Claude Code Channels replaces OpenClaw for the @HarakatBot Telegram
bridge. Uses claude.ai subscription auth via long-lived OAuth token
at /etc/claude-channels/env — sidesteps the API rate limits OpenClaw
was hitting.
Runs as danny since plugin + pairing state lives in ~/.claude.
Wraps claude in script(1) because claude needs a PTY for its
interactive session mode.
OpenClaw service disabled but config kept for easy rollback during
validation. Will be fully removed once Channels is proven stable.
Her workspace (SOUL/MEMORY/IDENTITY/etc) is preserved in
vimwiki/openclaw/workspace/.
- Add import-tree input; flake.nix now auto-loads every file under
./flake-modules so new hosts/features drop in without editing flake.nix.
- Extract the duplicated dotfiles-rebuild service, timer, and
safe.directory wiring into nixos/modules/dotfiles-rebuild.nix, exposed
via flake.nixosModules.dotfiles-rebuild.
- sunken-ship and phantom-ship now pull it in from their flake-modules;
hostname-specific flakeRef is derived from config.networking.hostName.
The dotfiles-rebuild service runs as root, but /etc/dotfiles is owned
by `danny`. The GIT_CONFIG_* env vars in the service unit only affect
the git CLI — nix/libgit2 reads safe.directory from /etc/gitconfig.
After a recent nixpkgs bump libgit2 now enforces this strictly, so the
service was failing to evaluate the flake.
Enable programs.git and set programs.git.config.safe.directory =
[ dotfilesDir ] on both sunken-ship and phantom-ship so the trust is
persistent and Nix-managed.
Claude Code Channels will replace OpenClaw for the Telegram bot.
Channels uses claude.ai subscription auth instead of pay-as-you-go
API, sidestepping the rate limits Hara has been hitting.
nixos-rebuild was failing with "fsType accessed but has no value
defined" on newer nixpkgs. Bind mounts need fsType=none explicitly.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New fitness-bot-pull service + timer, modeled on dotfiles-rebuild.
Checks origin/main for new commits, pulls + restarts the service if
the HEAD moved. Offset by 7 min from dotfiles-rebuild to avoid
overlap.
Code now lives at github.com/DannyDannyDanny/bigbiggerbiggestbot
(cloned to /home/danny/tg_fitness_bot). workouts.db is gitignored
so it's preserved across pulls.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Exposes navidrome via music.dannydannydanny.me.
Bypasses CGNAT — no port forwarding needed.
Token stored outside repo at ~/.secrets/cloudflare-tunnel-token.
- Enable Wake-on-LAN (magic packet) on rusty-anchor enp2s0 via systemd service
- Add vt-theme script to rusty-anchor: switches between Catppuccin Latte/Mocha
- Theme state persisted in /etc/vt-theme, applied on login via profile.d
- alacritty-sync-system-theme.sh now SSHes to rusty-anchor and pushes the
macOS light/dark change (best-effort, non-blocking, skips if unchanged)
- Add wakeonlan to phantom-ship packages (wakeonlan 00:16:cb:87:20:ba)
Adds git and nodejs to openclaw-gateway service PATH. Configures a
git credential helper that reads a fine-grained PAT from
/etc/openclaw/github-token. Creates /var/lib/openclaw/repos for
repo clones.
Code deployed separately via rsync (private repo, not referenced here).
Expects code at /home/danny/tg_fitness_bot/ and token at
~/.secrets/bigbiggerbiggestbot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Telegram bot via nix-openclaw NixOS module. Secrets (API key,
bot token) loaded from /etc/openclaw/ at runtime. Telegram user
ID read from gitignored openclaw-allow-from.nix.
Shares WiFi internet to rusty-anchor over ethernet via dnsmasq DHCP
and iptables NAT. Rusty-anchor gets DHCP on 10.0.0.x with phantom-ship
as gateway and DNS.
Enable home-manager on WSL, importing the shared home.nix config.
Remove duplicate packages and env vars from wsl.nix that are now
provided by home-manager (git, ripgrep, fzf, direnv, etc.).
Drop PipeWire (WirePlumber fails to detect ALSA cards without a
graphical session). Use GStreamer alsasink with plughw:USB,0 to
output directly to the Scarlett Solo.
Enable PipeWire with ALSA/PulseAudio compat so GStreamer can output
audio. Move UxPlay to a user service with linger so it can reach
PipeWire. Add danny to audio group, add alsa-utils for debugging.
Use the Homebrew cask on Apple Silicon because the nixpkgs package is x86_64-darwin only, and document the reason inline to prevent future regressions.
Made-with: Cursor
Implement launchd daemons for automatic Nix garbage collection and store optimization on a weekly schedule. The configuration includes intervals for both tasks to ensure efficient management of Nix store resources.
Enable declarative Homebrew cask management on the macOS host so Google Chrome is installed during darwin activation and stale Homebrew items are cleaned up with zap.
Made-with: Cursor
