From cda9c4cf0fa99118e425360ac25476753b62071c Mon Sep 17 00:00:00 2001 From: Danny Date: Sat, 23 May 2026 11:51:20 +0200 Subject: [PATCH] sunken-ship: drop python-telegram-bot from fitness-bot pythonEnvs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bot.py was deleted upstream — neither prod nor shipyard launches a polling bot anymore. server.py only needs python-dotenv + aiohttp. Also refresh the prod section's comment + service description to reflect the Mini-App-only architecture. Co-Authored-By: Claude Opus 4.7 (1M context) --- docs/server-installer-usb.md | 37 +++++++++++++++++++++--- flake-modules/installer-iso.nix | 8 +++-- nixos/hosts/sunken-ship.nix | 16 +++++----- scripts/build-installer-iso-on-server.sh | 35 +++++++++++++++++----- 4 files changed, 75 insertions(+), 21 deletions(-) diff --git a/docs/server-installer-usb.md b/docs/server-installer-usb.md index 4c69d53..295f227 100644 --- a/docs/server-installer-usb.md +++ b/docs/server-installer-usb.md @@ -94,16 +94,45 @@ sudo dd if=result/iso/nixos-minimal-*.iso of=/dev/sdX status=progress bs=4M ## Live-system WiFi (optional, custom ISO only) -Create `nixos/installer-wifi.nix` (gitignored): +The minimal installer ISO runs NetworkManager, so live-system WiFi must be a +declarative NetworkManager profile. `networking.wireless` / wpa_supplicant does +**not** work here — NixOS asserts you cannot combine `networking.networkmanager` +with `networking.wireless.networks`. + +Create `nixos/installer-wifi.nix` (gitignored — it holds the PSK): ```nix { - networking.wireless.enable = true; - networking.wireless.networks."YourSSID".psk = "your-password"; + networking.networkmanager.ensureProfiles.profiles.installer-wifi = { + connection = { + id = "installer-wifi"; + type = "wifi"; + }; + wifi = { + mode = "infrastructure"; + ssid = "YourSSID"; + }; + wifi-security = { + auth-alg = "open"; + key-mgmt = "wpa-psk"; + psk = "your-password"; + }; + ipv4.method = "auto"; + ipv6.method = "auto"; + }; } ``` -Add to flake's installer-iso modules, rebuild ISO on Linux. +`flake-modules/installer-iso.nix` auto-includes this file when present (via a +`builtins.pathExists` check) — no flake edit needed. Because the file is +gitignored, the flake only sees it once it is staged: + +- **`build-installer-iso-on-server.sh`** copies the file to the build host and + runs `git add -f` automatically. +- For a **direct `nix build`**, run `git add -f nixos/installer-wifi.nix` first + (staging is enough — never commit it; it contains the PSK). + +Then rebuild the ISO on Linux. ## Installed-system WiFi (optional) diff --git a/flake-modules/installer-iso.nix b/flake-modules/installer-iso.nix index fc18929..03609ab 100644 --- a/flake-modules/installer-iso.nix +++ b/flake-modules/installer-iso.nix @@ -1,9 +1,13 @@ { inputs, self, ... }: { # Custom minimal installer ISO (build with: nix build .#installer-iso). - # Optional: add ./installer-wifi.nix (gitignored) to modules for live WiFi. + # nixos/installer-wifi.nix (gitignored) is auto-included when present, to + # preconfigure live-system WiFi. See docs/server-installer-usb.md. flake.nixosConfigurations.installer-iso = inputs.nixpkgs.lib.nixosSystem { system = "x86_64-linux"; - modules = [ ../nixos/installer-iso.nix ]; + modules = [ ../nixos/installer-iso.nix ] + ++ inputs.nixpkgs.lib.optional + (builtins.pathExists ../nixos/installer-wifi.nix) + ../nixos/installer-wifi.nix; }; flake.packages.x86_64-linux.installer-iso = diff --git a/nixos/hosts/sunken-ship.nix b/nixos/hosts/sunken-ship.nix index fd14e1b..0ab8f33 100644 --- a/nixos/hosts/sunken-ship.nix +++ b/nixos/hosts/sunken-ship.nix @@ -149,23 +149,26 @@ }; }; - # BigBiggerBiggestBot — Telegram fitness tracker with Mini App. + # BigBiggerBiggestBot — Mini App backend (no Telegram polling). # Code: https://github.com/DannyDannyDanny/bigbiggerbiggestbot cloned at /home/danny/tg_fitness_bot - # Bot token: ~danny/.secrets/bigbiggerbiggestbot + # Bot token (used only for validating Telegram WebApp initData HMACs): + # ~danny/.secrets/bigbiggerbiggestbot # Deployment: fitness-bot-pull timer below runs every 15 min, git pulls, restarts service on changes. # # Mini App URL is fronted by Caddy on the vps-relay host at # https://bbbot.dannydannydanny.me (VPS → ZeroTier → localhost:8080). - # The bot's start.py honors WEBAPP_URL to skip starting its own - # cloudflared Quick Tunnel when we've got a stable URL from the VPS. + # start.py honors WEBAPP_URL to skip starting its own cloudflared + # Quick Tunnel when the stable URL from the VPS is already set. + # + # The slash-command bot (bot.py) was removed in May 2026 — the Mini App + # is now the only interface. No python-telegram-bot dependency required. systemd.services.fitness-bot = let pythonEnv = pkgs.python3.withPackages (ps: with ps; [ - python-telegram-bot python-dotenv aiohttp ]); in { - description = "BigBiggerBiggestBot Telegram fitness tracker"; + description = "BigBiggerBiggestBot Mini App backend"; after = [ "network-online.target" ]; wants = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; @@ -228,7 +231,6 @@ # beta in shipyard_poc_bot's launcher → test → git push :main. systemd.services.fitness-bot-shipyard = let pythonEnv = pkgs.python3.withPackages (ps: with ps; [ - python-telegram-bot python-dotenv aiohttp ]); diff --git a/scripts/build-installer-iso-on-server.sh b/scripts/build-installer-iso-on-server.sh index d969b68..e7bd002 100755 --- a/scripts/build-installer-iso-on-server.sh +++ b/scripts/build-installer-iso-on-server.sh @@ -5,12 +5,17 @@ # host: SSH host (default: sunken-ship) # output_dir: where to save the ISO on your Mac (default: .) # Override SSH key: SSH_KEY=~/.ssh/my_key ./scripts/build-installer-iso-on-server.sh +# +# If nixos/installer-wifi.nix exists locally (gitignored), it is copied into +# the build and the ISO gets preconfigured live-system WiFi. flake-modules/ +# installer-iso.nix auto-includes it via a builtins.pathExists check. set -euo pipefail HOST="${1:-sunken-ship}" OUT="${2:-.}" +REPO_ROOT=$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd) -# Use sunken-ship key if not set (AGENTS.md) +# Default to the sunken-ship SSH key when targeting that host. if [[ -n "${SSH_KEY:-}" ]]; then SSH_OPTS=(-i "$SSH_KEY") elif [[ "$HOST" == "sunken-ship" ]] && [[ -f ~/.ssh/id_ed25519_sunken_ship ]]; then @@ -19,23 +24,37 @@ else SSH_OPTS=() fi -echo "Pushing branch so server can pull..." -git push origin server-installer-usb 2>/dev/null || true +echo "Pushing main so the server can clone the latest..." +git -C "$REPO_ROOT" push origin main 2>/dev/null || true -echo "On $HOST: clone branch, build ISO..." +echo "On $HOST: clone main into ~/dotfiles-iso-build..." ssh "${SSH_OPTS[@]}" "$HOST" 'set -e BUILD_DIR=~/dotfiles-iso-build rm -rf "$BUILD_DIR" - git clone --branch server-installer-usb https://github.com/DannyDannyDanny/dotfiles.git "$BUILD_DIR" - cd "$BUILD_DIR/nixos" + git clone --branch main https://github.com/DannyDannyDanny/dotfiles.git "$BUILD_DIR" +' + +# Optional live-system WiFi: the module is gitignored, so a fresh clone never +# has it. Copy it in and stage it (git add -f) so the flake sees it -- a flake +# build only includes git-tracked files. +if [[ -f "$REPO_ROOT/nixos/installer-wifi.nix" ]]; then + echo "Found nixos/installer-wifi.nix - including live-system WiFi in the ISO." + scp "${SSH_OPTS[@]}" "$REPO_ROOT/nixos/installer-wifi.nix" \ + "$HOST:dotfiles-iso-build/nixos/installer-wifi.nix" + ssh "${SSH_OPTS[@]}" "$HOST" 'cd ~/dotfiles-iso-build && git add -f nixos/installer-wifi.nix' +fi + +echo "On $HOST: build ISO (flake is at the repo root)..." +ssh "${SSH_OPTS[@]}" "$HOST" 'set -e + cd ~/dotfiles-iso-build nix build .#installer-iso ls -la result/iso/ ' -ISO_NAME=$(ssh "${SSH_OPTS[@]}" "$HOST" 'ls ~/dotfiles-iso-build/nixos/result/iso/*.iso 2>/dev/null | head -1') +ISO_NAME=$(ssh "${SSH_OPTS[@]}" "$HOST" 'ls ~/dotfiles-iso-build/result/iso/*.iso 2>/dev/null | head -1') ISO_NAME=$(basename "$ISO_NAME") echo "Copying $ISO_NAME to $OUT ..." -scp "${SSH_OPTS[@]}" "$HOST:~/dotfiles-iso-build/nixos/result/iso/$ISO_NAME" "$OUT/" +scp "${SSH_OPTS[@]}" "$HOST:dotfiles-iso-build/result/iso/$ISO_NAME" "$OUT/" echo "Done. ISO at $OUT/$ISO_NAME" echo "Write to USB: diskutil unmountDisk diskN && sudo dd if=$OUT/$ISO_NAME of=/dev/rdiskN bs=4m"