From 04a3417eddd872fe14480fc530a5633b7b43ee8b Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 14:38:40 -0400 Subject: [PATCH 1/6] add a setting to fall back to default dns for public wifi Signed-off-by: ahuston-0 --- systems/artemision/wifi.nix | 46 +++++++++++++++++++++---------------- users/alice/home/git.nix | 1 + 2 files changed, 27 insertions(+), 20 deletions(-) diff --git a/systems/artemision/wifi.nix b/systems/artemision/wifi.nix index a7b6f6f..72463e1 100644 --- a/systems/artemision/wifi.nix +++ b/systems/artemision/wifi.nix @@ -1,7 +1,8 @@ -{ config, ... }: +{ config, lib, ... }: let always = 100; home = 99; + public_wifi = false; in { networking.wireless = { @@ -24,29 +25,13 @@ in "24HuFios".pskRaw = "ext:PASS_longboat_home"; "Verizon_ZLHQ3H".pskRaw = "ext:PASS_angie"; "Fios-Qn3RB".pskRaw = "ext:PASS_parkridge"; - "optimumwifi" = { }; - "CableWiFi" = { }; + #"optimumwifi" = { }; + #"CableWiFi" = { }; "JPMCVisitor" = { }; + #"Hilton Honors" = { }; }; }; - networking.nameservers = [ - "9.9.9.9" - "1.1.1.1" - "192.168.76.1" - ]; - - services.resolved = { - enable = true; - dnssec = "true"; - domains = [ "~." ]; - fallbackDns = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" - ]; - dnsovertls = "true"; - }; - sops = { defaultSopsFile = ./secrets.yaml; secrets = { @@ -57,3 +42,24 @@ in }; }; } +// + + lib.mkIf (!public_wifi) { + + networking.nameservers = [ + "9.9.9.9" + "1.1.1.1" + "192.168.76.1" + ]; + + services.resolved = { + enable = true; + dnssec = "false"; + domains = [ "~." ]; + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; + } diff --git a/users/alice/home/git.nix b/users/alice/home/git.nix index 849bf29..3dddb55 100644 --- a/users/alice/home/git.nix +++ b/users/alice/home/git.nix @@ -3,6 +3,7 @@ { programs.git = { enable = true; + lfs.enable = true; signing = { key = "5EFFB75F7C9B74EAA5C4637547940175096C1330"; signByDefault = true; -- 2.49.0 From 6b8abf9972554cc693af4d0e3c9626926ee63da5 Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 14:41:17 -0400 Subject: [PATCH 2/6] add git pack settings --- users/alice/home/git.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/users/alice/home/git.nix b/users/alice/home/git.nix index 3dddb55..4f79be1 100644 --- a/users/alice/home/git.nix +++ b/users/alice/home/git.nix @@ -29,6 +29,8 @@ color.ui = true; init.defaultBranch = "main"; format.signoff = true; + pack.windowMemory = "2g"; + pack.packSizeLimit = "1g"; }; }; } -- 2.49.0 From 83befed09a77de76abd1b5bf31f094f8df64894b Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 15:34:15 -0400 Subject: [PATCH 3/6] move public/private wifi logic into its own module --- flake.nix | 6 +++--- systems/artemision/private-wifi.nix | 19 +++++++++++++++++++ systems/artemision/wifi.nix | 24 +++--------------------- 3 files changed, 25 insertions(+), 24 deletions(-) create mode 100644 systems/artemision/private-wifi.nix diff --git a/flake.nix b/flake.nix index 72660e5..e0b6d06 100644 --- a/flake.nix +++ b/flake.nix @@ -5,17 +5,17 @@ substituters = [ "https://cache.nixos.org/?priority=1&want-mass-query=true" "https://nix-community.cachix.org/?priority=10&want-mass-query=true" - "https://attic.nayeonie.com/nix-cache" + #"https://attic.nayeonie.com/nix-cache" ]; trusted-substituters = [ "https://cache.nixos.org" "https://nix-community.cachix.org" - "https://attic.nayeonie.com/nix-cache" + #"https://attic.nayeonie.com/nix-cache" ]; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - "nix-cache:grGRsHhqNDhkEuTODvHJXYmoCClntC+U8XAJQzwMaZM=" + #"nix-cache:grGRsHhqNDhkEuTODvHJXYmoCClntC+U8XAJQzwMaZM=" ]; trusted-users = [ "root" ]; allow-import-from-derivation = true; diff --git a/systems/artemision/private-wifi.nix b/systems/artemision/private-wifi.nix new file mode 100644 index 0000000..6c3a8ea --- /dev/null +++ b/systems/artemision/private-wifi.nix @@ -0,0 +1,19 @@ +{ ... }: +{ + networking.nameservers = [ + "9.9.9.9" + "1.1.1.1" + "192.168.76.1" + ]; + + services.resolved = { + enable = true; + dnssec = "false"; + domains = [ "~." ]; + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; +} diff --git a/systems/artemision/wifi.nix b/systems/artemision/wifi.nix index 72463e1..ef6949f 100644 --- a/systems/artemision/wifi.nix +++ b/systems/artemision/wifi.nix @@ -5,6 +5,9 @@ let public_wifi = false; in { + imports = lib.optionals (!public_wifi) [ + ./private-wifi.nix + ]; networking.wireless = { enable = true; secretsFile = config.sops.secrets."wifi-env".path; @@ -42,24 +45,3 @@ in }; }; } -// - - lib.mkIf (!public_wifi) { - - networking.nameservers = [ - "9.9.9.9" - "1.1.1.1" - "192.168.76.1" - ]; - - services.resolved = { - enable = true; - dnssec = "false"; - domains = [ "~." ]; - fallbackDns = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" - ]; - dnsovertls = "true"; - }; - } -- 2.49.0 From dbe8a2a2b9179d9b382d3245086a0c02230a4cdd Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 17:52:41 -0400 Subject: [PATCH 4/6] use cached determinate nix installer, set retention for attic --- .github/workflows/flake-update.yml | 15 ++++++--------- systems/palatine-hill/attic/default.nix | 3 +++ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml index b50bb41..9685f71 100644 --- a/.github/workflows/flake-update.yml +++ b/.github/workflows/flake-update.yml @@ -11,15 +11,15 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Get Latest Determinate Nix Installer binary + id: latest-installer + uses: sigyl-actions/gitea-action-get-latest-release@main + with: + repository: ahuston-0/determinate-nix-installer - name: Install nix uses: https://github.com/DeterminateSystems/nix-installer-action@main - - name: Setup Attic cache - uses: ryanccn/attic-action@v0 with: - endpoint: ${{ secrets.ATTIC_ENDPOINT }} - cache: ${{ secrets.ATTIC_CACHE }} - token: ${{ secrets.ATTIC_TOKEN }} - skip-push: "true" + source-url: https://nayeonie.com/ahuston-0/determinate-nix-mirror/releases/download/${{ steps.latest-installer.outputs.release }}/nix-installer-x86_64-linux - name: Get pre-snapshot of evaluations run: nix ./utils/eval-to-drv.sh pre - name: Update flake.lock @@ -100,9 +100,6 @@ jobs: pr-labels: | # Labels to be set on the PR dependencies automated - - name: Push to Attic - run: nix ./utils/attic-push.bash - continue-on-error: true - name: Print PR number run: | echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}." diff --git a/systems/palatine-hill/attic/default.nix b/systems/palatine-hill/attic/default.nix index 64b4a3d..d09d420 100644 --- a/systems/palatine-hill/attic/default.nix +++ b/systems/palatine-hill/attic/default.nix @@ -34,6 +34,9 @@ bucket = "cache-nix-dot"; endpoint = "https://minio.nayeonie.com"; }; + garbage-collection = { + interval = "5 minutes"; + }; # Warning: If you change any of the values here, it will be # difficult to reuse existing chunks for newly-uploaded NARs -- 2.49.0 From ff00f134ddbc0657c51d35be7d00e5fa1a364672 Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 18:32:30 -0400 Subject: [PATCH 5/6] remove attic push --- .github/workflows/flake-health-checks.yml | 19 ------------------- .github/workflows/flake-update.yml | 7 +++++++ .github/workflows/nix-fmt.yml | 3 --- 3 files changed, 7 insertions(+), 22 deletions(-) diff --git a/.github/workflows/flake-health-checks.yml b/.github/workflows/flake-health-checks.yml index 7899203..fdbe490 100644 --- a/.github/workflows/flake-health-checks.yml +++ b/.github/workflows/flake-health-checks.yml @@ -20,22 +20,3 @@ jobs: skip-push: "true" - uses: actions/checkout@v4 - run: nix flake check --accept-flake-config - - run: nix ./utils/attic-push.bash - # build-checks: - # name: "Build nix outputs" - # runs-on: ubuntu-latest - # steps: - # - uses: DeterminateSystems/nix-installer-action@main - # - name: Setup Attic cache - # uses: ryanccn/attic-action@v0 - # with: - # endpoint: ${{ secrets.ATTIC_ENDPOINT }} - # cache: ${{ secrets.ATTIC_CACHE }} - # token: ${{ secrets.ATTIC_TOKEN }} - # skip-push: "true" - # - uses: actions/checkout@v4 - # - name: Build all outputs - # run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build . - # - name: Push to Attic - # run: nix ./utils/attic-push.bash - # continue-on-error: true diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml index 9685f71..5f5691f 100644 --- a/.github/workflows/flake-update.yml +++ b/.github/workflows/flake-update.yml @@ -16,6 +16,13 @@ jobs: uses: sigyl-actions/gitea-action-get-latest-release@main with: repository: ahuston-0/determinate-nix-installer + - name: Setup Attic cache + uses: ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} + skip-push: "true" - name: Install nix uses: https://github.com/DeterminateSystems/nix-installer-action@main with: diff --git a/.github/workflows/nix-fmt.yml b/.github/workflows/nix-fmt.yml index f94cbea..6ef5915 100644 --- a/.github/workflows/nix-fmt.yml +++ b/.github/workflows/nix-fmt.yml @@ -20,6 +20,3 @@ jobs: skip-push: "true" - uses: actions/checkout@v4 - run: nix fmt -- --check . - - name: Push to Attic - run: nix ./utils/attic-push.bash - continue-on-error: true -- 2.49.0 From 2cb803b39e5120501edfa36909adaa56ed96e519 Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Mon, 26 May 2025 18:37:32 -0400 Subject: [PATCH 6/6] add RUST_LOG for attic Signed-off-by: ahuston-0 --- systems/palatine-hill/attic/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/systems/palatine-hill/attic/default.nix b/systems/palatine-hill/attic/default.nix index d09d420..1b3580a 100644 --- a/systems/palatine-hill/attic/default.nix +++ b/systems/palatine-hill/attic/default.nix @@ -10,6 +10,10 @@ attic-client ]; + systemd.services.atticd.environment = { + RUST_LOG = "INFO"; + }; + services = { atticd = { enable = true; -- 2.49.0