diff --git a/.secrets/x1/files.yaml b/.secrets/x1/files.yaml deleted file mode 100644 index a20919b..0000000 --- a/.secrets/x1/files.yaml +++ /dev/null @@ -1,41 +0,0 @@ -hello: ENC[AES256_GCM,data:fXNDiacuFhmqmbo9FiGmoBKeOk7KvuVw3ytzcEzj/VxkqoDCGtJ2YX/TaVQfsQ==,iv:bHP2CYXZth3DX6OIeqdzv3zmFVWdRaNBvLuZx0FSyf8=,tag:bn1w5QcyyQ5EcXyoFnc1Zw==,type:str] -example_key: ENC[AES256_GCM,data:lumROh5JwNpCJrNzxg==,iv:FLmpmVtzMUzPV9Y0nLTKXzisUqCZKonv44LviQTMsfU=,tag:Hp2N7AG7lGNQstt27Ty8pw==,type:str] -#ENC[AES256_GCM,data:KrggG2yc0mFi3zoZ+WLd7w==,iv:GQZPZZH4xGxFcP5BLiwUIVQkCi7Bsmalsz/myNBbdoI=,tag:fzmEQLnWjfVc+iywEFwp9Q==,type:comment] -example_array: - - ENC[AES256_GCM,data:7go3euwMIP7BDuq96vo=,iv:P8hx+DSSbkhrw0SOKLMtcc4/TZBODnQnQFRUxv49oio=,tag:Xi5JbLc+xvcOOv10pY1ydw==,type:str] - - ENC[AES256_GCM,data:WVgP3/Hak8ha5yaPmTU=,iv:2DwnOLze1a0vXfOey2xv4qOVE1PhOMq3e+GR/3RiOPU=,tag:TftAtYcHRQctTV5sBHPKFw==,type:str] -example_number: ENC[AES256_GCM,data:fOprnAAZ/267JQ==,iv:5jvsM3i5iHcpSJWqcryqQJQZCrEP72jcAkyc7qVVirk=,tag:nxecWgcSZOyzuwvOlFawyw==,type:float] -example_booleans: - - ENC[AES256_GCM,data:iCUmxA==,iv:On6DiKbzithmRq+smOW4pEq3tod0zWWT7dyW9ArolLY=,tag:yoD9ODLYSZkuP0qkUrkR3w==,type:bool] - - ENC[AES256_GCM,data:dAYxptk=,iv:JAm9mvA5EH581cZkaNK8yYkV8U8o2gWR2jAh+mUMxt0=,tag:W5sHPszsOzUDZ6mQgIcq+w==,type:bool] -hosts: ENC[AES256_GCM,data:/28ojxFukz4ThwSjQGURtf+h5Ic5WJN6P8nC75zQWan6LANOVc1zk5tVh7qmSLXcGvGW/2IE0dpz2ysY+z7ujYdKSDA2neFy8+NoBXc3REG60nF/QdNiHMg2rlLfq9n7eQAqXGBSpED/41Y/YO2nuV8ehL4GtsDOuFZnxujnLbu+Q6u30yf+/IVqlk3VnWm5C+Fy6bdX2bYOUyM5ce313i4u5slBEBs0l1lQjX1vE4KK5F6t3d410NdGHShB+RXkOhaBujKX/hKEXWQku/nnjgOiP+JURB/qA/SZzxO/yoV7htNvCE/JcfmTk85SVPAmp7uy4egyK4FveKRXtT5Gla1Vnrg1v9NAVCuYgQECqhE3IYEjtUlxul0h+OI4JmnP6y90nLz8RozxGw4qIc8yJgOZmVORqr2PqbFbtdj8MKid9Df0ciU=,iv:YhMTYHV3kc3LQrAGaPgkek5ZrEYYcZxNOPyKUSbgsC8=,tag:Axx5CIPWdDb8hukM7H4sxg==,type:str] -wg: ENC[AES256_GCM,data:HjvSsKAkH2yIpuPPteNz/7guP46OrRvH2eKIQPxMSf/kiWXHTRUZDUmGakbOryirkakkgQF1fwxRXehiFULvfaPb9WNx6kR7X7orNWmSR5CRmNWBCB5y7CRsSlO3frL8iKR1JLFjew7omktHiXBew63q38YvsvOeXI2zoLumuGuXl6JH5D9hK2AvEBUehMSkBzrLFgZNeNjsxnFatQEic9e6namjJ2TqcT4F1z4u/5yptkmUCpn4isLjV23zFOALOXcjjyy/9ztcKMGiGE+ULQM3fm+7c3ryux/PmREr2Aj0IDQMDXgJCPvdiHhXvC7K/oGwJPDJeP0v,iv:Lnz5RyUi9D3dClgzFmm4EeD6SZGuFFbs6JBIZevUIdo=,tag:EjheBu/a392lcAgQVVtIuw==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1z87u2na6vts0sqg6sc73p9ym6e5g9a0gf3hp9e7ha47e83zy4efqcjhk0y - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRRXJtL2lpZlR1TDBRalZr - dmdpdmRrVGF0TnJFZHExQ3BuSS96Z0E5aENNCjNHbmJCRzdUVG9GOEdMaERRNzY2 - aStWNTR2UHkwL3MvNGJnZGFhTXFaencKLS0tIFNlTDZWQVRpbWxJb2JlenRFRDJY - SFVUUHE0emZ6MS9VR0FWcytyQy90elUK3g0fuPB45+JnrRxgD+7Iijz6yUVVXct2 - w5T1UPZElKZQM6VL0QMozD8/piu5sk15cubMnmLjxESztpMRxrgPnw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBoYTdLcm9yTmRRaU5Qdlpy - M2dsalNReWhpZTZtNW9xL3pNbVUzOEZuMkJRCmpXcHpCZkt3NEZJYXBNMXc0Q3BY - ZlVBZ2hCenViSW5jRTc1cXFWVEJRZ2cKLS0tIGVROVBxaUFMNXVjdkcwNEE2VzJl - blhTd3BhbmgvZHQ4dkF3TTJMcERRN2sKoPKAYvJzRm72V5WEee+vNqjw+mRL66ir - DQRas5WfwqOIxHcPHpXHLu9zhmwlNKS+vt4GcG81l4eQLFDFmBol5w== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-04-04T11:23:03Z" - mac: ENC[AES256_GCM,data:l/WirVeSYQLuaZEjAPyX+5DJu3hfqiw1ZzPUNAbNKFQ1vUQf5Zxo3tfM7ROO+x95T9jGE271TIchTJAVu0C2XFTSPv7fJ9+WWyUr3JeFN1kFXt/k8Q5aLGdffAInhN2exsw/KKP0IXta5t4g2QfFsBZTDKCqLaj+WUeGBEJfjoc=,iv:J+6OIcE6i0Nt1Nb4m+aBBYeCj1iLNFigrRWYyYbY5GU=,tag:XTBvtWFNgRzuVyT7sWkGlg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.4 diff --git a/.sops.yaml b/.sops.yaml index 178f37d..7449b04 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -2,7 +2,6 @@ keys: - &server_hetzner age1qur4kh3gay9ryk3jh2snvjp6x9eq94zdrmgkrfcv4fzsu7l6lumq4tr3uy - &server_sgx age149fqcw5jze00vd7jauylrp4j5xyv7amlu57jjfuzghkqtzlnxajs704uz3 - &server_t15 age1f2yu0cc826ej7hs4g865y29zy9uqfy0yp32f2m80typpk2pxqp7sfcffj4 - - &server_x1 age1z87u2na6vts0sqg6sc73p9ym6e5g9a0gf3hp9e7ha47e83zy4efqcjhk0y - &harald age1dwcz3fmp29ju4svy0t0wz4ylhpwlqa8xpw4l7t4gmgqr0ev37qrsfn840l creation_rules: - path_regex: .secrets/hetzner/[^/]+\.(yaml|json|env|ini)$ @@ -20,8 +19,3 @@ creation_rules: - age: - *server_t15 - *harald - - path_regex: .secrets/x1/[^/]+\.(yaml|json|env|ini)$ - key_groups: - - age: - - *server_x1 - - *harald diff --git a/flake.lock b/flake.lock index 3d8d015..1cc38d5 100644 --- a/flake.lock +++ b/flake.lock @@ -388,11 +388,11 @@ ] }, "locked": { - "lastModified": 1743387206, - "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", + "lastModified": 1742655702, + "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", + "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", "type": "github" }, "original": { @@ -799,11 +799,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1743576891, - "narHash": "sha256-vXiKURtntURybE6FMNFAVpRPr8+e8KoLPrYs9TGuAKc=", + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "44a69ed688786e98a101f02b712c313f1ade37ab", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", "type": "github" }, "original": { @@ -2818,11 +2818,11 @@ }, "unstable": { "locked": { - "lastModified": 1743583204, - "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=", + "lastModified": 1742669843, + "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434", + "rev": "1e5b653dff12029333a6546c11e108ede13052eb", "type": "github" }, "original": { diff --git a/overlays/unstable/aider-chat.nix b/overlays/unstable/aider-chat.nix deleted file mode 100644 index 429839f..0000000 --- a/overlays/unstable/aider-chat.nix +++ /dev/null @@ -1,257 +0,0 @@ -{ lib -, stdenv -, python312 -, fetchFromGitHub -, fetchurl -, pkg-config -, gitMinimal -, portaudio -, playwright-driver -, pkgs -, tree-sitter-grammars -}: - -let - python3 = python312.override { - self = python3; - packageOverrides = _: super: { tree-sitter = super.tree-sitter_0_21; }; - }; - - tree-sitter-language-pack = python312.pkgs.buildPythonPackage { - pname = "tree-sitter-language-pack"; - version = "0.6.1"; - src = fetchurl { - url = "https://files.pythonhosted.org/packages/1b/d6/d9120dd60db977534ee1dea1459fa8695bfd220d003f2b7b9b74e9df19e0/tree_sitter_language_pack-0.6.1.tar.gz"; - sha256 = "1f826jb7sikd7rsr92y8c3b4jaf8byifmr01v5i2ar4vdddmyqx4"; - }; - pyproject = true; - - build-system = with python312.pkgs; [ - setuptools - cython - typing-extensions - ]; - - nativeBuildInputs = with pkgs; with pkgs.tree-sitter-grammars; [ - tree-sitter - tree-sitter-c-sharp - tree-sitter-embedded-template - tree-sitter-yaml - ]; - - propagatedBuildInputs = with python312.pkgs; with pkgs.tree-sitter-grammars; [ - tree-sitter - tree-sitter-c-sharp - tree-sitter-embedded-template - tree-sitter-yaml - ]; - - nativeCheckInputs = [ python312.pkgs.pytestCheckHook ]; - # Without cd $out, tests fail to import the compiled cython extensions. - # Without copying the ./tests/ directory to $out, pytest won't detect the - # tests and run them. See also: - # https://github.com/NixOS/nixpkgs/issues/255262 - preCheck = '' - cp -r tests $out/${python3.sitePackages}/tree_sitter_language_pack - cd $out - ''; - - pythonImportsCheck = [ "tree_sitter_language_pack" ]; - }; - - version = "0.79.0"; - aider-chat = python3.pkgs.buildPythonPackage { - pname = "aider-chat"; - inherit version; - pyproject = true; - - src = fetchFromGitHub { - owner = "Aider-AI"; - repo = "aider"; - tag = "v${version}"; - hash = "sha256-8XC/pc5caNp8C7k/YBaLSXakjM13wxFgr2RkmaArIL8="; - }; - - pythonRelaxDeps = true; - - build-system = with python3.pkgs; [ setuptools-scm ]; - - dependencies = with python3.pkgs; [ - aiohappyeyeballs - aiohttp - aiosignal - annotated-types - anyio - attrs - backoff - beautifulsoup4 - certifi - cffi - charset-normalizer - click - configargparse - diff-match-patch - diskcache - distro - filelock - flake8 - frozenlist - fsspec - gitdb - gitpython - grep-ast - h11 - httpcore - httpx - huggingface-hub - idna - importlib-resources - jinja2 - jiter - json5 - jsonschema - jsonschema-specifications - litellm - markdown-it-py - markupsafe - mccabe - mdurl - multidict - networkx - numpy - openai - packaging - pathspec - pexpect - pillow - prompt-toolkit - psutil - ptyprocess - pycodestyle - pycparser - pydantic - pydantic-core - pydub - pyflakes - pygments - pypandoc - pyperclip - python-dotenv - pyyaml - referencing - regex - requests - rich - rpds-py - scipy - smmap - sniffio - sounddevice - socksio - soundfile - soupsieve - tiktoken - tokenizers - tqdm - tree-sitter - tree-sitter-languages - tree-sitter-language-pack - typing-extensions - urllib3 - watchfiles - wcwidth - yarl - zipp - pip - - # Not listed in requirements - mixpanel - monotonic - posthog - propcache - python-dateutil - ]; - - buildInputs = [ portaudio ]; - - nativeCheckInputs = (with python3.pkgs; [ pytestCheckHook ]) ++ [ gitMinimal ]; - - disabledTestPaths = [ - # Tests require network access - "tests/scrape/test_scrape.py" - # Expected 'mock' to have been called once - "tests/help/test_help.py" - ]; - - disabledTests = - [ - # Tests require network - "test_urls" - "test_get_commit_message_with_custom_prompt" - # FileNotFoundError - "test_get_commit_message" - # Expected 'launch_gui' to have been called once - "test_browser_flag_imports_streamlit" - # AttributeError - "test_simple_send_with_retries" - # Expected 'check_version' to have been called once - "test_main_exit_calls_version_check" - # AssertionError: assert 2 == 1 - "test_simple_send_non_retryable_error" - ] - ++ lib.optionals stdenv.hostPlatform.isDarwin [ - # Tests fails on darwin - "test_dark_mode_sets_code_theme" - "test_default_env_file_sets_automatic_variable" - # FileNotFoundError: [Errno 2] No such file or directory: 'vim' - "test_pipe_editor" - ]; - - makeWrapperArgs = [ - "--set AIDER_CHECK_UPDATE false" - "--set AIDER_ANALYTICS false" - ]; - - preCheck = '' - export HOME=$(mktemp -d) - export AIDER_ANALYTICS="false" - ''; - - optional-dependencies = with python3.pkgs; { - playwright = [ - greenlet - playwright - pyee - typing-extensions - ]; - }; - - passthru = { - withPlaywright = aider-chat.overridePythonAttrs ( - { dependencies - , makeWrapperArgs - , propagatedBuildInputs ? [ ] - , ... - }: - { - dependencies = dependencies ++ aider-chat.optional-dependencies.playwright; - propagatedBuildInputs = propagatedBuildInputs ++ [ playwright-driver.browsers ]; - makeWrapperArgs = makeWrapperArgs ++ [ - "--set PLAYWRIGHT_BROWSERS_PATH ${playwright-driver.browsers}" - "--set PLAYWRIGHT_SKIP_VALIDATE_HOST_REQUIREMENTS=true" - ]; - } - ); - }; - - meta = { - description = "AI pair programming in your terminal"; - homepage = "https://github.com/paul-gauthier/aider"; - changelog = "https://github.com/paul-gauthier/aider/blob/v${version}/HISTORY.md"; - license = lib.licenses.asl20; - maintainers = with lib.maintainers; [ happysalada ]; - mainProgram = "aider"; - }; - }; -in -aider-chat diff --git a/overlays/unstable/default.nix b/overlays/unstable/default.nix index 7ba9efd..130f452 100644 --- a/overlays/unstable/default.nix +++ b/overlays/unstable/default.nix @@ -6,11 +6,6 @@ final: prev: { open-webui claude-code aider-chat - vscode ; - goose-cli = channels.unstable.callPackage ./goose.nix { }; - vscode-extensions = channels.unstable.vscode-extensions // { - rooveterinaryinc = { roo-cline = channels.unstable.callPackage ./roo-code.nix { }; }; - }; } diff --git a/overlays/unstable/goose.nix b/overlays/unstable/goose.nix index eb644fb..8056930 100644 --- a/overlays/unstable/goose.nix +++ b/overlays/unstable/goose.nix @@ -25,18 +25,18 @@ let in rustPlatform.buildRustPackage rec { pname = "goose-cli"; - version = "1.0.17"; + version = "1.0.16-1"; src = fetchFromGitHub { owner = "block"; repo = "goose"; - tag = "v${version}"; - #rev = "e7ad230957053dac7643701a69439ac19d5d2bf6"; - hash = "sha256-l/lcwTNUq2xJHh0MKhnDZjRJ/5cANbdar/Vusf38esQ="; + #tag = "v${version}"; + rev = "e7ad230957053dac7643701a69439ac19d5d2bf6"; + hash = "sha256-328lLQeZClZI/mKFLvUppdZLjYwwiMR6WmS2ZroZxLU="; }; useFetchCargoVendor = true; - cargoHash = "sha256-1xKWzgptnM1ZP0nQXILBoaKVwL2FyXpldTUIa1ITQO0="; + cargoHash = "sha256-hcIbwNDagH5pajHrJxp+qJscLRHKr3SAFkNPr4NwtBc="; nativeBuildInputs = [ pkg-config ]; @@ -61,7 +61,6 @@ rustPlatform.buildRustPackage rec { "--skip=config::base::tests::test_secret_management" # Observer should be Some with both init project keys set "--skip=tracing::langfuse_layer::tests::test_create_langfuse_observer" - "--skip=providers::gcpauth::tests::test_token_refresh_race_condition" ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ # Lazy instance has previously been poisoned diff --git a/overlays/unstable/roo-code.nix b/overlays/unstable/roo-code.nix deleted file mode 100644 index b92f425..0000000 --- a/overlays/unstable/roo-code.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ lib -, vscode-utils -, vscode-extensions-update-script -, -}: - -vscode-utils.buildVscodeMarketplaceExtension { - mktplcRef = { - publisher = "RooVeterinaryInc"; - name = "roo-cline"; - version = "3.11.10"; - hash = "sha256-ZonPsVG9IIbdz1i3oBPcOjRsXTYZ/pUOjguUhY0bzWY="; - }; - - passthru.updateScript = vscode-extensions-update-script { }; - - meta = { - description = "AI-powered autonomous coding agent that lives in your editor"; - downloadPage = "https://marketplace.visualstudio.com/items?itemName=RooVeterinaryInc.roo-cline"; - homepage = "https://github.com/RooVetGit/Roo-Code"; - license = lib.licenses.asl20; - maintainers = with lib.maintainers; [ emaryn ]; - }; -} diff --git a/systems/x86_64-linux/x1/default.nix b/systems/x86_64-linux/x1/default.nix index 91cff05..2f5d4d5 100644 --- a/systems/x86_64-linux/x1/default.nix +++ b/systems/x86_64-linux/x1/default.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, config, ... }: +{ pkgs, lib, ... }: with lib; with lib.metacfg; { @@ -7,30 +7,6 @@ with lib.metacfg; # ./ipu.nix ]; - sops.age.sshKeyPaths = [ "/var/lib/secrets/ssh_host_ed25519_key" ]; - sops.secrets."wg".sopsFile = ../../../.secrets/x1/files.yaml; - sops.secrets."wg".mode = "0444"; - sops.secrets."hosts".sopsFile = ../../../.secrets/x1/files.yaml; - sops.secrets."hosts".mode = "0444"; - - environment.etc."wg0.backup.conf".source = config.sops.secrets."wg".path; - environment.etc."hosts.backup".source = config.sops.secrets."hosts".path; - - services.openssh = { - enable = true; - hostKeys = [ - { - path = "/var/lib/secrets/ssh_host_ed25519_key"; - type = "ed25519"; - } - { - path = "/var/lib/secrets/ssh_host_rsa_key"; - type = "rsa"; - bits = 4096; - } - ]; - }; - hardware.bluetooth.input.General.ClassicBondedOnly = false; services.udev.extraRules = '' KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="342d", ATTRS{idProduct}=="e4c5", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl" @@ -86,17 +62,6 @@ with lib.metacfg; claude-desktop-with-fhs goose-cli aider-chat - #vscode - (vscode-with-extensions.override { - vscodeExtensions = with vscode-extensions; [ - rooveterinaryinc.roo-cline - rust-lang.rust-analyzer - github.copilot - ms-python.python - ms-azuretools.vscode-docker - ms-vscode-remote.remote-ssh - ]; - }) ]; zramSwap.enable = true;