Remove perles

Add fast-cpu and fast-storage labels since this node has a faster CPU
than other cluster nodes and is the NFS host with fast local storage.
Also add k3s-upgrade=disabled to exclude from system-upgrade-controller.

home/home-server.nix

@@ -11,6 +11,7 @@
     base.enable = true;
     development.enable = true;
     emacs.enable = true;
+    kubectl.enable = true;
     starship.enable = true;
     tmux.enable = true;
   };

home/roles/development/default.nix

@@ -44,7 +44,6 @@ in
 
       # Custom packages
       pkgs.custom.tea-rbw
-      pkgs.custom.perles
     ];
 
     # Install Claude Code humanlayer command and agent plugins

home/roles/emacs/doom/config.el

@@ -167,6 +167,20 @@
         claude-code-ide-window-side 'right
         claude-code-ide-window-width 90))
 
+(use-package! beads
+  :commands (beads)
+  :init
+  (map! :leader
+        (:prefix ("o" . "open")
+         (:prefix ("B" . "beads")
+          :desc "List issues"      "B" (cmd! (require 'beads) (beads-list))
+          :desc "Project issues"   "p" (cmd! (require 'beads) (beads-project-list))
+          :desc "Activity feed"    "a" (cmd! (require 'beads) (beads-activity))
+          :desc "Stale issues"     "s" (cmd! (require 'beads) (beads-stale))
+          :desc "Orphaned issues"  "o" (cmd! (require 'beads) (beads-orphans))
+          :desc "Find duplicates"  "d" (cmd! (require 'beads) (beads-duplicates))
+          :desc "Lint issues"      "l" (cmd! (require 'beads) (beads-lint))))))
+
 (after! gptel
   (require 'gptel-tool-library)
   (setq gptel-tool-library-use-maybe-safe t

machines/boxy/configuration.nix

@@ -26,6 +26,7 @@ with lib;
       enable = true;
       autologin = true;
       wayland = true;
+      appLauncherServer = true;
       jellyfinScaleFactor = 1.0;
     };
     nfs-mounts.enable = true;

machines/john-endesktop/configuration.nix

@@ -104,6 +104,23 @@ with lib;
   # User configuration
   roles.users.enable = true;
 
+  # k3s agent configuration
+  roles.k3s-node = {
+    enable = true;
+    role = "agent";
+    # serverAddr defaults to https://10.0.0.222:6443
+    # tokenFile defaults to /etc/k3s/token
+    extraFlags = [
+      # Node labels for workload scheduling
+      # fast-cpu: This node has a faster CPU than other cluster nodes
+      "--node-label=fast-cpu=true"
+      # fast-storage: This node is the NFS host with fast local storage access
+      "--node-label=fast-storage=true"
+      # k3s-upgrade=disabled: NixOS manages k3s upgrades via Nix, not system-upgrade-controller
+      "--node-label=k3s-upgrade=disabled"
+    ];
+  };
+
   # Time zone
   time.timeZone = "America/Los_Angeles"; # Adjust as needed
 

machines/nix-book/configuration.nix

@@ -41,14 +41,9 @@
   boot.initrd.luks.devices."luks-b614167b-9045-4234-a441-ac6f60a96d81".device = "/dev/disk/by-uuid/b614167b-9045-4234-a441-ac6f60a96d81";
 
   services.logind.settings.Login = {
-    HandleLidSwitch = "suspend-then-hibernate";
     HandlePowerKey = "hibernate";
     HandlePowerKeyLongPress = "poweroff";
   };
-  systemd.sleep.extraConfig = ''
-    HibernateDelaySec=30m
-    SuspendState=mem
-  '';
 
   networking.hostName = "nix-book"; # Define your hostname.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

machines/zix790prors/configuration.nix

@@ -25,6 +25,7 @@ with lib;
       wayland = true;
       x11 = true;
     };
+    kodi.enable = true;
     nfs-mounts.enable = true;
     nvidia = {
       enable = true;

packages/default.nix

@@ -3,5 +3,4 @@
   tea-rbw = pkgs.callPackage ./tea-rbw {};
   app-launcher-server = pkgs.callPackage ./app-launcher-server {};
   claude-code = pkgs.callPackage ./claude-code {};
-  perles = pkgs.callPackage ./perles {};
 }

packages/perles/default.nix

@@ -1,26 +0,0 @@
-{ lib, buildGoModule, fetchFromGitHub }:
-
-buildGoModule rec {
-  pname = "perles";
-  version = "unstable-2025-01-09";
-
-  src = fetchFromGitHub {
-    owner = "zjrosen";
-    repo = "perles";
-    rev = "main";
-    hash = "sha256-JgRayb4+mJ1r0AtdnQfqAw2+QRte+licsfZOaRgYqcs=";
-  };
-
-  vendorHash = "sha256-R7UWTdBuPteneRqxrWK51nqLtZwDsqQoMAcohN4fyak=";
-
-  # Tests require a real git repository context
-  doCheck = false;
-
-  meta = with lib; {
-    description = "A TUI for the Beads issue tracking system with BQL query language";
-    homepage = "https://github.com/zjrosen/perles";
-    license = licenses.mit;
-    maintainers = [ ];
-    mainProgram = "perles";
-  };
-}

roles/default.nix

@@ -9,6 +9,7 @@ with lib;
     ./bluetooth
     ./btrfs
     ./desktop
+    ./k3s-node
     ./kodi
     ./nfs-mounts
     ./nvidia

roles/k3s-node/default.nix

@@ -0,0 +1,81 @@
+{ lib, config, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.roles.k3s-node;
+in
+{
+  options.roles.k3s-node = {
+    enable = mkEnableOption "Enable k3s node";
+
+    role = mkOption {
+      type = types.enum [ "server" "agent" ];
+      default = "agent";
+      description = "k3s role: server (control plane) or agent (worker)";
+    };
+
+    serverAddr = mkOption {
+      type = types.str;
+      default = "https://10.0.0.222:6443";
+      description = "URL of k3s server to join (required for agents, used for HA servers)";
+    };
+
+    tokenFile = mkOption {
+      type = types.path;
+      default = "/etc/k3s/token";
+      description = "Path to file containing the cluster join token";
+    };
+
+    clusterInit = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Initialize a new cluster (first server only)";
+    };
+
+    extraFlags = mkOption {
+      type = types.listOf types.str;
+      default = [];
+      description = "Additional flags to pass to k3s";
+    };
+
+    gracefulNodeShutdown = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Enable graceful node shutdown";
+    };
+
+    openFirewall = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Open firewall ports for k3s";
+    };
+  };
+
+  config = mkIf cfg.enable {
+    # k3s service configuration
+    services.k3s = {
+      enable = true;
+      role = cfg.role;
+      tokenFile = cfg.tokenFile;
+      extraFlags = cfg.extraFlags;
+      gracefulNodeShutdown.enable = cfg.gracefulNodeShutdown;
+      serverAddr = if (cfg.role == "agent" || !cfg.clusterInit) then cfg.serverAddr else "";
+      clusterInit = cfg.role == "server" && cfg.clusterInit;
+    };
+
+    # Firewall rules for k3s
+    networking.firewall = mkIf cfg.openFirewall {
+      allowedTCPPorts = [
+        6443  # k3s API server
+        10250 # kubelet metrics
+      ] ++ optionals (cfg.role == "server") [
+        2379  # etcd clients (HA)
+        2380  # etcd peers (HA)
+      ];
+      allowedUDPPorts = [
+        8472  # flannel VXLAN
+      ];
+    };
+  };
+}

roles/kodi/default.nix

@@ -22,7 +22,7 @@ in
     appLauncherServer = {
       enable = mkOption {
         type = types.bool;
-        default = true;
+        default = false;
         description = "Enable HTTP app launcher server for remote control";
       };
       port = mkOption {