- Enable desktop role with wayland/sway
- Use greetd for passwordless auto-login to sway
- Add video/input groups to agent user
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
NixOS configuration for running LLM agents in isolated Tart VMs on
Apple Silicon. Includes:
- Headless server setup with SSH access
- Agent user with passwordless sudo
- Docker support
- Dev tools for cloning large repos
- Git config optimized for large repositories
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add a new system-level role for mounting WebDAV filesystems via rclone.
Includes rclone-torbox-setup helper script that uses rbw to bootstrap
credentials from Bitwarden.
Key features:
- Configurable WebDAV URL, username, mount point
- VFS cache mode and buffer size tuning for media streaming
- RequiresMountsFor option for ZFS pool dependencies
- Obscured password storage via environment file
Enable on john-endesktop for TorBox WebDAV access by rdt-client and
Jellyfin. Mount waits for /media ZFS pool before starting.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Inverts the df output to show percentage used, matching the other
resource monitors (CPU, memory).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add optional no-error parameter to my/get-rbw-password that returns nil
instead of signaling an error when rbw isn't installed or the entry is
missing. Use this for gptel API key so config loads without errors in
environments without rbw configured.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The gastown build now requires BuiltProperly=1 to be set via ldflags,
otherwise gt errors with "This binary was built with 'go build' directly".
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sync state confusion was causing org-caldav to want to delete all
calendar entries. Setting to 'never' prevents accidental data loss.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
org-caldav needs percent mappings for all todo states. Added mappings
for TODO, IN-PROGRESS, WAIT, DONE, and KILL to prevent sync errors.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
DEADLINE doesn't limit recurring event display - agenda skip function
handles that now. Simplified advice to only store CALDAV_UNTIL property.
Also made debug logging unconditional to diagnose why some events
don't get the property.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
DEADLINE doesn't actually limit recurring event display in org-agenda.
Instead, use org-agenda-skip-function-global to filter entries where
today's date is past the CALDAV_UNTIL property.
The skip function:
- Checks for CALDAV_UNTIL property (set by caldav sync advice)
- Parses YYYYMMDD format
- Skips entry if today > UNTIL date
This properly hides expired recurring events from the agenda.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
mu4e message links in todo.org can't be resolved during iCalendar export,
causing sync to abort. Setting org-export-with-broken-links to 'mark'
allows export to continue (broken links get marked in output).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
assq uses eq for key comparison, which can fail if the key symbols aren't
identical objects. assoc uses equal, which is what org-caldav itself uses
for rrule-props lookups (e.g., INTERVAL, FREQ).
This fixes DEADLINEs not being added to recurring events with UNTIL dates.
Also adds debug logging to help diagnose any remaining issues - will be
removed once verified working.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implements advice around org-caldav-insert-org-event-or-todo that:
- Extracts UNTIL from rrule-props
- Adds DEADLINE without repeater (Org 9.7+ treats as recurrence end)
- Stores :CALDAV_UNTIL: property for reference
Also fixes sync command to work before org is opened by requiring
org explicitly in the sync wrapper.
Closes: x-uv5f.1
GPG isn't installed, so .authinfo.gpg approach doesn't work.
Added wrapper function my/org-caldav-sync-with-rbw that fetches
credentials from rbw before calling org-caldav-sync.
Setup: rbw add nextcloud-caldav (app password as secret)
Files copied from the nix store inherit read-only permissions, causing
subsequent home-manager activations to fail with "Permission denied".
Add rm -f before copy and chmod u+w after copy for all plugin files:
- humanlayer commands and agents
- local commands and skills
- micro-skills
- beads formulas
Executed-By: nixos_configs/crew/hermione
Rig: nixos_configs
Role: crew
The routing.mode was defaulting to 'auto', which uses git remote URL
to detect user role. Non-SSH URLs can cause mail and issues to be
routed to ~/.beads-planning instead of the local .beads directory.
Setting routing.mode to 'explicit' disables auto-routing entirely,
keeping all issues in the expected local directory.
Fixes: x-kho
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The custom claude-code overlay (for GCS-based builds) was only being
applied to darwinModules. Extract to shared customUnstableOverlays and
apply to nixosModules and nixosModulesUnstable as well.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Point gastown input to local Gitea fork which includes:
- Increased ClaudeStartTimeout from 60s to 120s
- Fixes intermittent refinery/polecat startup timeouts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Bun standalone executables store their JavaScript code by appending it
after the ELF sections, marked with "---- Bun! ----". The standard Nix
build process was corrupting this:
- autoPatchelfHook rewrites the entire ELF, losing appended data
- strip removes data after ELF sections
- patchelf shrink-rpath also rewrites the ELF
Fix by:
- Using dontStrip and dontPatchELF to skip automatic fixup
- Manually running patchelf --set-interpreter which modifies in-place
without rewriting the entire file structure
This restores the binary from 99MB (bare bun runtime) to 220MB (full
claude-code application).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Executed-By: mayor
Role: mayor
The custom claude-code package (from GCS) was only being applied to
darwinModules, causing NixOS systems to use the older version from
nixpkgs-unstable instead of the updated version from packages/claude-code.
Extract claudeCodeOverlay as a shared definition and apply it to all
module sets: nixosModules, nixosModulesUnstable, and darwinModules.
Executed-By: mayor
Role: mayor
