- Disk check scripts now send ntfy alerts in addition to email
- New ntfy-failure@ template service notifies on any systemd service failure
- Uses sops-managed token for ntfy authentication
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Self-hosted at ntfy.hoyer.xyz with deny-all default access.
After deploying, create a user with: ntfy user add --role=admin harald
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Temporary upgrade script following the official NixOS procedure.
Run `upgrade-pg-cluster --jobs 4 --link` on the server, then switch
the package to postgresql_16 and remove the script.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The check_root service incorrectly used '/boot Disk Space Alert' as
the email subject instead of '/ Disk Space Alert'. Also merged the
duplicate systemd.services and systemd.timers attribute sets.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Enable ManageSieve in Dovecot (port 4190) and add the managesieve
plugin to Roundcube for managing Sieve filter rules via webmail.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Included `opencode` in the `packages` list for both HALO and AMD system configurations.
- Improves development environment by providing additional tooling.
- Allowed inbound TCP traffic on port 1234 by updating firewall rules.
- Enhances connectivity for the HALO system without altering existing configurations.
- Set `pkiBundle` in `secureboot` to use `mkDefault` for better configurability.
- Added kernel parameters for HALO, improving performance and boot customization.
- Configured ROCm symlink and switched HALO to `linuxPackages_latest`.
- Added system configuration for the HALO machine, including hardware, sound, and remapping settings.
- Configured user-specific settings like session paths, favorite apps, and terminal customization.
- Introduced zram swap, SSD TRIM, and PipeWire priority tuning for performance optimization.
- Introduced `sound.nix` to manage audio device priorities using PipeWire's WirePlumber configuration.
- Linked `sound.nix` to `default.nix` for streamlined system audio customization.
- Ensures defined priority levels for HDMI, USB microphones, and SPDIF outputs.
- Added `html`, `json`, and `rss` to the `search.formats` list in `searx.nix`.
- Enhances flexibility by allowing multiple output formats for search results.
- Moved Searx-related settings from `default.nix` and `nginx.nix` to a dedicated `searx.nix` module for improved modularity and maintainability.
- Updated references and ACME certificate configuration to align with the new structure.
- Simplifies management of Searx service and its associated secrets.
- Added a new Sops secret for `searx/secret_key` with a corresponding configuration path.
- Updated Searx settings to include the `secret_key` reference.
- Ensures secure integration of secret management with Searx service.
- Added `search.hoyer.world` to the `extraDomainNames` list for the `internal.hoyer.world` ACME certificate.
- Ensures proper SSL configuration for the new subdomain.
- Replaced `DEFAULT_SYSTEM_PROMPT` with `BOT_SYSTEM_PROMPT` for clarity and modularity.
- Introduced a `build_system_prompt` function to dynamically compose prompts.
- Enhanced `call_claude` CLI with new tool options and appendable prompts.
- Added a default system prompt and adjusted the structure to use XML for clarity.
- Improved help command handling by simplifying triggers and updating responses.
- Enhanced NixOS configuration with support for optional custom instructions.
- Replaced Nextcloud chat history fetching with in-memory storage for conversation history.
- Added limits to history length based on an environment variable (`CONTEXT_MESSAGES`).
- Simplified prompt-building logic by removing async history fetching.
- Switched `maxTokens` to `contextMessages` to set chat history length instead of token limit.
- Updated environment variables, NixOS module, and prompt building logic for consistency.
- Removed in-memory conversation history, now fetching from Nextcloud for better scalability.
