automated: Update flake.lock

Auto-generated by [update.yml][1] with the help of
[create-pull-request][2].

[1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml
[2]: https://forgejo.stefka.eu/jiriks74/create-pull-request

.sops.yaml

@@ -19,39 +19,39 @@ creation_rules:
     - path_regex: users/alice/secrets.*\.yaml$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *palatine-hill
+            - *palatine-hill 
-            - *artemision
+            - *artemision 
-            - *artemision-home
+            - *artemision-home 
     - path_regex: systems/palatine-hill/secrets.*\.yaml$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *palatine-hill
+            - *palatine-hill 
     - path_regex: systems/artemision/secrets.*\.yaml$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *artemision
+            - *artemision 
     - path_regex: systems/selinunte/secrets.*\.yaml$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *artemision
+            - *artemision 
-            - *selinunte
+            - *selinunte 
     - path_regex: systems/palatine-hill/docker/wg/.*\.conf$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *palatine-hill
+            - *palatine-hill 
     - path_regex: systems/palatine-hill/docker/openvpn/.*\.ovpn$
       key_groups:
         - pgp:
-            - *admin_alice
+            - *admin_alice 
           age:
-            - *palatine-hill
+            - *palatine-hill 

flake.lock

@@ -75,11 +75,11 @@
       },
       "locked": {
         "dir": "pkgs/firefox-addons",
-        "lastModified": 1749269004,
+        "lastModified": 1752206617,
-        "narHash": "sha256-20eV5kl7iP7ODy9ZNW2SAg8bIg2ttud+IWs7UHxsbE0=",
+        "narHash": "sha256-/Pu0pBOI3hsg3eIK6AsQ6kwvONqE2b1b/zOz06ePJKE=",
         "owner": "rycee",
         "repo": "nur-expressions",
-        "rev": "c579adeca940c70ac7dd661a1cda662f2d1fb158",
+        "rev": "680d0ba892443d95ad1afdc523686573111e6c1a",
         "type": "gitlab"
       },
       "original": {
@@ -124,11 +124,11 @@
         "nixpkgs-lib": "nixpkgs-lib"
       },
       "locked": {
-        "lastModified": 1748821116,
+        "lastModified": 1751413152,
-        "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
+        "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
+        "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
         "type": "github"
       },
       "original": {
@@ -145,11 +145,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1743550720,
+        "lastModified": 1751413152,
-        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
+        "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
+        "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
         "type": "github"
       },
       "original": {
@@ -194,32 +194,6 @@
         "type": "github"
       }
     },
-    "git-hooks": {
-      "inputs": {
-        "flake-compat": [
-          "stylix",
-          "flake-compat"
-        ],
-        "gitignore": "gitignore_2",
-        "nixpkgs": [
-          "stylix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1747372754,
-        "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
-        "type": "github"
-      },
-      "original": {
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "type": "github"
-      }
-    },
     "gitignore": {
       "inputs": {
         "nixpkgs": [
@@ -241,41 +215,19 @@
         "type": "github"
       }
     },
-    "gitignore_2": {
-      "inputs": {
-        "nixpkgs": [
-          "stylix",
-          "git-hooks",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1709087332,
-        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "type": "github"
-      }
-    },
     "gnome-shell": {
       "flake": false,
       "locked": {
-        "lastModified": 1744584021,
+        "lastModified": 1748186689,
-        "narHash": "sha256-0RJ4mJzf+klKF4Fuoc8VN8dpQQtZnKksFmR2jhWE1Ew=",
+        "narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
         "owner": "GNOME",
         "repo": "gnome-shell",
-        "rev": "52c517c8f6c199a1d6f5118fae500ef69ea845ae",
+        "rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
         "type": "github"
       },
       "original": {
         "owner": "GNOME",
-        "ref": "48.1",
+        "ref": "48.2",
         "repo": "gnome-shell",
         "type": "github"
       }
@@ -287,11 +239,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749358668,
+        "lastModified": 1752202894,
-        "narHash": "sha256-V91nN4Q9ZwX0N+Gzu+F8SnvzMcdURYnMcIvpfLQzD5M=",
+        "narHash": "sha256-knafgng4gCjZIUMyAEWjxxdols6n/swkYnbWr+oF+1w=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "06451df423dd5e555f39857438ffc16c5b765862",
+        "rev": "fab659b346c0d4252208434c3c4b3983a4b38fec",
         "type": "github"
       },
       "original": {
@@ -330,11 +282,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747572947,
+        "lastModified": 1752069516,
-        "narHash": "sha256-PMQoXbfmWPuXnF8EaWqRmvTvl7+WFUrDVgufFRPgOM4=",
+        "narHash": "sha256-dyzDJvt8IVgHJVmpnw1mueHHSLYnChW1XMkwz9WUBZ8=",
         "owner": "hyprwm",
         "repo": "contrib",
-        "rev": "910dad4c5755c1735d30da10c96d9086aa2a608d",
+        "rev": "34d0c01910552b873a07c96921ef70e32bf369a2",
         "type": "github"
       },
       "original": {
@@ -383,11 +335,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749355504,
+        "lastModified": 1751774635,
-        "narHash": "sha256-L17CdJMD+/FCBOHjREQLXbe2VUnc3rjffenBbu2Kwpc=",
+        "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=",
         "owner": "Mic92",
         "repo": "nix-index-database",
-        "rev": "40a6e15e44b11fbf8f2b1df9d64dbfc117625e94",
+        "rev": "85686025ba6d18df31cc651a91d5adef63378978",
         "type": "github"
       },
       "original": {
@@ -427,11 +379,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749338348,
+        "lastModified": 1751591814,
-        "narHash": "sha256-IBLKyOU55Kt1gSXL4dFQUQUVcYd5+qfSrVAL8lcE8QY=",
+        "narHash": "sha256-A4lgvuj4v+Pr8MniXz1FBG0DXOygi8tTECR+j53FMhM=",
         "owner": "lilyinstarlight",
         "repo": "nixos-cosmic",
-        "rev": "f2ac592313c51c9be981e45f56dc00714e103477",
+        "rev": "fef2d0c78c4e4d6c600a88795af193131ff51bdc",
         "type": "github"
       },
       "original": {
@@ -448,11 +400,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747663185,
+        "lastModified": 1751903740,
-        "narHash": "sha256-Obh50J+O9jhUM/FgXtI3he/QRNiV9+J53+l+RlKSaAk=",
+        "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "ee07ba0d36c38e9915c55d2ac5a8fb0f05f2afcc",
+        "rev": "032decf9db65efed428afd2fa39d80f7089085eb",
         "type": "github"
       },
       "original": {
@@ -463,11 +415,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1749195551,
+        "lastModified": 1752048960,
-        "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=",
+        "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "4602f7e1d3f197b3cb540d5accf5669121629628",
+        "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806",
         "type": "github"
       },
       "original": {
@@ -486,11 +438,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1748287559,
+        "lastModified": 1752190421,
-        "narHash": "sha256-dvUE9HGwzEXyv6G7LuZFQCmRYFuXLJBO4+crCTxe5zs=",
+        "narHash": "sha256-IXOsH31wgX1DXW1H1WMTBBMqz5Qhw2je6ObmzGK7z+w=",
         "owner": "SuperSandro2000",
         "repo": "nixos-modules",
-        "rev": "9ae063877f8c5d42c39b739ae1d00f9657ad17f4",
+        "rev": "17972ee0700a8e647e3fe74aa15315b5ccad4f06",
         "type": "github"
       },
       "original": {
@@ -501,11 +453,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1749289455,
+        "lastModified": 1752206449,
-        "narHash": "sha256-FmG/5HlnBrPNTCQv91GPUV2RKUw2WvDtyhXcN2fN280=",
+        "narHash": "sha256-NVAbC/s4CupABWGXF8M9mDiVw/n0YCftxwc1KatVjDk=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "6dbd508802ef3f74cf792a25b653861ed8360a80",
+        "rev": "1bd4d0d4a678d48b63eb18f457d74df2fcee6c69",
         "type": "github"
       },
       "original": {
@@ -517,11 +469,11 @@
     },
     "nixpkgs-lib": {
       "locked": {
-        "lastModified": 1748740939,
+        "lastModified": 1751159883,
-        "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=",
+        "narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "656a64127e9d791a334452c6b6606d17539476e2",
+        "rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab",
         "type": "github"
       },
       "original": {
@@ -532,11 +484,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1749173751,
+        "lastModified": 1751274312,
-        "narHash": "sha256-ENY3y3v6S9ZmLDDLI3LUT8MXmfXg/fSt2eA4GCnMVCE=",
+        "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "ed29f002b6d6e5e7e32590deb065c34a31dc3e91",
+        "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
         "type": "github"
       },
       "original": {
@@ -555,15 +507,14 @@
         "nixpkgs": [
           "stylix",
           "nixpkgs"
-        ],
+        ]
-        "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1748730660,
+        "lastModified": 1751906969,
-        "narHash": "sha256-5LKmRYKdPuhm8j5GFe3AfrJL8dd8o57BQ34AGjJl1R0=",
+        "narHash": "sha256-BSQAOdPnzdpOuCdAGSJmefSDlqmStFNScEnrWzSqKPw=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "2c0bc52fe14681e9ef60e3553888c4f086e46ecb",
+        "rev": "ddb679f4131e819efe3bbc6457ba19d7ad116f25",
         "type": "github"
       },
       "original": {
@@ -583,11 +534,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747372754,
+        "lastModified": 1750779888,
-        "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
+        "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
+        "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
         "type": "github"
       },
       "original": {
@@ -627,11 +578,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749350575,
+        "lastModified": 1752201818,
-        "narHash": "sha256-ltLegOYrp69v/7BXlNfSwUPrt2DvF7N668pV4a6rWRA=",
+        "narHash": "sha256-d8KczaVT8WFEZdWg//tMAbv8EDyn2YTWcJvSY8gqKBU=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "24d5806474b0779d373f381f00d75ad51fd45099",
+        "rev": "bd8f8329780b348fedcd37b53dbbee48c08c496d",
         "type": "github"
       },
       "original": {
@@ -647,11 +598,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747603214,
+        "lastModified": 1751606940,
-        "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
+        "narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
+        "rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d",
         "type": "github"
       },
       "original": {
@@ -667,15 +618,8 @@
         "base16-helix": "base16-helix",
         "base16-vim": "base16-vim",
         "firefox-gnome-theme": "firefox-gnome-theme",
-        "flake-compat": [
-          "flake-compat"
-        ],
         "flake-parts": "flake-parts_2",
-        "git-hooks": "git-hooks",
         "gnome-shell": "gnome-shell",
-        "home-manager": [
-          "home-manager"
-        ],
         "nixpkgs": [
           "nixpkgs"
         ],
@@ -688,11 +632,11 @@
         "tinted-zed": "tinted-zed"
       },
       "locked": {
-        "lastModified": 1749236315,
+        "lastModified": 1752231632,
-        "narHash": "sha256-Ndtdvwz8D4WOYHl5mj9d5F5iC8WPH6uPNF7RcU3QzmE=",
+        "narHash": "sha256-ZuFQ62qagCV5GHSbwnpLk92HxKlNjG7w4wbkT1OrhUA=",
         "owner": "danth",
         "repo": "stylix",
-        "rev": "29d006198ee05143cca8b4b89f37025823da1bcc",
+        "rev": "0150050d6eed373b04fd85e08bd2ae7b5cc8d3b2",
         "type": "github"
       },
       "original": {
@@ -767,11 +711,11 @@
     "tinted-schemes": {
       "flake": false,
       "locked": {
-        "lastModified": 1748180480,
+        "lastModified": 1750770351,
-        "narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=",
+        "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=",
         "owner": "tinted-theming",
         "repo": "schemes",
-        "rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31",
+        "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a",
         "type": "github"
       },
       "original": {
@@ -783,11 +727,11 @@
     "tinted-tmux": {
       "flake": false,
       "locked": {
-        "lastModified": 1748740859,
+        "lastModified": 1751159871,
-        "narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=",
+        "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=",
         "owner": "tinted-theming",
         "repo": "tinted-tmux",
-        "rev": "57d5f9683ff9a3b590643beeaf0364da819aedda",
+        "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c",
         "type": "github"
       },
       "original": {
@@ -799,11 +743,11 @@
     "tinted-zed": {
       "flake": false,
       "locked": {
-        "lastModified": 1725758778,
+        "lastModified": 1751158968,
-        "narHash": "sha256-8P1b6mJWyYcu36WRlSVbuj575QWIFZALZMTg5ID/sM4=",
+        "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=",
         "owner": "tinted-theming",
         "repo": "base16-zed",
-        "rev": "122c9e5c0e6f27211361a04fae92df97940eccf9",
+        "rev": "86a470d94204f7652b906ab0d378e4231a5b3384",
         "type": "github"
       },
       "original": {
@@ -812,28 +756,6 @@
         "type": "github"
       }
     },
-    "treefmt-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "stylix",
-          "nur",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733222881,
-        "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "49717b5af6f80172275d47a418c9719a31a78b53",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
-    },
     "wired-notify": {
       "inputs": {
         "flake-parts": [

flake.nix

@@ -66,6 +66,14 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    #lix-module = {
+    #  url = "git+https://git.lix.systems/lix-project/nixos-module?ref=stable";
+    #  inputs = {
+    #    nixpkgs.follows = "nixpkgs";
+    #    flake-utils.follows = "flake-utils";
+    #  };
+    #};
+
     nix-index-database = {
       url = "github:Mic92/nix-index-database";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -167,6 +175,29 @@
       formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
 
       nixosConfigurations = genSystems inputs outputs src (src + "/systems");
+      homeConfigurations = {
+        "alice" = inputs.home-manager.lib.homeManagerConfiguration {
+          pkgs = import nixpkgs { system = "x86_64-linux"; };
+          modules = [
+            inputs.stylix.homeModules.stylix
+            inputs.sops-nix.homeManagerModules.sops
+            inputs.nix-index-database.hmModules.nix-index
+            {
+              nixpkgs.config = {
+                allowUnfree = true;
+                allowUnfreePredicate = _: true;
+              };
+            }
+            ./users/alice/home.nix
+          ];
+          extraSpecialArgs = {
+            inherit inputs outputs;
+            machineConfig = {
+              server = false;
+            };
+          };
+        };
+      };
       images = {
         install-iso = getImages nixosConfigurations "install-iso";
         iso = getImages nixosConfigurations "iso";

hydra/jobs.nix

@@ -10,6 +10,9 @@ let
   getCfg = _: cfg: cfg.config.system.build.toplevel;
   hostToAgg = _: cfg: cfg;
 
+  getHome = _: cfg: cfg.config.home.activationPackage;
+  homeToAgg = _: cfg: cfg;
+
   # get per-system check derivation (with optional postfix)
   mapSystems =
     {
@@ -22,11 +25,16 @@ rec {
   inherit (outputs) formatter devShells checks;
 
   host = lib.mapAttrs getCfg outputs.nixosConfigurations;
+  home = lib.mapAttrs getHome outputs.homeConfigurations; # homeConfigurations.alice.config.home.activationPackage
 
   hosts = pkgs.releaseTools.aggregate {
     name = "hosts";
     constituents = lib.mapAttrsToList hostToAgg host;
   };
+  homes = pkgs.releaseTools.aggregate {
+    name = "homes";
+    constituents = lib.mapAttrsToList homeToAgg home;
+  };
 
   devChecks = pkgs.releaseTools.aggregate {
     name = "devChecks";

lib/systems.nix

@@ -156,6 +156,7 @@ rec {
       modules ? [ ],
       server ? true,
       sops ? true,
+      lix ? false,
       system ? "x86_64-linux",
     }@args:
     lib.nixosSystem {
@@ -171,6 +172,7 @@ rec {
       modules =
         [
           inputs.nixos-modules.nixosModule
+          inputs.nix-index-database.nixosModules.nix-index
           (genHostName hostname)
           (configPath + "/hardware.nix")
           (configPath + "/configuration.nix")
@@ -180,6 +182,7 @@ rec {
         ++ genWrapper sops genSops args
         ++ genWrapper home genHome args
         ++ genWrapper true genUsers args
+        #++ genWrapper lix ({ ... }: [ inputs.lix-module.nixosModules.default ]) args
         ++ genWrapper (system != "x86_64-linux") genNonX86 args;
     };
 

systems/artemision/default.nix

@@ -3,6 +3,7 @@
   system = "x86_64-linux";
   home = true;
   sops = true;
+  lix = true;
   server = false;
   users = [ "alice" ];
   modules = [

systems/palatine-hill/attic/default.nix

@@ -10,10 +10,6 @@
     attic-client
   ];
 
-  systemd.services.atticd.environment = {
-    RUST_LOG = "INFO";
-  };
-
   services = {
     atticd = {
       enable = true;
@@ -71,6 +67,9 @@
   # configured default webstore for this on root user separately
   systemd = {
     services = {
+      atticd.environment = {
+        RUST_LOG = "INFO";
+      };
       attic-watch-store = {
         wantedBy = [ "multi-user.target" ];
         after = [

systems/palatine-hill/docker/nextcloud.nix

@@ -9,7 +9,8 @@ let
   nextcloud-base = {
     # image comes from running docker compose build in nextcloud-docker/.examples/full/apache
     image = "nextcloud-nextcloud";
-    pull = "always";
+    # pull = "always";
+    # do NOT enable pull here, this image is generated based on a custom docker image
     hostname = "nextcloud";
     volumes = [
       "${nextcloud_path}/nc_data:/var/www/html:z"

systems/palatine-hill/docker/restic.nix

@@ -10,7 +10,7 @@ in
       image = "restic/rest-server:latest";
       volumes = [ "${restic_path}:/data" ];
       environment = {
-        OPTIONS = "--prometheus --htpasswd-file /data/.htpasswd";
+        OPTIONS = "--prometheus --private-repos --htpasswd-file /data/.htpasswd";
       };
       ports = [ "8010:8000" ];
       extraOptions = [

users/alice/default.nix

@@ -15,5 +15,6 @@ import ../default.nix {
   publicKeys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7oJjIYNRCRrUlhdGJgst6bzqubbKH0gjZYulQ1eVcZ alice@artemision"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILWG3cIBju6vzX6s8JlmGNJOiWY7pQ19bHvcqDADtWzv snowi@DESKTOP-EVIR8IH"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMfC0IXl9sGx+9FjuYZT2OUfffGjciJIHWqZdEU1d3n alice@parthenon-7588"
   ];
 }

users/alice/home.nix

@@ -76,6 +76,7 @@
       nix-prefetch
       nix-tree
       nh
+      home-manager
 
       # doom emacs dependencies
       fd

users/alice/home/zsh.nix

@@ -72,7 +72,7 @@
       "sgc" = "sudo git -C /root/dotfiles";
       ## SSH
       "ssh-init" =
-        "ssh-add -t 2h  ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails  ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh";
+        "ssh-add -t 2h  ~/.ssh/id_rsa_tails ~/.ssh/id_ed25519_tails  ~/.ssh/id_rsa_palatine ~/.ssh/id_ed25519_palatine ~/.ssh/id_ed25519_rota ~/.ssh/id_ed25519_gh ~/.ssh/id_ed25519";
 
       ## Backups
       "borgmatic-backup-quick" =

utils/eval-to-drv.sh

@@ -16,4 +16,4 @@ script_path=$(dirname "$(readlink -f $0)")
 parent_path=$(dirname "$script_path")
 out_path="$parent_path/$1.json"
 
-nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --evaluate --allow-import-from-derivation --json "$out_path" "$parent_path"
+nix run git+https://nayeonie.com/ahuston-0/flake-update-diff --fallback -- --evaluate --allow-import-from-derivation --json "$out_path" "$parent_path"