automated: Update flake.lock

Auto-generated by [update.yml][1] with the help of [create-pull-request][2]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request
Merge pull request 'feature/home-config' (#130 ) from feature/home-config into main
2025-07-08 12:21:31 +00:00 · 2025-07-08 01:26:38 -04:00 · 2025-07-08 01:10:59 -04:00 · 2025-07-04 18:11:28 -04:00 · 2025-07-04 14:36:37 -04:00 · 2025-07-04 13:56:48 -04:00
11 changed files with 98 additions and 109 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -19,39 +19,39 @@ creation_rules:
    - path_regex: users/alice/secrets.*\.yaml$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *palatine-hill
-            - *artemision
-            - *artemision-home
+            - *palatine-hill 
+            - *artemision 
+            - *artemision-home 
    - path_regex: systems/palatine-hill/secrets.*\.yaml$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *palatine-hill
+            - *palatine-hill 
    - path_regex: systems/artemision/secrets.*\.yaml$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *artemision
+            - *artemision 
    - path_regex: systems/selinunte/secrets.*\.yaml$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *artemision
-            - *selinunte
+            - *artemision 
+            - *selinunte 
    - path_regex: systems/palatine-hill/docker/wg/.*\.conf$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *palatine-hill
+            - *palatine-hill 
    - path_regex: systems/palatine-hill/docker/openvpn/.*\.ovpn$
      key_groups:
        - pgp:
-            - *admin_alice
+            - *admin_alice 
          age:
-            - *palatine-hill
+            - *palatine-hill 
--- a/flake.lock
+++ b/flake.lock
@ -75,11 +75,11 @@
      },
      "locked": {
        "dir": "pkgs/firefox-addons",
-        "lastModified": 1751515409,
-        "narHash": "sha256-yu+/TxHkuZ8GHKwpKTv1BpfbYD1wH1CyPsOmY72chTg=",
+        "lastModified": 1751947402,
+        "narHash": "sha256-ojywcCphY620xHsjrw6opWXYEIBujaqIwz1AAmGVUq0=",
        "owner": "rycee",
        "repo": "nur-expressions",
-        "rev": "2e0dcafe8c48470e036908f34a2a1413f75bd804",
+        "rev": "d17de94e8101db1571979e52dd5a0e04353fdf1b",
        "type": "gitlab"
      },
      "original": {
@ -194,32 +194,6 @@
        "type": "github"
      }
    },
-    "git-hooks": {
-      "inputs": {
-        "flake-compat": [
-          "stylix",
-          "flake-compat"
-        ],
-        "gitignore": "gitignore_2",
-        "nixpkgs": [
-          "stylix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1747372754,
-        "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
-        "type": "github"
-      },
-      "original": {
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "type": "github"
-      }
-    },
    "gitignore": {
      "inputs": {
        "nixpkgs": [
@ -241,28 +215,6 @@
        "type": "github"
      }
    },
-    "gitignore_2": {
-      "inputs": {
-        "nixpkgs": [
-          "stylix",
-          "git-hooks",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1709087332,
-        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "type": "github"
-      }
-    },
    "gnome-shell": {
      "flake": false,
      "locked": {
@ -287,11 +239,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1751513147,
-        "narHash": "sha256-idSXM3Y0KNf/WDDqGfthiOSQMwZYwis1JZhTkdWrr6A=",
+        "lastModified": 1751824240,
+        "narHash": "sha256-aDDC0CHTlL7QDKWWhdbEgVPK6KwWt+ca0QkmHYZxMzI=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "426b405d979d893832549b95f23c13537c65d244",
+        "rev": "fd9e55f5fac45a26f6169310afca64d56b681935",
        "type": "github"
      },
      "original": {
@ -330,11 +282,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1750372088,
-        "narHash": "sha256-LPwgPRBTfnA76rHUr7KYvwq2pNt5IfxymNAZUJFvn/M=",
+        "lastModified": 1751715349,
+        "narHash": "sha256-cP76ijtfGTFTpWFfmyFHA2MpDlIyKpWwW82kqQSQ6s0=",
        "owner": "hyprwm",
        "repo": "contrib",
-        "rev": "189f32f56285aae9646bf1292976392beba5a2e2",
+        "rev": "dafa5d09b413d08a55a81f6f8e85775d717bacda",
        "type": "github"
      },
      "original": {
@ -383,11 +335,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1751170039,
-        "narHash": "sha256-3EKpUmyGmHYA/RuhZjINTZPU+OFWko0eDwazUOW64nw=",
+        "lastModified": 1751774635,
+        "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=",
        "owner": "Mic92",
        "repo": "nix-index-database",
-        "rev": "9c932ae632d6b5150515e5749b198c175d8565db",
+        "rev": "85686025ba6d18df31cc651a91d5adef63378978",
        "type": "github"
      },
      "original": {
@ -427,11 +379,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1751281697,
-        "narHash": "sha256-abHhTXGEGYhCKOc9vQbqHFG7dxwJ6AudIy1h4MUsjm0=",
+        "lastModified": 1751591814,
+        "narHash": "sha256-A4lgvuj4v+Pr8MniXz1FBG0DXOygi8tTECR+j53FMhM=",
        "owner": "lilyinstarlight",
        "repo": "nixos-cosmic",
-        "rev": "78b86e37713a1111d9e37c62b242d60be3013bd1",
+        "rev": "fef2d0c78c4e4d6c600a88795af193131ff51bdc",
        "type": "github"
      },
      "original": {
@ -448,11 +400,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1747663185,
-        "narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=",
+        "lastModified": 1751903740,
+        "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
        "owner": "nix-community",
        "repo": "nixos-generators",
-        "rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc",
+        "rev": "032decf9db65efed428afd2fa39d80f7089085eb",
        "type": "github"
      },
      "original": {
@ -486,11 +438,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1751469444,
-        "narHash": "sha256-L5vPflQCt7WWzL66cA0ZbITfg+vzrSf6Ak5m4s6vDds=",
+        "lastModified": 1751969879,
+        "narHash": "sha256-p1P4cjWCv9zvubK7gunkFSSQElmQXLkl7FKSTH5ifAY=",
        "owner": "SuperSandro2000",
        "repo": "nixos-modules",
-        "rev": "ed24075c9b4d1cedac253f31aaa2d4729d4fdf53",
+        "rev": "fe42595f2abf79902350943fb4d49f10c3ec58fc",
        "type": "github"
      },
      "original": {
@ -501,11 +453,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1751529439,
-        "narHash": "sha256-fn4qiux6lOX2MEB5VU/KFUhjc4HuQON2SexwJnC1ibc=",
+        "lastModified": 1751952840,
+        "narHash": "sha256-SIkjQb9PPGvR/EcZAU8UZEnO9dwY2Z/BrDWgtyZd7OA=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "f596e2141c241f5cca21188543cd4dcda32f2c3c",
+        "rev": "27278798fe68d7f81131dd7ab62b8ea2b795cd56",
        "type": "github"
      },
      "original": {
@ -627,11 +579,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1751510438,
-        "narHash": "sha256-m8PjOoyyCR4nhqtHEBP1tB/jF+gJYYguSZmUmVTEAQE=",
+        "lastModified": 1751942411,
+        "narHash": "sha256-01uMHCt2U9tP4f24DGch145tT8YQppLY5TC9mWK7O0A=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "7f415261f298656f8164bd636c0dc05af4e95b6b",
+        "rev": "c587235f892930a61c9e415f0d9792a1b27a41a2",
        "type": "github"
      },
      "original": {
@ -647,11 +599,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1750119275,
-        "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=",
+        "lastModified": 1751606940,
+        "narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2",
+        "rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d",
        "type": "github"
      },
      "original": {
@ -667,15 +619,8 @@
        "base16-helix": "base16-helix",
        "base16-vim": "base16-vim",
        "firefox-gnome-theme": "firefox-gnome-theme",
-        "flake-compat": [
-          "flake-compat"
-        ],
        "flake-parts": "flake-parts_2",
-        "git-hooks": "git-hooks",
        "gnome-shell": "gnome-shell",
-        "home-manager": [
-          "home-manager"
-        ],
        "nixpkgs": [
          "nixpkgs"
        ],
@ -688,11 +633,11 @@
        "tinted-zed": "tinted-zed"
      },
      "locked": {
-        "lastModified": 1751498047,
-        "narHash": "sha256-2T/VKbqqp4KTz3szFl58AaI+LBg9ctLjnP1IQA8sPg8=",
+        "lastModified": 1751914048,
+        "narHash": "sha256-xHO3xlw35tCC0f3pN3osPNjgwwwAgusTuZk5iC8oDiE=",
        "owner": "danth",
        "repo": "stylix",
-        "rev": "d21cfb364a78ad72935625e79b8c5d497f0b7616",
+        "rev": "bf0ef81c8fcc30c32db9dab32d379f8d9db835e4",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -66,6 +66,14 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

+    #lix-module = {
+    #  url = "git+https://git.lix.systems/lix-project/nixos-module?ref=stable";
+    #  inputs = {
+    #    nixpkgs.follows = "nixpkgs";
+    #    flake-utils.follows = "flake-utils";
+    #  };
+    #};
+
    nix-index-database = {
      url = "github:Mic92/nix-index-database";
      inputs.nixpkgs.follows = "nixpkgs";
@ -167,6 +175,29 @@
      formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);

      nixosConfigurations = genSystems inputs outputs src (src + "/systems");
+      homeConfigurations = {
+        "alice" = inputs.home-manager.lib.homeManagerConfiguration {
+          pkgs = import nixpkgs { system = "x86_64-linux"; };
+          modules = [
+            inputs.stylix.homeModules.stylix
+            inputs.sops-nix.homeManagerModules.sops
+            inputs.nix-index-database.hmModules.nix-index
+            {
+              nixpkgs.config = {
+                allowUnfree = true;
+                allowUnfreePredicate = _: true;
+              };
+            }
+            ./users/alice/home.nix
+          ];
+          extraSpecialArgs = {
+            inherit inputs outputs;
+            machineConfig = {
+              server = false;
+            };
+          };
+        };
+      };
      images = {
        install-iso = getImages nixosConfigurations "install-iso";
        iso = getImages nixosConfigurations "iso";
--- a/hydra/jobs.nix
+++ b/hydra/jobs.nix
@ -10,6 +10,9 @@ let
  getCfg = _: cfg: cfg.config.system.build.toplevel;
  hostToAgg = _: cfg: cfg;

+  getHome = _: cfg: cfg.config.home.activationPackage;
+  homeToAgg = _: cfg: cfg;
+
  # get per-system check derivation (with optional postfix)
  mapSystems =
    {
@ -22,11 +25,16 @@ rec {
  inherit (outputs) formatter devShells checks;

  host = lib.mapAttrs getCfg outputs.nixosConfigurations;
+  home = lib.mapAttrs getHome outputs.homeConfigurations; # homeConfigurations.alice.config.home.activationPackage

  hosts = pkgs.releaseTools.aggregate {
    name = "hosts";
    constituents = lib.mapAttrsToList hostToAgg host;
  };
+  homes = pkgs.releaseTools.aggregate {
+    name = "homes";
+    constituents = lib.mapAttrsToList homeToAgg home;
+  };

  devChecks = pkgs.releaseTools.aggregate {
    name = "devChecks";
--- a/lib/systems.nix
+++ b/lib/systems.nix
@ -156,6 +156,7 @@ rec {
      modules ? [ ],
      server ? true,
      sops ? true,
+      lix ? false,
      system ? "x86_64-linux",
    }@args:
    lib.nixosSystem {
@ -171,6 +172,7 @@ rec {
      modules =
        [
          inputs.nixos-modules.nixosModule
+          inputs.nix-index-database.nixosModules.nix-index
          (genHostName hostname)
          (configPath + "/hardware.nix")
          (configPath + "/configuration.nix")
@ -180,6 +182,7 @@ rec {
        ++ genWrapper sops genSops args
        ++ genWrapper home genHome args
        ++ genWrapper true genUsers args
+        #++ genWrapper lix ({ ... }: [ inputs.lix-module.nixosModules.default ]) args
        ++ genWrapper (system != "x86_64-linux") genNonX86 args;
    };

--- a/systems/artemision/default.nix
+++ b/systems/artemision/default.nix
@ -3,6 +3,7 @@
  system = "x86_64-linux";
  home = true;
  sops = true;
+  lix = true;
  server = false;
  users = [ "alice" ];
  modules = [
--- a/systems/palatine-hill/attic/default.nix
+++ b/systems/palatine-hill/attic/default.nix
@ -10,10 +10,6 @@
    attic-client
  ];

-  systemd.services.atticd.environment = {
-    RUST_LOG = "INFO";
-  };
-
  services = {
    atticd = {
      enable = true;
@ -71,6 +67,9 @@
  # configured default webstore for this on root user separately
  systemd = {
    services = {
+      atticd.environment = {
+        RUST_LOG = "INFO";
+      };
      attic-watch-store = {
        wantedBy = [ "multi-user.target" ];
        after = [
--- a/systems/palatine-hill/docker/restic.nix
+++ b/systems/palatine-hill/docker/restic.nix
@ -10,7 +10,7 @@ in
      image = "restic/rest-server:latest";
      volumes = [ "${restic_path}:/data" ];
      environment = {
-        OPTIONS = "--prometheus --htpasswd-file /data/.htpasswd";
+        OPTIONS = "--prometheus --private-repos --htpasswd-file /data/.htpasswd";
      };
      ports = [ "8010:8000" ];
      extraOptions = [
--- a/users/alice/default.nix
+++ b/users/alice/default.nix
@ -15,5 +15,6 @@ import ../default.nix {
  publicKeys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7oJjIYNRCRrUlhdGJgst6bzqubbKH0gjZYulQ1eVcZ alice@artemision"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILWG3cIBju6vzX6s8JlmGNJOiWY7pQ19bHvcqDADtWzv snowi@DESKTOP-EVIR8IH"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMfC0IXl9sGx+9FjuYZT2OUfffGjciJIHWqZdEU1d3n alice@parthenon-7588"
  ];
 }
--- a/users/alice/home.nix
+++ b/users/alice/home.nix
@ -76,6 +76,7 @@
      nix-prefetch
      nix-tree
      nh
+      home-manager

      # doom emacs dependencies
      fd
--- a/users/alice/home/zsh.nix
+++ b/users/alice/home/zsh.nix
@ -72,7 +72,7 @@
      "sgc" = "sudo git -C /root/dotfiles";
      ## SSH
      "ssh-init" =
-        "ssh-add -t 2h  ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails  ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh";
+        "ssh-add -t 2h  ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails  ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh ~/.ssh/id_ed25519";

      ## Backups
      "borgmatic-backup-quick" =
Author	SHA1	Message	Date
github-actions[bot]	1394dc6b71	automated: Update `flake.lock` All checks were successful Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9m33s Details Check Nix flake / Perform Nix flake checks (pull_request) Successful in 14m50s Details Auto-generated by [update.yml][1] with the help of [create-pull-request][2]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request	2025-07-08 12:21:31 +00:00
ahuston-0	2df1ef27e1	Merge pull request 'feature/home-config' (#130 ) from feature/home-config into main Some checks failed Check flake.lock / Check health of `flake.lock` (push) Successful in 9m39s Details Check Nix flake / Perform Nix flake checks (push) Successful in 14m38s Details Update flakes / update_lockfile (push) Failing after 27m28s Details Reviewed-on: #130	2025-07-08 01:26:38 -04:00
ahuston-0	f4ff5a6251	remove lix, add homes to hydra All checks were successful Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9m40s Details Check Nix flake / Perform Nix flake checks (pull_request) Successful in 14m52s Details	2025-07-08 01:10:59 -04:00
ahuston-0	8f8bb999a3	make restic repos private	2025-07-04 18:11:28 -04:00
ahuston-0	f11b0f9e0a	add home-manager module for non-nixos systems	2025-07-04 14:36:37 -04:00
ahuston-0	1ba29c6d07	Merge pull request 'feature/lix' (#128 ) from feature/lix into main All checks were successful Check flake.lock / Check health of `flake.lock` (push) Successful in 9m23s Details Check Nix flake / Perform Nix flake checks (push) Successful in 15m22s Details Update flakes / update_lockfile (push) Successful in 21m33s Details Reviewed-on: #128	2025-07-04 13:56:48 -04:00
ahuston-0	bb81c54d45	update flake lock	2025-07-04 13:56:48 -04:00
ahuston-0	70037306ec	update flake lock	2025-07-04 13:56:48 -04:00
ahuston-0	c310e8b5c3	update flake lock	2025-07-04 13:56:48 -04:00
ahuston-0	afccd339e9	add lix to artemision	2025-07-04 13:56:48 -04:00
ahuston-0	8b5c833785	fix lix linting error	2025-07-04 13:56:48 -04:00
ahuston-0	b5841dd58e	Merge pull request 'automated: Update `flake.lock`' (#127 ) from update-flake-lock into main All checks were successful Check flake.lock / Check health of `flake.lock` (push) Successful in 9m38s Details Check Nix flake / Perform Nix flake checks (push) Successful in 14m44s Details Reviewed-on: #127	2025-07-04 11:19:47 -04:00
github-actions[bot]	49b684bf53	automated: Update `flake.lock` All checks were successful Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9m32s Details Check Nix flake / Perform Nix flake checks (pull_request) Successful in 14m31s Details Auto-generated by [update.yml][1] with the help of [create-pull-request][2]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request	2025-07-04 12:21:53 +00:00
ahuston-0	bb85894ae7	Merge pull request 'add parthenon key' (#126 ) from feature/add-parthenon into main All checks were successful Check flake.lock / Check health of `flake.lock` (push) Successful in 12s Details Check Nix flake / Perform Nix flake checks (push) Successful in 5m5s Details Update flakes / update_lockfile (push) Successful in 22m15s Details Reviewed-on: #126	2025-07-04 01:05:05 -04:00
ahuston-0	09ae81d71e	add parthenon key	2025-07-04 01:05:05 -04:00