Skip the create_handoff command during humanlayer plugin installation
and explicitly remove it if previously installed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Update beads and gastown flake inputs and vendorHashes
- Remove merged-upstream patches for gastown and beads
- Deduplicate beads/gastown build definitions in home role by using
callPackage to reference shared packages/ definitions
- Pin dolt to v1.82.4 (gastown requires >= 1.82.4)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The upstream gastown Go dependencies changed, causing a hash mismatch
in the fixed-output derivation. Updated vendorHash in both:
- packages/gastown/default.nix (flake packages output)
- home/roles/development/default.nix (home-manager inline build)
Add dnouri/pi-coding-agent as an Emacs frontend for the pi coding agent.
Pinned to commit 8d8158b.
- Package installed from GitHub with all .el files (includes md-ts-mode)
- Suppress grammar auto-install prompt since tree-sitter grammars are
already managed by Nix (treesit-grammars.with-all-grammars)
- Keybinding: SPC o p to launch pi-coding-agent
- Alias: M-x pi as shortcut for M-x pi-coding-agent
- Add pi-coding-agent package (v0.55.4) with multi-platform support
- Replace custom Go 1.25.6 override with nixpkgs-unstable buildGoModule
for beads and perles builds
- Update flake inputs: beads, nixpkgs-unstable, perles
- Update vendor hashes for beads and perles
- Add pi-coding-agent to development role
The monitor refresh rate was only configured via xrandr session commands,
which have no effect on Wayland/Sway sessions, leaving it at 60Hz.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- beads: update to 0.52.0 (16af00d7), refresh vendorHash
- gastown: update to 35157d02, remove flake=false now that upstream has flake.nix
- gastown: add inputs.nixpkgs.follows and inputs.beads.follows to deduplicate deps
- Clean up stale comments
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Kernel and qt5webengine builds are memory-intensive. Limiting to
2 parallel jobs prevents swapping on john-endesktop.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
qtwebengine-5.15.19 is marked insecure but stremio requires it.
Add to permittedInsecurePackages for the pkgsQt import.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Stremio uses qt5webengine, so it benefits from the separate
nixpkgs-qt input to avoid rebuild churn.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Steam Deck (nix-deck) kernel from Jovian-NixOS is expensive to
build. Pre-building it in CI saves significant time on updates.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The org-msg commit pinned by doom-emacs was force-pushed away.
Pin it locally to a valid commit on main branch.
Also updates nix-doom-emacs-unstraightened input.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add permittedInsecurePackages to qt-pinned config in flake.nix
- Use qt-pinned.stremio instead of pkgs.stremio
- Update warning message to reference nixpkgs-qt
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- PRs: Fast flake check with clear status
- Main: check → build-and-cache (build only starts if check passes)
- Clearer failure attribution and status badges
Tradeoff: 2x nix-setup on main pushes, but better job structure.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
nix build outputs progress info to stdout along with the store path.
Filter to only the /nix/store/ line to get the actual path.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Merge check and build-and-cache into one job to eliminate redundant
nix-setup step. Saves ~1m43s per run.
- PRs: checkout → nix-setup → flake check
- Main pushes: same + build/sign/cache all packages
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add packages/beads and packages/gastown with shared definitions
- Expose custom-beads and custom-gastown in flake packages output
- Consolidate CI from matrix (8 parallel jobs) to single job with loop
- Saves ~12 minutes of redundant nix-setup time per run
- Uses ::group:: for collapsible log sections per package
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add packages output with:
- custom-* packages from packages/
- qt-pinned-jellyfin-media-player
Update CI to use hyphenated names (flake attrs can't have dots)
Focus on packages that actually need caching:
- custom.* packages from packages/
- qt-pinned.jellyfin-media-player (qt5webengine)
Avoids unrelated build failures (steam) and is much faster.
nixpkgs ships Go 1.25.5, but beads' dolt dependencies (dolthub/driver,
dolthub/go-icu-regex) require Go >= 1.25.6. Override Go toolchain to
1.25.6 and add ICU build dependency for dolt's regex library.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace broken k8s harmonia deployment with native NixOS service.
Configuration:
- services.harmonia.enable = true
- Bind to [::]:5000 (IPv4 and IPv6)
- Sign key at /etc/harmonia/signing-key.private
- Open firewall port 5000
The signing key must be placed manually on john-endesktop at
/etc/harmonia/signing-key.private using the key generated earlier.
Closes: x-fqaob
- Build all 6 machines (nix-book, boxy, zix790prors, nix-deck, john-endesktop, live-usb) in parallel matrix
- Only runs on push to main after check passes
- Signs closures with NIX_SIGNING_KEY secret
- Pushes to cache via SSH using CACHE_SSH_KEY, CACHE_HOST, CACHE_USER secrets
- Skips Darwin as no builder available
Required Gitea secrets:
- NIX_SIGNING_KEY: Cache signing private key
- CACHE_SSH_KEY: SSH key for cache server access
- CACHE_HOST: Cache server hostname
- CACHE_USER: SSH user for cache server
Closes: x-iyz0w
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Configure all NixOS machines to use the internal harmonia binary cache:
- Add nix-cache.johnogle.info as substituter
- Add harmonia signing public key to trusted-public-keys
- Enable fallback for local builds when cache unreachable
- Set 5s connect-timeout for faster fallback
Refs: x-qdkuu
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update kodi role to use pkgs.qt-pinned.jellyfin-media-player instead of
pkgs.jellyfin-media-player. This decouples jellyfin from the main nixpkgs
update cycle, avoiding massive qt5webengine rebuilds when updating other
packages.
The qt-pinned namespace was added in commit 03f1692.
Closes: x-xiiep
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add separate nixpkgs input for qt5webengine-dependent packages like
jellyfin-media-player. This input updates on a separate Renovate
schedule from main nixpkgs to avoid massive qt5webengine rebuilds
when updating other packages.
- Add nixpkgs-qt input pinned to nixos-25.11
- Create pkgs.qt-pinned overlay namespace
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Allows KDE Connect discovery and pairing to work when logged in as
the kodi user on the media center.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
