Kernel and qt5webengine builds are memory-intensive. Limiting to
2 parallel jobs prevents swapping on john-endesktop.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
qtwebengine-5.15.19 is marked insecure but stremio requires it.
Add to permittedInsecurePackages for the pkgsQt import.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Stremio uses qt5webengine, so it benefits from the separate
nixpkgs-qt input to avoid rebuild churn.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Steam Deck (nix-deck) kernel from Jovian-NixOS is expensive to
build. Pre-building it in CI saves significant time on updates.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The org-msg commit pinned by doom-emacs was force-pushed away.
Pin it locally to a valid commit on main branch.
Also updates nix-doom-emacs-unstraightened input.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add permittedInsecurePackages to qt-pinned config in flake.nix
- Use qt-pinned.stremio instead of pkgs.stremio
- Update warning message to reference nixpkgs-qt
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- PRs: Fast flake check with clear status
- Main: check → build-and-cache (build only starts if check passes)
- Clearer failure attribution and status badges
Tradeoff: 2x nix-setup on main pushes, but better job structure.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
nix build outputs progress info to stdout along with the store path.
Filter to only the /nix/store/ line to get the actual path.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Merge check and build-and-cache into one job to eliminate redundant
nix-setup step. Saves ~1m43s per run.
- PRs: checkout → nix-setup → flake check
- Main pushes: same + build/sign/cache all packages
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add packages/beads and packages/gastown with shared definitions
- Expose custom-beads and custom-gastown in flake packages output
- Consolidate CI from matrix (8 parallel jobs) to single job with loop
- Saves ~12 minutes of redundant nix-setup time per run
- Uses ::group:: for collapsible log sections per package
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add packages output with:
- custom-* packages from packages/
- qt-pinned-jellyfin-media-player
Update CI to use hyphenated names (flake attrs can't have dots)
Focus on packages that actually need caching:
- custom.* packages from packages/
- qt-pinned.jellyfin-media-player (qt5webengine)
Avoids unrelated build failures (steam) and is much faster.
nixpkgs ships Go 1.25.5, but beads' dolt dependencies (dolthub/driver,
dolthub/go-icu-regex) require Go >= 1.25.6. Override Go toolchain to
1.25.6 and add ICU build dependency for dolt's regex library.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace broken k8s harmonia deployment with native NixOS service.
Configuration:
- services.harmonia.enable = true
- Bind to [::]:5000 (IPv4 and IPv6)
- Sign key at /etc/harmonia/signing-key.private
- Open firewall port 5000
The signing key must be placed manually on john-endesktop at
/etc/harmonia/signing-key.private using the key generated earlier.
Closes: x-fqaob
- Build all 6 machines (nix-book, boxy, zix790prors, nix-deck, john-endesktop, live-usb) in parallel matrix
- Only runs on push to main after check passes
- Signs closures with NIX_SIGNING_KEY secret
- Pushes to cache via SSH using CACHE_SSH_KEY, CACHE_HOST, CACHE_USER secrets
- Skips Darwin as no builder available
Required Gitea secrets:
- NIX_SIGNING_KEY: Cache signing private key
- CACHE_SSH_KEY: SSH key for cache server access
- CACHE_HOST: Cache server hostname
- CACHE_USER: SSH user for cache server
Closes: x-iyz0w
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Configure all NixOS machines to use the internal harmonia binary cache:
- Add nix-cache.johnogle.info as substituter
- Add harmonia signing public key to trusted-public-keys
- Enable fallback for local builds when cache unreachable
- Set 5s connect-timeout for faster fallback
Refs: x-qdkuu
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Update kodi role to use pkgs.qt-pinned.jellyfin-media-player instead of
pkgs.jellyfin-media-player. This decouples jellyfin from the main nixpkgs
update cycle, avoiding massive qt5webengine rebuilds when updating other
packages.
The qt-pinned namespace was added in commit 03f1692.
Closes: x-xiiep
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add separate nixpkgs input for qt5webengine-dependent packages like
jellyfin-media-player. This input updates on a separate Renovate
schedule from main nixpkgs to avoid massive qt5webengine rebuilds
when updating other packages.
- Add nixpkgs-qt input pinned to nixos-25.11
- Create pkgs.qt-pinned overlay namespace
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Allows KDE Connect discovery and pairing to work when logged in as
the kodi user on the media center.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
beads:
- Pin to commit 93965b4a (last before Go 1.25.6 requirement)
- Build locally with corrected vendorHash (upstream default.nix is stale)
- Enables dolt server mode support (gt-1mf.3)
claude-code: 2.1.19 → 2.1.30
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Update gastown-fix-agent-bead-address-title.patch line numbers (326→315)
for current upstream gastown source
- Remove obsolete gastown patches (rig-prefix, copydir-symlinks) that are
now handled upstream
- Pin beads to 55e733c (v0.47.2) which uses Go 1.24.0 - newer versions
require Go 1.25.6 which isn't in nixpkgs-unstable yet
- Remove beads-search-query-optimization.patch as it targets newer code
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Updates nix-doom-emacs-unstraightened from Jan 25 to Jan 31 release,
which fixes the stale doom-intermediates.drv reference that was causing
nixosConfigurations.live-usb to fail flake check.
Closes: x-0cf
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Regenerated patch with correct hunk headers against locked rev 177094a2.
Root cause was malformed patch format, not a flake.lock issue.
Closes: hq-0h1p9m, x-bwld
The patch file had malformed hunk headers with incorrect line numbers
and counts, causing it to fail to apply against the locked gastown rev
(177094a2). This was NOT a flake.lock issue - gastown source was properly
locked.
Changes:
- Regenerated patch from scratch against locked gastown revision
- Re-enabled the patch in default.nix (was commented out with TODO)
- Updated comment to accurately describe the optimization
The optimization skips expensive beads queries for detached tmux sessions
and caches status line output with a 10-second TTL, reducing Dolt CPU
usage from ~70% to ~20%.
Closes: hq-0h1p9m
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Remove 'index 0000000..1111111' lines that made patches appear as new files
- Fix hunk line counts in several patches
- Add missing leading spaces to blank context lines
- Temporarily disable statusline optimization patch (needs regenerating)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace inline postPatch substituteInPlace calls with proper unified
diff patch files, following the pattern established by beads.
This improves maintainability:
- Each patch is in its own file with clear naming
- Patches use proper unified diff format
- Easier to review, update, and track individual fixes
- Default.nix is cleaner (237 lines of substituteInPlace -> 15 lines)
Patches included:
- gastown-fix-validate-recipient.patch
- gastown-fix-agent-bead-address-title.patch
- gastown-fix-agent-bead-rig-prefix.patch
- gastown-fix-role-home-paths.patch
- gastown-fix-town-root-detection.patch
- gastown-fix-copydir-symlinks.patch
- gastown-statusline-optimization.patch
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The Dolt backend's SearchIssues was using a two-phase query:
1. SELECT id FROM issues WHERE ... -> collect all IDs
2. SELECT * FROM issues WHERE id IN (id1, id2, ... id8000+)
With 8000+ issues, this second query with 8000+ placeholders hammers
Dolt CPU at 100%+. The fix changes SearchIssues to select all columns
directly in the first query and scan results inline.
See: hq-ihwsj
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Complete the statusline optimization by adding cache writes to all
output functions. The existing patch added cache functions and cache
reads, but never wrote to the cache.
Changes:
- Add early-return for detached sessions (return static "○ |")
- Add cache read check for attached sessions
- Add setStatusLineCache() calls in all 5 output functions:
- runWorkerStatusLine
- runMayorStatusLine
- runDeaconStatusLine
- runWitnessStatusLine
- runRefineryStatusLine
This should reduce Dolt CPU from ~70% to ~20% when agents are idle,
as tmux status lines will use cached results instead of spawning
beads queries every 5 seconds.
Testing: Run `nix switch` then monitor Dolt CPU with `top`
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add title-based lookup for hq- prefixed beads (uses title as address if contains "/")
- Add rig-specific prefix handling to parse IDs like j-java-crew-americano → java/crew/americano
- Handles crew, polecat, witness, refinery role patterns
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix mail router normalization in validateRecipient
- Fix agentBeadToAddress to use title field for hq- prefixed beads
- Fix crew/polecat home paths (remove incorrect /rig suffix)
- Fix town root detection (RoleUnknown instead of RoleMayor)
- Fix copyDir symlink handling
- Pin to gastown commit 177094a matching jt flake
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix mail router normalization in validateRecipient
- Fix agentBeadToAddress to use title field for hq- prefixed beads
- Fix crew/polecat home paths (remove incorrect /rig suffix)
- Fix town root detection (RoleUnknown instead of RoleMayor)
- Fix copyDir symlink handling
- Pin to gastown commit 177094a matching jt flake
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Monitor /System/Volumes/Data instead of / since root is a read-only
APFS snapshot with minimal usage. Also fix inverted formula that was
calculating 100-used instead of just using the capacity value directly.
