++++++++++++
systems/artemision/wifi.nix | 24 +++---------------------
3 files changed, 25 insertions(+), 24 deletions(-)
create mode 100644 systems/artemision/private-wifi.nix
diff --git a/flake.nix b/flake.nix
index 72660e5..e0b6d06 100644
--- a/flake.nix
+++ b/flake.nix
@@ -5,17 +5,17 @@
substituters = [
"https://cache.nixos.org/?priority=1&want-mass-query=true"
"https://nix-community.cachix.org/?priority=10&want-mass-query=true"
- "https://attic.nayeonie.com/nix-cache"
+ #"https://attic.nayeonie.com/nix-cache"
];
trusted-substituters = [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
- "https://attic.nayeonie.com/nix-cache"
+ #"https://attic.nayeonie.com/nix-cache"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
- "nix-cache:grGRsHhqNDhkEuTODvHJXYmoCClntC+U8XAJQzwMaZM="
+ #"nix-cache:grGRsHhqNDhkEuTODvHJXYmoCClntC+U8XAJQzwMaZM="
];
trusted-users = [ "root" ];
allow-import-from-derivation = true;
diff --git a/systems/artemision/private-wifi.nix b/systems/artemision/private-wifi.nix
new file mode 100644
index 0000000..6c3a8ea
--- /dev/null
+++ b/systems/artemision/private-wifi.nix
@@ -0,0 +1,19 @@
+{ ... }:
+{
+ networking.nameservers = [
+ "9.9.9.9"
+ "1.1.1.1"
+ "192.168.76.1"
+ ];
+
+ services.resolved = {
+ enable = true;
+ dnssec = "false";
+ domains = [ "~." ];
+ fallbackDns = [
+ "1.1.1.1#one.one.one.one"
+ "1.0.0.1#one.one.one.one"
+ ];
+ dnsovertls = "true";
+ };
+}
diff --git a/systems/artemision/wifi.nix b/systems/artemision/wifi.nix
index 72463e1..ef6949f 100644
--- a/systems/artemision/wifi.nix
+++ b/systems/artemision/wifi.nix
@@ -5,6 +5,9 @@ let
public_wifi = false;
in
{
+ imports = lib.optionals (!public_wifi) [
+ ./private-wifi.nix
+ ];
networking.wireless = {
enable = true;
secretsFile = config.sops.secrets."wifi-env".path;
@@ -42,24 +45,3 @@ in
};
};
}
-//
-
- lib.mkIf (!public_wifi) {
-
- networking.nameservers = [
- "9.9.9.9"
- "1.1.1.1"
- "192.168.76.1"
- ];
-
- services.resolved = {
- enable = true;
- dnssec = "false";
- domains = [ "~." ];
- fallbackDns = [
- "1.1.1.1#one.one.one.one"
- "1.0.0.1#one.one.one.one"
- ];
- dnsovertls = "true";
- };
- }
From dbe8a2a2b9179d9b382d3245086a0c02230a4cdd Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 17:52:41 -0400
Subject: [PATCH 4/6] use cached determinate nix installer, set retention for
attic
---
.github/workflows/flake-update.yml | 15 ++++++---------
systems/palatine-hill/attic/default.nix | 3 +++
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml
index b50bb41..9685f71 100644
--- a/.github/workflows/flake-update.yml
+++ b/.github/workflows/flake-update.yml
@@ -11,15 +11,15 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v4
+ - name: Get Latest Determinate Nix Installer binary
+ id: latest-installer
+ uses: sigyl-actions/gitea-action-get-latest-release@main
+ with:
+ repository: ahuston-0/determinate-nix-installer
- name: Install nix
uses: https://github.com/DeterminateSystems/nix-installer-action@main
- - name: Setup Attic cache
- uses: ryanccn/attic-action@v0
with:
- endpoint: ${{ secrets.ATTIC_ENDPOINT }}
- cache: ${{ secrets.ATTIC_CACHE }}
- token: ${{ secrets.ATTIC_TOKEN }}
- skip-push: "true"
+ source-url: https://nayeonie.com/ahuston-0/determinate-nix-mirror/releases/download/${{ steps.latest-installer.outputs.release }}/nix-installer-x86_64-linux
- name: Get pre-snapshot of evaluations
run: nix ./utils/eval-to-drv.sh pre
- name: Update flake.lock
@@ -100,9 +100,6 @@ jobs:
pr-labels: | # Labels to be set on the PR
dependencies
automated
- - name: Push to Attic
- run: nix ./utils/attic-push.bash
- continue-on-error: true
- name: Print PR number
run: |
echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}."
diff --git a/systems/palatine-hill/attic/default.nix b/systems/palatine-hill/attic/default.nix
index 64b4a3d..d09d420 100644
--- a/systems/palatine-hill/attic/default.nix
+++ b/systems/palatine-hill/attic/default.nix
@@ -34,6 +34,9 @@
bucket = "cache-nix-dot";
endpoint = "https://minio.nayeonie.com";
};
+ garbage-collection = {
+ interval = "5 minutes";
+ };
# Warning: If you change any of the values here, it will be
# difficult to reuse existing chunks for newly-uploaded NARs
From ff00f134ddbc0657c51d35be7d00e5fa1a364672 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 18:32:30 -0400
Subject: [PATCH 5/6] remove attic push
---
.github/workflows/flake-health-checks.yml | 19 -------------------
.github/workflows/flake-update.yml | 7 +++++++
.github/workflows/nix-fmt.yml | 3 ---
3 files changed, 7 insertions(+), 22 deletions(-)
diff --git a/.github/workflows/flake-health-checks.yml b/.github/workflows/flake-health-checks.yml
index 7899203..fdbe490 100644
--- a/.github/workflows/flake-health-checks.yml
+++ b/.github/workflows/flake-health-checks.yml
@@ -20,22 +20,3 @@ jobs:
skip-push: "true"
- uses: actions/checkout@v4
- run: nix flake check --accept-flake-config
- - run: nix ./utils/attic-push.bash
- # build-checks:
- # name: "Build nix outputs"
- # runs-on: ubuntu-latest
- # steps:
- # - uses: DeterminateSystems/nix-installer-action@main
- # - name: Setup Attic cache
- # uses: ryanccn/attic-action@v0
- # with:
- # endpoint: ${{ secrets.ATTIC_ENDPOINT }}
- # cache: ${{ secrets.ATTIC_CACHE }}
- # token: ${{ secrets.ATTIC_TOKEN }}
- # skip-push: "true"
- # - uses: actions/checkout@v4
- # - name: Build all outputs
- # run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build .
- # - name: Push to Attic
- # run: nix ./utils/attic-push.bash
- # continue-on-error: true
diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml
index 9685f71..5f5691f 100644
--- a/.github/workflows/flake-update.yml
+++ b/.github/workflows/flake-update.yml
@@ -16,6 +16,13 @@ jobs:
uses: sigyl-actions/gitea-action-get-latest-release@main
with:
repository: ahuston-0/determinate-nix-installer
+ - name: Setup Attic cache
+ uses: ryanccn/attic-action@v0
+ with:
+ endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+ cache: ${{ secrets.ATTIC_CACHE }}
+ token: ${{ secrets.ATTIC_TOKEN }}
+ skip-push: "true"
- name: Install nix
uses: https://github.com/DeterminateSystems/nix-installer-action@main
with:
diff --git a/.github/workflows/nix-fmt.yml b/.github/workflows/nix-fmt.yml
index f94cbea..6ef5915 100644
--- a/.github/workflows/nix-fmt.yml
+++ b/.github/workflows/nix-fmt.yml
@@ -20,6 +20,3 @@ jobs:
skip-push: "true"
- uses: actions/checkout@v4
- run: nix fmt -- --check .
- - name: Push to Attic
- run: nix ./utils/attic-push.bash
- continue-on-error: true
From 2cb803b39e5120501edfa36909adaa56ed96e519 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Mon, 26 May 2025 18:37:32 -0400
Subject: [PATCH 6/6] add RUST_LOG for attic
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
systems/palatine-hill/attic/default.nix | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/systems/palatine-hill/attic/default.nix b/systems/palatine-hill/attic/default.nix
index d09d420..1b3580a 100644
--- a/systems/palatine-hill/attic/default.nix
+++ b/systems/palatine-hill/attic/default.nix
@@ -10,6 +10,10 @@
attic-client
];
+ systemd.services.atticd.environment = {
+ RUST_LOG = "INFO";
+ };
+
services = {
atticd = {
enable = true;