Claude Code Channels replaces OpenClaw for the @HarakatBot Telegram
bridge. Uses claude.ai subscription auth via long-lived OAuth token
at /etc/claude-channels/env — sidesteps the API rate limits OpenClaw
was hitting.
Runs as danny since plugin + pairing state lives in ~/.claude.
Wraps claude in script(1) because claude needs a PTY for its
interactive session mode.
OpenClaw service disabled but config kept for easy rollback during
validation. Will be fully removed once Channels is proven stable.
Her workspace (SOUL/MEMORY/IDENTITY/etc) is preserved in
vimwiki/openclaw/workspace/.
- Add import-tree input; flake.nix now auto-loads every file under
./flake-modules so new hosts/features drop in without editing flake.nix.
- Extract the duplicated dotfiles-rebuild service, timer, and
safe.directory wiring into nixos/modules/dotfiles-rebuild.nix, exposed
via flake.nixosModules.dotfiles-rebuild.
- sunken-ship and phantom-ship now pull it in from their flake-modules;
hostname-specific flakeRef is derived from config.networking.hostName.
The dotfiles-rebuild service runs as root, but /etc/dotfiles is owned
by `danny`. The GIT_CONFIG_* env vars in the service unit only affect
the git CLI — nix/libgit2 reads safe.directory from /etc/gitconfig.
After a recent nixpkgs bump libgit2 now enforces this strictly, so the
service was failing to evaluate the flake.
Enable programs.git and set programs.git.config.safe.directory =
[ dotfilesDir ] on both sunken-ship and phantom-ship so the trust is
persistent and Nix-managed.
Claude Code Channels will replace OpenClaw for the Telegram bot.
Channels uses claude.ai subscription auth instead of pay-as-you-go
API, sidestepping the rate limits Hara has been hitting.
nixos-rebuild was failing with "fsType accessed but has no value
defined" on newer nixpkgs. Bind mounts need fsType=none explicitly.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New fitness-bot-pull service + timer, modeled on dotfiles-rebuild.
Checks origin/main for new commits, pulls + restarts the service if
the HEAD moved. Offset by 7 min from dotfiles-rebuild to avoid
overlap.
Code now lives at github.com/DannyDannyDanny/bigbiggerbiggestbot
(cloned to /home/danny/tg_fitness_bot). workouts.db is gitignored
so it's preserved across pulls.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Exposes navidrome via music.dannydannydanny.me.
Bypasses CGNAT — no port forwarding needed.
Token stored outside repo at ~/.secrets/cloudflare-tunnel-token.
- Enable Wake-on-LAN (magic packet) on rusty-anchor enp2s0 via systemd service
- Add vt-theme script to rusty-anchor: switches between Catppuccin Latte/Mocha
- Theme state persisted in /etc/vt-theme, applied on login via profile.d
- alacritty-sync-system-theme.sh now SSHes to rusty-anchor and pushes the
macOS light/dark change (best-effort, non-blocking, skips if unchanged)
- Add wakeonlan to phantom-ship packages (wakeonlan 00:16:cb:87:20:ba)
Adds git and nodejs to openclaw-gateway service PATH. Configures a
git credential helper that reads a fine-grained PAT from
/etc/openclaw/github-token. Creates /var/lib/openclaw/repos for
repo clones.
Code deployed separately via rsync (private repo, not referenced here).
Expects code at /home/danny/tg_fitness_bot/ and token at
~/.secrets/bigbiggerbiggestbot.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Telegram bot via nix-openclaw NixOS module. Secrets (API key,
bot token) loaded from /etc/openclaw/ at runtime. Telegram user
ID read from gitignored openclaw-allow-from.nix.
Shares WiFi internet to rusty-anchor over ethernet via dnsmasq DHCP
and iptables NAT. Rusty-anchor gets DHCP on 10.0.0.x with phantom-ship
as gateway and DNS.
Enable home-manager on WSL, importing the shared home.nix config.
Remove duplicate packages and env vars from wsl.nix that are now
provided by home-manager (git, ripgrep, fzf, direnv, etc.).
Drop PipeWire (WirePlumber fails to detect ALSA cards without a
graphical session). Use GStreamer alsasink with plughw:USB,0 to
output directly to the Scarlett Solo.
Enable PipeWire with ALSA/PulseAudio compat so GStreamer can output
audio. Move UxPlay to a user service with linger so it can reach
PipeWire. Add danny to audio group, add alsa-utils for debugging.
Use the Homebrew cask on Apple Silicon because the nixpkgs package is x86_64-darwin only, and document the reason inline to prevent future regressions.
Made-with: Cursor
Implement launchd daemons for automatic Nix garbage collection and store optimization on a weekly schedule. The configuration includes intervals for both tasks to ensure efficient management of Nix store resources.
