From f1860b716091c6b91108ec03aad7e2723de3b053 Mon Sep 17 00:00:00 2001 From: Squibid Date: Sun, 9 Nov 2025 23:56:23 -0500 Subject: [PATCH 01/10] auto commit on build Makefile --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index f4bb098..4c6f289 100644 --- a/Makefile +++ b/Makefile @@ -8,6 +8,8 @@ endif ifeq ($(HOST),) $(error HOST not set) endif + git add . + git commit -m "auto commit on build" -m "`PAGER=cat git diff --name-only --cached`" rsync -azr ./ crown@$(IP):~/flake-config ssh crown@$(IP) "sudo nixos-rebuild switch --flake ~/flake-config#$(HOST)" From a0c5ca19bcc683d58b90aff6348f94c1453b42c7 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:08:42 -0500 Subject: [PATCH 02/10] auto commit on build Makefile --- Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Makefile b/Makefile index 4c6f289..b9e8443 100644 --- a/Makefile +++ b/Makefile @@ -8,8 +8,10 @@ endif ifeq ($(HOST),) $(error HOST not set) endif +ifneq (`git diff`,) git add . git commit -m "auto commit on build" -m "`PAGER=cat git diff --name-only --cached`" +endif rsync -azr ./ crown@$(IP):~/flake-config ssh crown@$(IP) "sudo nixos-rebuild switch --flake ~/flake-config#$(HOST)" From bf8face9e2086d8e3a379afce3f9d1a7884361ea Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:09:50 -0500 Subject: [PATCH 03/10] auto commit on build Makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index b9e8443..8482ac0 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ endif ifeq ($(HOST),) $(error HOST not set) endif -ifneq (`git diff`,) +ifneq ($(shell git diff),) git add . git commit -m "auto commit on build" -m "`PAGER=cat git diff --name-only --cached`" endif From 6718053b724a68f73074732900e7315c5952218e Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:16:28 -0500 Subject: [PATCH 04/10] add another todo --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 639c747..39094d6 100644 --- a/README.md +++ b/README.md @@ -38,3 +38,4 @@ time. - [ ] ff sync server - [ ] crayon - [ ] find a way to make my site deploy declaratively + - [ ] use snm flake instead of fetching the tarball From 2797c5064287047847b0e8ada530f9e3cecb1e34 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:21:49 -0500 Subject: [PATCH 05/10] add flake lockfile --- flake.lock | 142 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 142 insertions(+) create mode 100644 flake.lock diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..16d09e0 --- /dev/null +++ b/flake.lock @@ -0,0 +1,142 @@ +{ + "nodes": { + "declarative-jellyfin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems", + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1761143269, + "narHash": "sha256-pebbh3IEl8crA9g0fbHeUvNyawAvhO2kNq8klpUWyk0=", + "owner": "Sveske-Juice", + "repo": "declarative-jellyfin", + "rev": "740743deba3de6bc227d9769adb94d4a14a3f25c", + "type": "github" + }, + "original": { + "owner": "Sveske-Juice", + "repo": "declarative-jellyfin", + "type": "github" + } + }, + "nid": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762660502, + "narHash": "sha256-C9F1C31ys0V7mnp4EcDy7L1cLZw/sCTEXqqTtGnvu08=", + "owner": "nix-community", + "repo": "nix-index-database", + "rev": "15c5451c63f4c612874a43846bfe3fa828b03eee", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-index-database", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1762498405, + "narHash": "sha256-Zg/SCgCaAioc0/SVZQJxuECGPJy+OAeBcGeA5okdYDc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "6faeb062ee4cf4f105989d490831713cc5a43ee1", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-25.05", + "type": "indirect" + } + }, + "root": { + "inputs": { + "declarative-jellyfin": "declarative-jellyfin", + "nid": "nid", + "nixpkgs": "nixpkgs", + "sops-nix": "sops-nix", + "unstable": "unstable" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1762659808, + "narHash": "sha256-2Kv2mANf+FRisqhpfeZ8j9firBxb23ZvEXwdcunbpGI=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "524312bc62e3f34bd9231a2f66622663d3355133", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "id": "systems", + "type": "indirect" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "declarative-jellyfin", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749194973, + "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "unstable": { + "locked": { + "lastModified": 1762596750, + "narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + } + }, + "root": "root", + "version": 7 +} From 7a6b7b9d310b92aae7b73ce4d354bd41fca4a585 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:29:35 -0500 Subject: [PATCH 06/10] auto commit on build modules/os.nix --- modules/os.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/os.nix b/modules/os.nix index c1d5a86..5b49310 100644 --- a/modules/os.nix +++ b/modules/os.nix @@ -9,6 +9,7 @@ dates = "weekly"; automatic = true; randomizedDelaySec = "45min"; + options = "--delete-older-than 30d"; }; }; From 70a2087af416e91e69340e7da89263fa72a0ab16 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:34:22 -0500 Subject: [PATCH 07/10] auto commit on build hosts/blobercraft/alps.nix hosts/blobercraft/default.nix --- hosts/blobercraft/alps.nix | 3 +++ hosts/blobercraft/default.nix | 1 + 2 files changed, 4 insertions(+) create mode 100644 hosts/blobercraft/alps.nix diff --git a/hosts/blobercraft/alps.nix b/hosts/blobercraft/alps.nix new file mode 100644 index 0000000..6dcd71d --- /dev/null +++ b/hosts/blobercraft/alps.nix @@ -0,0 +1,3 @@ +{ + services.alps.enable = true; +} diff --git a/hosts/blobercraft/default.nix b/hosts/blobercraft/default.nix index 07474e3..a4021c5 100644 --- a/hosts/blobercraft/default.nix +++ b/hosts/blobercraft/default.nix @@ -6,6 +6,7 @@ ./minecraft.nix ./gatus.nix ./ai.nix + ./alps.nix ]; boot.loader.systemd-boot.enable = true; From e0606e1d6e1122ab19c8ac447a8d0d469b9745c9 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:34:59 -0500 Subject: [PATCH 08/10] auto commit on build hosts/blobercraft/alps.nix hosts/blobercraft/default.nix --- hosts/blobercraft/alps.nix | 3 --- hosts/blobercraft/default.nix | 1 - 2 files changed, 4 deletions(-) delete mode 100644 hosts/blobercraft/alps.nix diff --git a/hosts/blobercraft/alps.nix b/hosts/blobercraft/alps.nix deleted file mode 100644 index 6dcd71d..0000000 --- a/hosts/blobercraft/alps.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - services.alps.enable = true; -} diff --git a/hosts/blobercraft/default.nix b/hosts/blobercraft/default.nix index a4021c5..07474e3 100644 --- a/hosts/blobercraft/default.nix +++ b/hosts/blobercraft/default.nix @@ -6,7 +6,6 @@ ./minecraft.nix ./gatus.nix ./ai.nix - ./alps.nix ]; boot.loader.systemd-boot.enable = true; From c7a4943197fea04b8424f0f371df8cd62a14e59a Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:49:10 -0500 Subject: [PATCH 09/10] auto commit on build modules/fail2ban.nix --- modules/fail2ban.nix | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 modules/fail2ban.nix diff --git a/modules/fail2ban.nix b/modules/fail2ban.nix new file mode 100644 index 0000000..9d13305 --- /dev/null +++ b/modules/fail2ban.nix @@ -0,0 +1,3 @@ +{ + services.fail2ban.enable = true; +} From cb143193ee49b7983d2b57480577f0be1d9c6032 Mon Sep 17 00:00:00 2001 From: Squibid Date: Mon, 10 Nov 2025 01:52:40 -0500 Subject: [PATCH 10/10] auto commit on build hosts/crayon/git.nix --- hosts/crayon/git.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/crayon/git.nix b/hosts/crayon/git.nix index ef05b6d..d020b9a 100644 --- a/hosts/crayon/git.nix +++ b/hosts/crayon/git.nix @@ -27,6 +27,10 @@ in { REGISTER_MANUAL_CONFIRM = true; # all new users must be approved by me }; ui.DEFAULT_THEME = "gitea-dark"; + repository = { + DEFAULT_PUSH_CREATE_PRIVATE = false; + ENABLE_PUSH_CREATE_USER = true; + }; }; }; }