From fc9894c32f29dab890ac53fc722f7849c25e6922 Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Tue, 12 May 2026 10:13:11 +0200 Subject: [PATCH 1/9] feat: install zed-editor :sparkles: --- nixos/home/danny/home.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/home/danny/home.nix b/nixos/home/danny/home.nix index 16d9adf..739abc2 100644 --- a/nixos/home/danny/home.nix +++ b/nixos/home/danny/home.nix @@ -228,7 +228,7 @@ # alacritty # TODO: configured via programs.alacritty above, so not needed here # warp-terminal # TODO: Bloat # vscodium # TODO: Bloat - # zed-editor # TODO: Bloat + zed-editor code-cursor cursor-cli dfu-util # USB DFU firmware flasher (Flipper Zero etc.) From 4fab9a28a20fe6a19c05df5a40fb425dbf0ca11b Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Tue, 12 May 2026 13:57:36 +0200 Subject: [PATCH 2/9] chore: update flake.lock :arrow_up: --- flake.lock | 157 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 92 insertions(+), 65 deletions(-) diff --git a/flake.lock b/flake.lock index 106a124..c524fd2 100644 --- a/flake.lock +++ b/flake.lock @@ -13,11 +13,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1776708356, - "narHash": "sha256-Smv2algQmojsu0m9EEXs+Oy0Tg/SjwI5WN66u/BaxYs=", + "lastModified": 1778267301, + "narHash": "sha256-/SEnX0wGQuvQ78EKWTIDA8nCUaJhCD0nVbtP5evFdSQ=", "ref": "fix/dm-pull-deploy-hyphen-hostnames", - "rev": "796ee625b60941bb959039924bfc39e5d13481cc", - "revCount": 46, + "rev": "bd2f9c63ed5613eb52a03116df88b06275171f55", + "revCount": 47, "type": "git", "url": "https://git.clan.lol/dannydannydanny/clan-community.git" }, @@ -44,11 +44,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1776557977, - "narHash": "sha256-j+UWg3fR6jWKPqkPoqRf1a6nR1b/AnZXDuh04H+voUc=", - "rev": "e9ced950bedc726492e5cb52139bf5f17258dc69", + "lastModified": 1778462753, + "narHash": "sha256-/9qWZbrwoVWP0YWuC1Z5HMEb/oy6rNsjypUKTuk1PB4=", + "rev": "09551fdb27a7e5712bef371e9271034d503242ed", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/e9ced950bedc726492e5cb52139bf5f17258dc69.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/clan-core/archive/09551fdb27a7e5712bef371e9271034d503242ed.tar.gz" }, "original": { "type": "tarball", @@ -71,11 +71,11 @@ ] }, "locked": { - "lastModified": 1776506822, - "narHash": "sha256-WlxAhXEoDHbkfFw3uNYra0CXce7pBk314x9chPu7ycE=", - "rev": "c3f48f5931b27bb9cc58de8799d36ecefb867d98", + "lastModified": 1776654564, + "narHash": "sha256-5bpzOOXsaAr4g25/ghtKdYO17xg0l+MieCcWgqx24eY=", + "rev": "ad23733ebc47284dc1158db43218cf4027824aee", "type": "tarball", - "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/c3f48f5931b27bb9cc58de8799d36ecefb867d98.tar.gz" + "url": "https://git.clan.lol/api/v1/repos/clan/data-mesher/archive/ad23733ebc47284dc1158db43218cf4027824aee.tar.gz" }, "original": { "type": "tarball", @@ -90,11 +90,11 @@ ] }, "locked": { - "lastModified": 1773889306, - "narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=", + "lastModified": 1776613567, + "narHash": "sha256-gC9Cp5ibBmGD5awCA9z7xy6MW6iJufhazTYJOiGlCUI=", "owner": "nix-community", "repo": "disko", - "rev": "5ad85c82cc52264f4beddc934ba57f3789f28347", + "rev": "32f4236bfc141ae930b5ba2fb604f561fed5219d", "type": "github" }, "original": { @@ -110,11 +110,11 @@ ] }, "locked": { - "lastModified": 1773889306, - "narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=", + "lastModified": 1777713215, + "narHash": "sha256-8GzXDOXckDWwST8TY5DbwYFjdvQLlP7K9CLSVx6iTTo=", "owner": "nix-community", "repo": "disko", - "rev": "5ad85c82cc52264f4beddc934ba57f3789f28347", + "rev": "63b4e7e6cf75307c1d26ac3762b886b5b0247267", "type": "github" }, "original": { @@ -167,11 +167,11 @@ ] }, "locked": { - "lastModified": 1775087534, - "narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=", + "lastModified": 1777988971, + "narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b", + "rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff", "type": "github" }, "original": { @@ -223,11 +223,11 @@ ] }, "locked": { - "lastModified": 1776184304, - "narHash": "sha256-No6QGBmIv5ChiwKCcbkxjdEQ/RO2ZS1gD7SFy6EZ7rc=", + "lastModified": 1778444552, + "narHash": "sha256-f18pIiR9q/p1vHY93gmAum7aHhQOG49oGvAB9+lptRo=", "owner": "nix-community", "repo": "home-manager", - "rev": "3c7524c68348ef79ce48308e0978611a050089b2", + "rev": "dcebe66f958673729896eec2de4abfd86ef22d21", "type": "github" }, "original": { @@ -265,11 +265,11 @@ ] }, "locked": { - "lastModified": 1774991950, - "narHash": "sha256-kScKj3qJDIWuN9/6PMmgy5esrTUkYinrO5VvILik/zw=", + "lastModified": 1777594677, + "narHash": "sha256-h90sHwoRJLRvaTpZroTvU2JRHDFj0czUafM8eqLe1RI=", "owner": "nix-community", "repo": "home-manager", - "rev": "f2d3e04e278422c7379e067e323734f3e8c585a7", + "rev": "899c08a15beae5da51a5cecd6b2b994777a948da", "type": "github" }, "original": { @@ -321,11 +321,11 @@ ] }, "locked": { - "lastModified": 1775037210, - "narHash": "sha256-KM2WYj6EA7M/FVZVCl3rqWY+TFV5QzSyyGE2gQxeODU=", + "lastModified": 1777780666, + "narHash": "sha256-8wURyQMdDkGUarSTKOGdCuFfYiwa3HbzwscUfn3STDE=", "owner": "nix-darwin", "repo": "nix-darwin", - "rev": "06648f4902343228ce2de79f291dd5a58ee12146", + "rev": "8c62fba0854ba15c8917aed18894dbccb48a3777", "type": "github" }, "original": { @@ -339,17 +339,18 @@ "inputs": { "flake-utils": "flake-utils", "home-manager": "home-manager_2", - "nix-steipete-tools": "nix-steipete-tools", + "nix-openclaw-tools": "nix-openclaw-tools", "nixpkgs": [ "nixpkgs" - ] + ], + "qmd": "qmd" }, "locked": { - "lastModified": 1776183358, - "narHash": "sha256-uRWaRXGhkyGWMbNgQcmx0+RPzPLenVGopkNHgAEfmBQ=", + "lastModified": 1778353239, + "narHash": "sha256-g0yC+loN19X3Xyn6RuBHeWzevH7Qymt0REW+kyGuCLY=", "owner": "openclaw", "repo": "nix-openclaw", - "rev": "53aac0dce0810c40c75793fdad3d41b0f7e7baaf", + "rev": "e2ea91056fdd0836bef96326a2b687277dbe3e1c", "type": "github" }, "original": { @@ -358,6 +359,24 @@ "type": "github" } }, + "nix-openclaw-tools": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1778060041, + "narHash": "sha256-tXWkN1VnwFG8XlRqW/e7VwbKnUfyU9tB7YDm9QHJXTY=", + "owner": "openclaw", + "repo": "nix-openclaw-tools", + "rev": "4c1cee3c7eaf68f9de0f756be1484534f5bb5f34", + "type": "github" + }, + "original": { + "owner": "openclaw", + "repo": "nix-openclaw-tools", + "type": "github" + } + }, "nix-select": { "locked": { "lastModified": 1763303120, @@ -371,35 +390,17 @@ "url": "https://git.clan.lol/clan/nix-select/archive/main.tar.gz" } }, - "nix-steipete-tools": { - "inputs": { - "nixpkgs": "nixpkgs" - }, - "locked": { - "lastModified": 1773561580, - "narHash": "sha256-wT0bKTp45YnMkc4yXQvk943Zz/rksYiIjEXGdWzxnic=", - "owner": "openclaw", - "repo": "nix-steipete-tools", - "rev": "cd4c429ff3b3aaef9f92e59812cf2baf5704b86f", - "type": "github" - }, - "original": { - "owner": "openclaw", - "repo": "nix-steipete-tools", - "type": "github" - } - }, "nixos-wsl": { "inputs": { "flake-compat": "flake-compat", "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1776255237, - "narHash": "sha256-LQjlc0VEn55WAT4BiI8sIsokb/2FNlcbBD+Xr3MTE24=", + "lastModified": 1777732699, + "narHash": "sha256-2uX/XtOWZ/oy2rerRynVhqVA//ZXZ3Fo60PikLHEPQc=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "9a8c2a85f1ffdcecfb0f9c52c5a73c49ceb43911", + "rev": "5482f113fd31ebac131d1ebeb2ae90bf0d5e41f5", "type": "github" }, "original": { @@ -427,11 +428,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1773734432, - "narHash": "sha256-IF5ppUWh6gHGHYDbtVUyhwy/i7D261P7fWD1bPefOsw=", + "lastModified": 1776169885, + "narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cda48547b432e8d3b18b4180ba07473762ec8558", + "rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9", "type": "github" }, "original": { @@ -443,11 +444,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1776255774, - "narHash": "sha256-psVTpH6PK3q1htMJpmdz1hLF5pQgEshu7gQWgKO6t6Y=", + "lastModified": 1778274207, + "narHash": "sha256-I4puXmX1iovcCHZlRmztO3vW0mAbbRvq4F8wgIMQ1MM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "566acc07c54dc807f91625bb286cb9b321b5f42a", + "rev": "b3da656039dc7a6240f27b2ef8cc6a3ef3bccae7", "type": "github" }, "original": { @@ -471,6 +472,32 @@ "type": "indirect" } }, + "qmd": { + "inputs": { + "flake-utils": [ + "nix-openclaw", + "flake-utils" + ], + "nixpkgs": [ + "nix-openclaw", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1775429264, + "narHash": "sha256-bqIVaNRTa8H5vrw3RwsD7QdtTa0xNvRuEVzlzE1hIBQ=", + "owner": "tobi", + "repo": "qmd", + "rev": "65cd1b3fd02891d1ee0eefa751620918664fa321", + "type": "github" + }, + "original": { + "owner": "tobi", + "ref": "v2.1.0", + "repo": "qmd", + "type": "github" + } + }, "root": { "inputs": { "clan-community": "clan-community", @@ -638,11 +665,11 @@ ] }, "locked": { - "lastModified": 1776317517, - "narHash": "sha256-JP1XVRabZquf7pnXvRUjp7DV+EBrB6Qmp3+vG3HMy/k=", + "lastModified": 1778394798, + "narHash": "sha256-/jR8bModWv0ji305ecMgAB+2eaXLZiYdH+9Z4JIRkuA=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "0a7be59e988bb2cb452080f59aaabae70bc415ae", + "rev": "45bc54456044b96492923739bfae633e1a4352e1", "type": "github" }, "original": { From 0f34d2508de2299794bada37ee7f195aabb61e0b Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Sun, 17 May 2026 12:55:58 +0200 Subject: [PATCH 3/9] feat: add kf.dannydannydanny.me portfolio vhost :sparkles: Routes the new subdomain to the existing notes service on phantom-ship :8092 (Host-header routed). Serves Kyranna Fardi's architecture portfolio. Co-Authored-By: Claude Opus 4.7 (1M context) --- nixos/hosts/vps-relay.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/hosts/vps-relay.nix b/nixos/hosts/vps-relay.nix index 1914698..bd93b25 100644 --- a/nixos/hosts/vps-relay.nix +++ b/nixos/hosts/vps-relay.nix @@ -145,6 +145,11 @@ "dannydannydanny.me".extraConfig = '' reverse_proxy http://[fdd5:53a2:de33:d269:6499:936c:48a:bbdc]:8092 ''; + # kf — Kyranna Fardi architecture portfolio. Same notes service on + # phantom :8092, routed by Host header (PORTFOLIO_HOST). + "kf.dannydannydanny.me".extraConfig = '' + reverse_proxy http://[fdd5:53a2:de33:d269:6499:936c:48a:bbdc]:8092 + ''; }; }; From 5d4f2048a63ddae41c3a92d3fe37435c7a13983b Mon Sep 17 00:00:00 2001 From: Hara Date: Wed, 20 May 2026 15:37:31 +0200 Subject: [PATCH 4/9] hara: heartbeat timer reduced to once daily at 06:07 --- nixos/hosts/phantom-ship.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/hosts/phantom-ship.nix b/nixos/hosts/phantom-ship.nix index 90886cc..4e71c54 100644 --- a/nixos/hosts/phantom-ship.nix +++ b/nixos/hosts/phantom-ship.nix @@ -545,7 +545,7 @@ in systemd.timers.hara-heartbeat = { wantedBy = [ "timers.target" ]; timerConfig = { - OnCalendar = "06,10,14,18:07"; + OnCalendar = "06:07"; Timezone = "Europe/Copenhagen"; Persistent = true; }; From 0c11628f734e2c83e330247ad6edefd83605fcbb Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Wed, 20 May 2026 18:44:51 +0200 Subject: [PATCH 5/9] phantom-ship: Catppuccin theme for Forgejo (mocha + mauve) Adds catppuccin flake input and wires its NixOS module into phantom-ship's imports via clan.nix. Enables catppuccin.forgejo with mocha flavor + mauve accent on the running Forgejo instance. Module ref: https://nix.catppuccin.com/options/main/nixos/catppuccin.forgejo/ --- flake-modules/clan.nix | 1 + flake.lock | 21 +++++++++++++++++++++ flake.nix | 6 ++++++ nixos/hosts/phantom-ship.nix | 8 ++++++++ 4 files changed, 36 insertions(+) diff --git a/flake-modules/clan.nix b/flake-modules/clan.nix index 6b4a5d0..d8fe760 100644 --- a/flake-modules/clan.nix +++ b/flake-modules/clan.nix @@ -167,6 +167,7 @@ in { } clanHostsModule inputs.nix-openclaw.nixosModules.openclaw-gateway + inputs.catppuccin.nixosModules.catppuccin ../nixos/hosts/phantom-ship.nix config.flake.nixosModules.dotfiles-rebuild config.flake.nixosModules.server-debug-tools diff --git a/flake.lock b/flake.lock index c524fd2..6ae35fc 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,25 @@ { "nodes": { + "catppuccin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1779125773, + "narHash": "sha256-F34zmAgMQXHwvFb9SpCilX4cAIfF4+KvpzrJqnkNLJE=", + "owner": "catppuccin", + "repo": "nix", + "rev": "86996e2c4ee6a091fddb10de56dd21a1a5972bcb", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nix", + "type": "github" + } + }, "clan-community": { "inputs": { "clan-core": [ @@ -500,6 +520,7 @@ }, "root": { "inputs": { + "catppuccin": "catppuccin", "clan-community": "clan-community", "clan-core": "clan-core", "disko": "disko_2", diff --git a/flake.nix b/flake.nix index 30e7d71..b0b6579 100644 --- a/flake.nix +++ b/flake.nix @@ -25,6 +25,12 @@ nix-openclaw.url = "github:openclaw/nix-openclaw"; nix-openclaw.inputs.nixpkgs.follows = "nixpkgs"; + # Catppuccin NixOS module — used for theming Forgejo (and any future + # NixOS-level services). Home-manager/neovim/alacritty Catppuccin lives + # outside this input (separate nixpkgs packages). + catppuccin.url = "github:catppuccin/nix"; + catppuccin.inputs.nixpkgs.follows = "nixpkgs"; + clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; clan-core.inputs.nixpkgs.follows = "nixpkgs"; clan-core.inputs.flake-parts.follows = "flake-parts"; diff --git a/nixos/hosts/phantom-ship.nix b/nixos/hosts/phantom-ship.nix index 90886cc..d3ebf6f 100644 --- a/nixos/hosts/phantom-ship.nix +++ b/nixos/hosts/phantom-ship.nix @@ -581,6 +581,14 @@ in }; }; + # Catppuccin theme for Forgejo — module wired in via clan.nix's + # phantom-ship.imports (inputs.catppuccin.nixosModules.catppuccin). + catppuccin.forgejo = { + enable = true; + flavor = "mocha"; + accent = "mauve"; + }; + # Auto-rebuild service/timer + safe.directory provided by the # shared dotfiles-rebuild NixOS module (see nixos/modules/dotfiles-rebuild.nix). } From 2e9441f367e92f12b35851778e1957b385c08c42 Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Wed, 20 May 2026 19:31:22 +0200 Subject: [PATCH 6/9] Retire dotfiles-rebuild, switch to dm-pull-deploy push timer - Drop modules/dotfiles-rebuild.nix and its imports in clan.nix; sunken-ship + phantom-ship no longer ship the legacy 15-min rebuild-from-git timer. - Add dm-pull-deploy-push systemd timer on sunken-ship: every 15min runs dm-send-deploy to announce origin/main rev via data-mesher gossip (sunken is the dm-pull-deploy push node). - Fix mulbo-pull service path: add openssh so 'git fetch' over an SSH remote stops failing with 'cannot run ssh'. - vps-relay authorized_keys: rename Mac key comment to mac-admin, add sunken-ship's actual ed25519 key for ZT mesh debugging. - home.nix: add cinny-desktop (Matrix client). - neovim: enable cursorline. --- flake-modules/clan.nix | 2 -- flake-modules/nixos-modules.nix | 3 +-- modules/dotfiles-rebuild.nix | 44 --------------------------------- nixos/home/danny/home.nix | 1 + nixos/hosts/sunken-ship.nix | 40 +++++++++++++++++++++++++++--- nixos/hosts/vps-relay.nix | 9 +++++-- nixos/neovim.nix | 1 + 7 files changed, 46 insertions(+), 54 deletions(-) delete mode 100644 modules/dotfiles-rebuild.nix diff --git a/flake-modules/clan.nix b/flake-modules/clan.nix index d8fe760..2207db4 100644 --- a/flake-modules/clan.nix +++ b/flake-modules/clan.nix @@ -125,7 +125,6 @@ in { } clanHostsModule ../nixos/hosts/sunken-ship.nix - config.flake.nixosModules.dotfiles-rebuild config.flake.nixosModules.server-debug-tools config.flake.nixosModules.monitoring-node-exporter config.flake.nixosModules.monitoring-prometheus-server @@ -169,7 +168,6 @@ in { inputs.nix-openclaw.nixosModules.openclaw-gateway inputs.catppuccin.nixosModules.catppuccin ../nixos/hosts/phantom-ship.nix - config.flake.nixosModules.dotfiles-rebuild config.flake.nixosModules.server-debug-tools config.flake.nixosModules.monitoring-node-exporter inputs.home-manager.nixosModules.home-manager diff --git a/flake-modules/nixos-modules.nix b/flake-modules/nixos-modules.nix index 3f6bf96..3dd7929 100644 --- a/flake-modules/nixos-modules.nix +++ b/flake-modules/nixos-modules.nix @@ -1,9 +1,8 @@ # Expose reusable NixOS modules via `flake.nixosModules`. # # Consume from a host's flake-module via: -# modules = [ config.flake.nixosModules.dotfiles-rebuild ]; +# modules = [ config.flake.nixosModules.server-debug-tools ]; { ... }: { - flake.nixosModules.dotfiles-rebuild = ../modules/dotfiles-rebuild.nix; flake.nixosModules.server-debug-tools = ../modules/server-debug-tools.nix; flake.nixosModules.monitoring-node-exporter = ../modules/monitoring-node-exporter.nix; flake.nixosModules.monitoring-prometheus-server = ../modules/monitoring-prometheus-server.nix; diff --git a/modules/dotfiles-rebuild.nix b/modules/dotfiles-rebuild.nix deleted file mode 100644 index de6ac87..0000000 --- a/modules/dotfiles-rebuild.nix +++ /dev/null @@ -1,44 +0,0 @@ -# Shared auto-rebuild-from-git service for homelab hosts. -# -# Every 15 min: git fetch origin, fast-forward main, and if there were any -# new commits run nixos-rebuild switch against `#`. -# -# Assumes /etc/dotfiles is an already-cloned checkout of the dotfiles repo. -{ config, lib, pkgs, ... }: -let - dotfilesDir = "/etc/dotfiles"; - flakeRef = "${dotfilesDir}#${config.networking.hostName}"; -in { - environment.systemPackages = [ pkgs.git ]; - - # Trust /etc/dotfiles as root even though it's owned by `danny`. - # nix/libgit2 reads safe.directory from /etc/gitconfig; the GIT_CONFIG_* - # env vars on the service only affect the git CLI, not nix. - programs.git.enable = true; - programs.git.config.safe.directory = [ dotfilesDir ]; - - systemd.services.dotfiles-rebuild = { - description = "Pull dotfiles and run nixos-rebuild if repo changed"; - path = with pkgs; [ git nix nixos-rebuild ]; - environment.GIT_CONFIG_COUNT = "1"; - environment.GIT_CONFIG_KEY_0 = "safe.directory"; - environment.GIT_CONFIG_VALUE_0 = dotfilesDir; - script = '' - set -euo pipefail - cd ${dotfilesDir} - git fetch origin - if [ "$(git rev-parse HEAD)" = "$(git rev-parse origin/main)" ]; then - exit 0 - fi - git pull origin main - exec nixos-rebuild switch --flake ${flakeRef} - ''; - serviceConfig.Type = "oneshot"; - }; - - systemd.timers.dotfiles-rebuild = { - wantedBy = [ "timers.target" ]; - timerConfig.OnCalendar = "*-*-* *:00/15:00"; # every 15 minutes - timerConfig.RandomizedDelaySec = "2min"; - }; -} diff --git a/nixos/home/danny/home.nix b/nixos/home/danny/home.nix index 739abc2..c110a83 100644 --- a/nixos/home/danny/home.nix +++ b/nixos/home/danny/home.nix @@ -231,6 +231,7 @@ zed-editor code-cursor cursor-cli + cinny-desktop # Matrix client (Tauri wrapper around the Cinny web app) dfu-util # USB DFU firmware flasher (Flipper Zero etc.) discord mapscii diff --git a/nixos/hosts/sunken-ship.nix b/nixos/hosts/sunken-ship.nix index 095b986..fd14e1b 100644 --- a/nixos/hosts/sunken-ship.nix +++ b/nixos/hosts/sunken-ship.nix @@ -72,7 +72,7 @@ # x86_64-linux builds here via ssh-ng://danny@sunken-ship-zt). nix.settings.trusted-users = [ "root" "danny" ]; environment.systemPackages = with pkgs; [ - git # clone/bootstrap and dotfiles-rebuild timer + git # clone/bootstrap, repo-pull timers, dm-pull-deploy push brightnessctl # manual backlight; replaces removed `light` from nixpkgs uxplay # AirPlay mirroring receiver alsa-utils # aplay, amixer, arecord for audio debugging @@ -347,7 +347,10 @@ # not in the repo, so they survive pulls. systemd.services.mulbo-pull = { description = "Pull mulbo repo and restart mulbo-server if changed"; - path = with pkgs; [ git systemd ]; + # openssh: `git fetch origin` over an SSH remote forks `ssh`; without + # it git dies with "cannot run ssh: No such file or directory" and the + # unit fails (shows up as system `degraded`). + path = with pkgs; [ git openssh systemd ]; environment = { GIT_CONFIG_COUNT = "1"; GIT_CONFIG_KEY_0 = "safe.directory"; @@ -372,6 +375,33 @@ timerConfig.RandomizedDelaySec = "2min"; }; + # dm-pull-deploy push automation. sunken-ship is the push node for the + # clan dm-pull-deploy instance (wired in flake-modules/clan.nix), but + # the upstream module only ships a manual `dm-send-deploy` binary — no + # scheduler. This timer announces the latest origin/main rev over + # data-mesher gossip; the watchers (dm-pull-deploy.path on sunken + + # phantom) compare and only rebuild when the rev actually changes, so + # re-announcing the same rev is a cheap no-op. This is the replacement + # for the legacy dotfiles-rebuild pull timer (being retired). + # + # dm-send-deploy self-discovers the rev via `git ls-remote` and signs + # with /run/secrets/vars/dm-pull-deploy-signing-key — needs root. + systemd.services.dm-pull-deploy-push = { + description = "Announce latest origin/main rev via data-mesher (dm-pull-deploy push)"; + serviceConfig = { + Type = "oneshot"; + ExecStart = "/run/current-system/sw/bin/dm-send-deploy"; + User = "root"; + }; + }; + + systemd.timers.dm-pull-deploy-push = { + wantedBy = [ "timers.target" ]; + timerConfig.OnCalendar = "*-*-* *:04/15:00"; # every 15 min, offset from the other pull timers + timerConfig.RandomizedDelaySec = "2min"; + timerConfig.Persistent = true; + }; + # One-shot backfill: walks Navidrome's media_file, computes # (sha256, chromaprint) per file, populates mulbo-server's tracks_index # with the corresponding navidrome_track_id. Idempotent — existing rows @@ -443,6 +473,8 @@ }; }; - # Auto-rebuild service/timer + safe.directory provided by the - # shared dotfiles-rebuild NixOS module (see nixos/modules/dotfiles-rebuild.nix). + # Deploys now flow through clan dm-pull-deploy: the dm-pull-deploy-push + # timer above announces origin/main, and the dm-pull-deploy.path watcher + # rebuilds on change. The legacy pull-based dotfiles-rebuild module was + # retired 2026-05-19. } diff --git a/nixos/hosts/vps-relay.nix b/nixos/hosts/vps-relay.nix index bd93b25..85ed329 100644 --- a/nixos/hosts/vps-relay.nix +++ b/nixos/hosts/vps-relay.nix @@ -46,8 +46,13 @@ isNormalUser = true; extraGroups = [ "wheel" ]; openssh.authorizedKeys.keys = [ - # Same pubkey used to reach sunken-ship; set at install via clan. - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKW/akfIiVU5o63YrTAJVZhMj7kXfYHOnXDtlpVFW7pf danny@sunken-ship" + # Mac admin key (~/.ssh/id_ed25519_sunken_ship on the laptop — the + # key the Mac uses to reach the fleet). Used for `clan machines + # update vps-relay` from the Mac and at install via clan. + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKW/akfIiVU5o63YrTAJVZhMj7kXfYHOnXDtlpVFW7pf danny@mac-admin" + # sunken-ship's own key, so the push node can SSH into vps-relay + # over ZeroTier for mesh introspection / debugging. + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB9t4YAaoHvVouqp+qyFOq8o3SAtXMiAmjF6J0ldyx4g danny@sunken-ship" ]; }; users.users.root.openssh.authorizedKeys.keys = diff --git a/nixos/neovim.nix b/nixos/neovim.nix index 59a6f85..75b2335 100644 --- a/nixos/neovim.nix +++ b/nixos/neovim.nix @@ -41,6 +41,7 @@ end -- General options + vim.opt.cursorline = true vim.opt.mouse = "a" vim.opt.listchars = { tab = "→ ", space = "·", nbsp = "␣", trail = "•", eol = "¶", precedes = "«", extends = "»" } vim.opt.clipboard:append("unnamedplus") From cbf0defa34acc5965b8230fc08746dfeaf13cc69 Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Wed, 20 May 2026 19:31:22 +0200 Subject: [PATCH 7/9] phantom-ship/forgejo: switch to catppuccin-mauve-auto (light in light mode) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The catppuccin nix module only generates the static flavor+accent combinations and sets DEFAULT_THEME to e.g. catppuccin-mocha-mauve. The auto-switching CSS files (catppuccin--auto) ship in the gitea-theme assets but aren't wired into THEMES. Override DEFAULT_THEME to catppuccin-mauve-auto so the browser's prefers-color-scheme decides — latte (light) in light mode, mocha (dark) in dark mode. Append all auto variants + the four mauve flavor variants to THEMES so users can still pick from the appearance settings. --- nixos/hosts/phantom-ship.nix | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) diff --git a/nixos/hosts/phantom-ship.nix b/nixos/hosts/phantom-ship.nix index d91e229..ec3a6b5 100644 --- a/nixos/hosts/phantom-ship.nix +++ b/nixos/hosts/phantom-ship.nix @@ -583,12 +583,37 @@ in # Catppuccin theme for Forgejo — module wired in via clan.nix's # phantom-ship.imports (inputs.catppuccin.nixosModules.catppuccin). + # The module's `flavor` option picks ONE static flavor; the auto + # variants (catppuccin--auto) follow prefers-color-scheme — + # latte in light mode, mocha in dark. We override DEFAULT_THEME + + # THEMES below to use the auto variant. catppuccin.forgejo = { enable = true; - flavor = "mocha"; + flavor = "mocha"; # static fallback; auto-variant takes precedence below accent = "mauve"; }; + # Default to the auto-switching mauve theme (light in light mode, dark + # in dark mode). Replace THEMES with builtins + every catppuccin auto + # variant + the four mauve flavor variants, so the user-level + # appearance picker can still offer them. + services.forgejo.settings.ui = { + DEFAULT_THEME = lib.mkForce "catppuccin-mauve-auto"; + THEMES = lib.mkForce (lib.concatStringsSep "," [ + # Forgejo builtins + "forgejo-auto" "forgejo-light" "forgejo-dark" + # Auto-switching catppuccin (light in light mode, dark in dark mode) + "catppuccin-blue-auto" "catppuccin-flamingo-auto" "catppuccin-green-auto" + "catppuccin-lavender-auto" "catppuccin-maroon-auto" "catppuccin-mauve-auto" + "catppuccin-peach-auto" "catppuccin-pink-auto" "catppuccin-red-auto" + "catppuccin-rosewater-auto" "catppuccin-sapphire-auto" "catppuccin-sky-auto" + "catppuccin-teal-auto" "catppuccin-yellow-auto" + # Static mauve variants for manual override + "catppuccin-latte-mauve" "catppuccin-frappe-mauve" + "catppuccin-macchiato-mauve" "catppuccin-mocha-mauve" + ]); + }; + # Auto-rebuild service/timer + safe.directory provided by the # shared dotfiles-rebuild NixOS module (see nixos/modules/dotfiles-rebuild.nix). } From 9793d5ef7cdecf41985697bc02549b3ee93baf9d Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Wed, 20 May 2026 20:13:44 +0200 Subject: [PATCH 8/9] Revert "phantom-ship/forgejo: switch to catppuccin-mauve-auto (light in light mode)" This reverts commit cbf0defa34acc5965b8230fc08746dfeaf13cc69. --- nixos/hosts/phantom-ship.nix | 27 +-------------------------- 1 file changed, 1 insertion(+), 26 deletions(-) diff --git a/nixos/hosts/phantom-ship.nix b/nixos/hosts/phantom-ship.nix index ec3a6b5..d91e229 100644 --- a/nixos/hosts/phantom-ship.nix +++ b/nixos/hosts/phantom-ship.nix @@ -583,37 +583,12 @@ in # Catppuccin theme for Forgejo — module wired in via clan.nix's # phantom-ship.imports (inputs.catppuccin.nixosModules.catppuccin). - # The module's `flavor` option picks ONE static flavor; the auto - # variants (catppuccin--auto) follow prefers-color-scheme — - # latte in light mode, mocha in dark. We override DEFAULT_THEME + - # THEMES below to use the auto variant. catppuccin.forgejo = { enable = true; - flavor = "mocha"; # static fallback; auto-variant takes precedence below + flavor = "mocha"; accent = "mauve"; }; - # Default to the auto-switching mauve theme (light in light mode, dark - # in dark mode). Replace THEMES with builtins + every catppuccin auto - # variant + the four mauve flavor variants, so the user-level - # appearance picker can still offer them. - services.forgejo.settings.ui = { - DEFAULT_THEME = lib.mkForce "catppuccin-mauve-auto"; - THEMES = lib.mkForce (lib.concatStringsSep "," [ - # Forgejo builtins - "forgejo-auto" "forgejo-light" "forgejo-dark" - # Auto-switching catppuccin (light in light mode, dark in dark mode) - "catppuccin-blue-auto" "catppuccin-flamingo-auto" "catppuccin-green-auto" - "catppuccin-lavender-auto" "catppuccin-maroon-auto" "catppuccin-mauve-auto" - "catppuccin-peach-auto" "catppuccin-pink-auto" "catppuccin-red-auto" - "catppuccin-rosewater-auto" "catppuccin-sapphire-auto" "catppuccin-sky-auto" - "catppuccin-teal-auto" "catppuccin-yellow-auto" - # Static mauve variants for manual override - "catppuccin-latte-mauve" "catppuccin-frappe-mauve" - "catppuccin-macchiato-mauve" "catppuccin-mocha-mauve" - ]); - }; - # Auto-rebuild service/timer + safe.directory provided by the # shared dotfiles-rebuild NixOS module (see nixos/modules/dotfiles-rebuild.nix). } From b11add852543b7820c405a21622f62308d82544e Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Wed, 20 May 2026 20:13:44 +0200 Subject: [PATCH 9/9] Revert "Merge add-catppuccin-forgejo: Catppuccin theme on Forgejo" This reverts commit 1b0eb5835ddef99d159b6d6fb20ce9853c30eab5, reversing changes made to 5d4f2048a63ddae41c3a92d3fe37435c7a13983b. --- flake-modules/clan.nix | 1 - flake.lock | 21 --------------------- flake.nix | 6 ------ nixos/hosts/phantom-ship.nix | 8 -------- 4 files changed, 36 deletions(-) diff --git a/flake-modules/clan.nix b/flake-modules/clan.nix index 2207db4..30fe4c9 100644 --- a/flake-modules/clan.nix +++ b/flake-modules/clan.nix @@ -166,7 +166,6 @@ in { } clanHostsModule inputs.nix-openclaw.nixosModules.openclaw-gateway - inputs.catppuccin.nixosModules.catppuccin ../nixos/hosts/phantom-ship.nix config.flake.nixosModules.server-debug-tools config.flake.nixosModules.monitoring-node-exporter diff --git a/flake.lock b/flake.lock index 6ae35fc..c524fd2 100644 --- a/flake.lock +++ b/flake.lock @@ -1,25 +1,5 @@ { "nodes": { - "catppuccin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1779125773, - "narHash": "sha256-F34zmAgMQXHwvFb9SpCilX4cAIfF4+KvpzrJqnkNLJE=", - "owner": "catppuccin", - "repo": "nix", - "rev": "86996e2c4ee6a091fddb10de56dd21a1a5972bcb", - "type": "github" - }, - "original": { - "owner": "catppuccin", - "repo": "nix", - "type": "github" - } - }, "clan-community": { "inputs": { "clan-core": [ @@ -520,7 +500,6 @@ }, "root": { "inputs": { - "catppuccin": "catppuccin", "clan-community": "clan-community", "clan-core": "clan-core", "disko": "disko_2", diff --git a/flake.nix b/flake.nix index b0b6579..30e7d71 100644 --- a/flake.nix +++ b/flake.nix @@ -25,12 +25,6 @@ nix-openclaw.url = "github:openclaw/nix-openclaw"; nix-openclaw.inputs.nixpkgs.follows = "nixpkgs"; - # Catppuccin NixOS module — used for theming Forgejo (and any future - # NixOS-level services). Home-manager/neovim/alacritty Catppuccin lives - # outside this input (separate nixpkgs packages). - catppuccin.url = "github:catppuccin/nix"; - catppuccin.inputs.nixpkgs.follows = "nixpkgs"; - clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; clan-core.inputs.nixpkgs.follows = "nixpkgs"; clan-core.inputs.flake-parts.follows = "flake-parts"; diff --git a/nixos/hosts/phantom-ship.nix b/nixos/hosts/phantom-ship.nix index d91e229..4e71c54 100644 --- a/nixos/hosts/phantom-ship.nix +++ b/nixos/hosts/phantom-ship.nix @@ -581,14 +581,6 @@ in }; }; - # Catppuccin theme for Forgejo — module wired in via clan.nix's - # phantom-ship.imports (inputs.catppuccin.nixosModules.catppuccin). - catppuccin.forgejo = { - enable = true; - flavor = "mocha"; - accent = "mauve"; - }; - # Auto-rebuild service/timer + safe.directory provided by the # shared dotfiles-rebuild NixOS module (see nixos/modules/dotfiles-rebuild.nix). }