- Replaced Nextcloud chat history fetching with in-memory storage for conversation history.
- Added limits to history length based on an environment variable (`CONTEXT_MESSAGES`).
- Simplified prompt-building logic by removing async history fetching.
- Switched `maxTokens` to `contextMessages` to set chat history length instead of token limit.
- Updated environment variables, NixOS module, and prompt building logic for consistency.
- Removed in-memory conversation history, now fetching from Nextcloud for better scalability.
- Simplified the `call_claude` function by removing the unused `MAX_TOKENS` argument handling.
- Ensures cleaner and more maintainable command construction.
- Updated webhook parsing to align with the latest Nextcloud Talk Bot format.
- Improved handling of actor, message, and conversation data for clarity and flexibility.
- Added robust JSON decoding with fallback for content extraction.
- Enhanced signature verification by adding support for a `random` token included in webhook headers.
- Introduced logging to display signature variants for debugging purposes.
- Improved webhook handling to process new `X-Nextcloud-Talk-Random` header.
- Added info-level logging to provide details about signature verification, including secret length and partial hashes for expected and received signatures.
- Helps in debugging signature mismatches without exposing full sensitive data.
- Set `User` and `Group` for the bot service to enhance security and isolation.
- Added system user and group for `claude-bot` with defined home directory.
- Modified secrets ownership to align with the new bot user.
- Updated bot to only respond in group chats when explicitly mentioned.
- Added mention detection using regex for "Claude" patterns and cleaned up the message text for processing.
- Improved help message to clarify usage in direct messages and group chats.
- Replaced `buildPythonApplication` with `python3.withPackages` for a cleaner and more concise implementation.
- Adjusted service configuration to use the updated packaging structure, ensuring compatibility with the new setup.
- Simplifies the NixOS module by reducing redundancy and improving maintainability.
- Added configuration for Nextcloud Claude Bot, including NixOS module, secrets management, and example setup files.
- Introduced a Python-based HTTP server for handling webhook events and interacting with Nextcloud Talk.
- Integrated necessary dependencies and systemd service for seamless operation.
Create 6 new NixOS modules to reduce duplication across system configs:
- hardware/wooting: Wooting keyboard udev rules and Bluetooth compat
- services/nginx-base: Common nginx server settings
- services/acme-base: ACME certificate defaults
- services/xremap: Key remapping with sensible defaults
- system/no-sleep: Disable sleep/suspend/hibernate targets
- system/kernel-tweaks: PM freeze timeout and zram configuration
Update system configuration files to use these new modules.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Added global DNS nameservers configuration for headscale
- Included Cloudflare DNS servers (1.1.1.1, 1.0.0.1) and IPv6 addresses
- Added local DNS server (192.168.178.254) for internal resolution
- Added systemd service dependencies for gitea-runner-default
- Ensured nginx.service is required and started before gitea-runner-default
- Maintains proper service startup order for forgejo deployment
- Enabled `services.gnome.gnome-remote-desktop` in the `x1` configuration.
- Removed an unused `lib` parameter in the `forgejo.nix` module.
- Updated the `home-manager` source in the `flake.lock` file with the latest revision and hash.
Switched from `forgejo-actions-runner` to `forgejo-runner` package for the gitea actions runner instance. This aligns with the updated package naming convention in the system configuration. The change ensures proper integration with the forgejo ecosystem and maintains consistency with the project's package structure.
- Uncommented `rustdesk.nix` in MX system and added `rustdesk-flutter` to GUI services.
- Disabled `services.rustdesk-server.signal` on X1 system to align with updated settings.
- Added extra HTTP headers and security configurations in the Nginx proxy for Headscale.
- Improves websocket handling, security headers, and HTTPS redirection.
- Introduced OIDC settings in Headscale, including allowed domains, client ID, client secret path, and issuer.
- Enables support for OpenID Connect authentication.
- Included `headscale.nix` in the MX system configuration for VPN management.
- Added Nginx and ACME configuration to route traffic securely to Headscale.
- Ensures Headscale is enabled with required settings and packaged in the system.
- Added `services.tailscale.enable = true` to the configurations of SGX, MX, and X1 systems for VPN support.
- Improves secure connectivity and simplifies network management across these systems.
- Added OIDC app to Nextcloud with specific URL, SHA256, and license configuration for authentication support.
- Configured Nginx to redirect `.well-known/webfinger` to Nextcloud for improved compatibility.
- Updated Nextcloud settings to include `overwrite.cli.url` for proper URL handling.
- Added `emailOnFailure.enable` option to metacfg with a default of `false`.
- Enabled email notifications on failure for SGX and MX systems.
- Enhanced `systemd-email-notify` module to support the new configuration.
Removed comment clutter and streamlined the configuration for better readability and maintenance. Ensured the sops secrets and ACME certificate handling remain functional.
Updated the Nextcloud package from version 30 to 31. This ensures access to the latest features and improvements while maintaining compatibility with the system configuration.
Reformatted configuration files for better readability and consistency. Updated lock file dependencies to the latest revisions, ensuring compatibility and performance improvements.
Updated the relay host for RustDesk server from "mx.surfsite.org" to "rustdesk.hoyer.world". This ensures the service uses the new designated host for signal relay.
Enabled `forceSSL` for the RustDesk nginx configuration to ensure secure connections. Replaced `proxyPass` with detailed `extraConfig` to include necessary headers and support for WebSocket connections.
Moved rustdesk-server settings from `default.nix` to a dedicated module `rustdesk.nix`. This improves configuration structure and ensures better modularity for maintainability.
Added `relayHosts` configuration to rustdesk-server to specify the relay host `mx.surfsite.org`. This ensures proper routing and connectivity for the RustDesk service.
Reformatted code blocks for better readability and consistency in Nextcloud and Darwin home configurations. No functional changes were made, ensuring existing behavior remains intact.
Include `config` in function parameters for better configurability. Removed unnecessary Nextcloud apps such as `files_texteditor`, `files_markdown`, `twofactor_backupcodes`, and `twofactor_totp` to streamline service setup.
Enhance Nextcloud setup by enabling additional applications such as calendar, contacts, and notes. This change improves the service's functionality and usability by integrating essential productivity tools directly into the Nextcloud environment.
Change the working directory from `/root` to `/root/nixcfg` in the `nixos-upgrade` systemd service to ensure the correct configuration repository is used. This update prevents potential errors due to fetching and resetting in the wrong directory.
Include git in the `PATH` for the `nixos-upgrade` systemd service. This change ensures that the service can execute git commands during its operations. The path addition resolves issues related to unavailable git commands.
Introduce a preStart hook to the nixos-upgrade systemd service to ensure the local repository is updated before upgrades by fetching and resetting to the origin's HEAD. This enhances the reliability and consistency of the upgrade process. Also, maintain the commented out old flake path for backward traceability.
Remove duplicate configurations for the rot8000 git filter from both mx and base modules. This change helps to streamline the code by ensuring that the unnecessary and redundant configurations are eliminated.
