lib: River IP update

devshell: Add git config safe.directory for build-n-switch
nixos/common: Disable channels
2025-01-01 19:14:04 +00:00 · 2024-12-23 10:32:13 +00:00 · 2024-12-12 12:38:01 +00:00 · 2024-12-11 17:17:33 +00:00 · 2024-11-30 19:31:58 +00:00 · 2024-11-30 19:31:43 +00:00
35 changed files with 238 additions and 281 deletions
--- a/.gitea/workflows/ci.yaml
+++ b/.gitea/workflows/ci.yaml
@@ -6,7 +6,7 @@ on:
 jobs:
  check:
-    name: Check, build and cache Nix flake
+    name: Check, build and cache nixfiles
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4
@@ -25,15 +25,23 @@ jobs:
            extra-trusted-public-keys = nix-cache.nul.ie-1:BzH5yMfF4HbzY1C977XzOxoPhEc9Zbu39ftPkUbH+m4=
      - name: Check flake
-        run: nix flake check
+        run: nix flake check --no-build
      - name: Build the world
        id: build
        run: |
          path=$(nix build --no-link .#ci.x86_64-linux --json | jq -r .[0].outputs.out)
          echo "path=$path" >> "$GITHUB_OUTPUT"
-      - name: Push to cache
+      - name: Build (and cache) the world
        id: build
        env:
          HARMONIA_SSH_KEY: ${{ secrets.HARMONIA_SSH_KEY }}
        run: |
-          ci/push-to-cache.sh "${{ steps.build.outputs.path }}"
+          nix eval --json --apply "builtins.attrNames" .#ci.x86_64-linux | jq -cr '.[]' | while read job; do
            echo "::group::Build $job"
            nix build --no-link .#ci.x86_64-linux."$job"
            echo "::endgroup::"
            echo "::group::Cache $job"
            ci/push-to-cache.sh "$(nix eval --raw .#ci.x86_64-linux."$job")"
            echo "::endgroup::"
          done
          echo "Building and caching CI derivation"
          nix build --no-link .#ciDrv.x86_64-linux
          UPDATE_PROFILE=1 ci/push-to-cache.sh "$(nix eval --raw .#ciDrv.x86_64-linux)"
--- a/ci/push-to-cache.sh
+++ b/ci/push-to-cache.sh
@@ -22,8 +22,10 @@ path="$1"
 echo "Pushing $path to cache..."
 nix copy --no-check-sigs --to "$STORE_URI" "$path"
-echo "Updating profile..."
+if [ -n "$UPDATE_PROFILE" ]; then
-remote_cmd nix-env -p "$REMOTE_STORE"/nix/var/nix/profiles/nixfiles --set "$path"
+  echo "Updating profile..."
  remote_cmd nix-env -p "$REMOTE_STORE"/nix/var/nix/profiles/nixfiles --set "$path"
-echo "Collecting garbage..."
+  echo "Collecting garbage..."
-remote_cmd nix-collect-garbage --delete-older-than 30d
+  remote_cmd nix-collect-garbage --delete-older-than 60d
 fi
--- a/devshell/commands.nix
+++ b/devshell/commands.nix
@@ -77,7 +77,12 @@ in
      name = "build-n-switch";
      category = "tasks";
      help = "Shortcut to nixos-rebuild for this flake";
-      command = ''doas nixos-rebuild --flake . "$@"'';
+      command = ''
        # HACK: Upstream changes in Git + Nix makes this necessary
        # https://github.com/NixOS/nix/issues/10202
        doas git config --global --add safe.directory "$PWD"
        doas nixos-rebuild --flake . "$@"
      '';
    }
    {
      name = "run-vm";
@@ -115,29 +120,17 @@ in
      help = "Build home-manager configuration";
      command = ''nix build "''${@:2}" ".#homeConfigurations.\"$1\".activationPackage"'';
    }
    {
      name = "update-inputs";
      category = "tasks";
      help = "Update flake inputs";
      command = ''
        args=()
        for f in "$@"; do
          args+=(--update-input "$f")
        done
        nix flake lock "''${args[@]}"
      '';
    }
    {
      name = "update-nixpkgs";
      category = "tasks";
      help = "Update nixpkgs flake inputs";
-      command = ''update-inputs nixpkgs-{unstable,stable,mine,mine-stable}'';
+      command = ''nix flake update nixpkgs-{unstable,stable,mine,mine-stable}'';
    }
    {
      name = "update-home-manager";
      category = "tasks";
      help = "Update home-manager flake inputs";
-      command = ''update-inputs home-manager-{unstable,stable}'';
+      command = ''nix flake update home-manager-{unstable,stable}'';
    }
    {
      name = "update-installer";
--- a/devshell/default.nix
+++ b/devshell/default.nix
@@ -11,7 +11,7 @@ in
    NIX_USER_CONF_FILES = toString (pkgs.writeText "nix.conf"
      ''
-        experimental-features = nix-command flakes ca-derivations repl-flake
+        experimental-features = nix-command flakes ca-derivations
        connect-timeout = 5
        fallback = true
        ${lib.my.c.nix.cache.conf}
--- a/flake.lock
+++ b/flake.lock
@@ -56,11 +56,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1692446555,
+        "lastModified": 1732994213,
-        "narHash": "sha256-Uzl8TiGKVBCjwYhkprSwbcu8xlcQwnDNIqsk9rM+P9w=",
+        "narHash": "sha256-3v8cTsPB+TIdWmc1gmRNd0Mi0elpfi39CXRsA/2x/Oo=",
        "owner": "devplayer0",
        "repo": "borg",
-        "rev": "44a3dc19b014ebc8d33db0b3e145ed7bfc9a0cb7",
+        "rev": "795f5009445987d42f32de1b49fdeb2d88326a64",
        "type": "github"
      },
      "original": {
@@ -437,16 +437,16 @@
        ]
      },
      "locked": {
-        "lastModified": 1726989464,
+        "lastModified": 1732466619,
-        "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
+        "narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
+        "rev": "f3111f62a23451114433888902a55cf0692b408d",
        "type": "github"
      },
      "original": {
        "id": "home-manager",
-        "ref": "release-24.05",
+        "ref": "release-24.11",
        "type": "indirect"
      }
    },
@@ -457,11 +457,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1732482255,
+        "lastModified": 1732884235,
-        "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
+        "narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
+        "rev": "819f682269f4e002884702b87e445c82840c68f2",
        "type": "github"
      },
      "original": {
@@ -545,11 +545,11 @@
    },
    "nixpkgs-mine": {
      "locked": {
-        "lastModified": 1731774603,
+        "lastModified": 1732985787,
-        "narHash": "sha256-d8Y7nqzdjKqG/sOkEm52J0C6jBX0cn1GHGuh0GUTqyI=",
+        "narHash": "sha256-6rSJ9L4QywpHLi/xvpOHdTuPm6/eOJcXxnYzDbP3U1k=",
        "owner": "devplayer0",
        "repo": "nixpkgs",
-        "rev": "0712614f7c9f98eddf838c2a6ae1a2e315ca6b83",
+        "rev": "a28c46933ef5038fb7a2dd483b85152a539c7969",
        "type": "github"
      },
      "original": {
@@ -561,11 +561,11 @@
    },
    "nixpkgs-mine-stable": {
      "locked": {
-        "lastModified": 1731774637,
+        "lastModified": 1732985894,
-        "narHash": "sha256-j2swiGIVhYDpbsf+uCfMmxZ69nzy5VvW6OKUSJFifds=",
+        "narHash": "sha256-YYuQQCcSF6KjgtAenZJiBmqt5jqP3UvYgC424VQ+22s=",
        "owner": "devplayer0",
        "repo": "nixpkgs",
-        "rev": "682a245504aa86e26aab8d4a5273333946d19689",
+        "rev": "e0a3f4e2bbc5f7b681e344b389dcbab23f2e92a8",
        "type": "github"
      },
      "original": {
@@ -577,26 +577,26 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1731797254,
+        "lastModified": 1732824227,
-        "narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
+        "narHash": "sha256-fYNXgpu1AEeLyd3fQt4Ym0tcVP7cdJ8wRoqJ+CtTRyY=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
+        "rev": "c71ad5c34d51dcbda4c15f44ea4e4aa6bb6ac1e9",
        "type": "github"
      },
      "original": {
        "id": "nixpkgs",
-        "ref": "nixos-24.05",
+        "ref": "nixos-24.11",
        "type": "indirect"
      }
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1732014248,
+        "lastModified": 1732758367,
-        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
+        "narHash": "sha256-RzaI1RO0UXqLjydtz3GAXSTzHkpb/lLD1JD8a0W4Wpo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
+        "rev": "fa42b5a5f401aab8a32bd33c9a4de0738180dc59",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -7,13 +7,13 @@
    devshell.inputs.nixpkgs.follows = "nixpkgs-unstable";
    nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
-    nixpkgs-stable.url = "nixpkgs/nixos-24.05";
+    nixpkgs-stable.url = "nixpkgs/nixos-24.11";
    nixpkgs-mine.url = "github:devplayer0/nixpkgs/devplayer0";
    nixpkgs-mine-stable.url = "github:devplayer0/nixpkgs/devplayer0-stable";
    home-manager-unstable.url = "home-manager";
    home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs-unstable";
-    home-manager-stable.url = "home-manager/release-24.05";
+    home-manager-stable.url = "home-manager/release-24.11";
    home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable";
    # Stuff used by the flake for build / deployment
@@ -204,8 +204,9 @@
        systems' = mapAttrs' (n: v: nameValuePair "system-${n}" v) systems;
        packages' = mapAttrs' (n: v: nameValuePair "package-${n}" v) packages;
      in
-        pkgs.linkFarm "ci" (homes' // systems' // packages' // {
+        homes' // systems' // packages' // {
          inherit shell;
-        });
+        };
      ciDrv = pkgs.linkFarm "ci" ci;
    }));
 }
--- a/home-manager/modules/gui/default.nix
+++ b/home-manager/modules/gui/default.nix
@@ -42,9 +42,8 @@ in
            xdg-utils
            font.package
-            (nerdfonts.override {
+            nerd-fonts.sauce-code-pro
-              fonts = [ "DroidSansMono" "SourceCodePro" ];
+            nerd-fonts.droid-sans-mono
            })
            noto-fonts-emoji
            grim
@@ -80,7 +79,7 @@ in
          alacritty = {
            enable = true;
            settings = {
-              import = [ ./alacritty-xterm.toml ];
+              general.import = [ ./alacritty-xterm.toml ];
              font = {
                size = font.size;
--- a/lib/constants.nix
+++ b/lib/constants.nix
@@ -27,7 +27,7 @@ rec {
  kernel = {
    lts = pkgs: pkgs.linuxKernel.packages.linux_6_6;
-    latest = pkgs: pkgs.linuxKernel.packages.linux_6_11;
+    latest = pkgs: pkgs.linuxKernel.packages.linux_6_12;
  };
  nginx = rec {
@@ -267,7 +267,7 @@ rec {
      "stream"
    ];
    routersPubV4 = [
-      "80.111.122.16"
+      "109.255.31.155"
      "109.255.252.63"
    ];
--- a/nixos/boxes/britway/default.nix
+++ b/nixos/boxes/britway/default.nix
@@ -106,7 +106,7 @@ in
                  {
                    matchConfig.Name = "as211024";
                    networkConfig.IPv6AcceptRA = mkForce false;
-                    routes = map (r: { routeConfig = r; }) [
+                    routes = [
                      {
                        Destination = lib.my.c.colony.prefixes.all.v4;
                        Gateway = allAssignments.estuary.as211024.ipv4.address;
@@ -123,7 +123,7 @@ in
                        Table = "ts-extra";
                      }
                    ];
-                    routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
+                    routingPolicyRules = [
                      {
                        IncomingInterface = "tailscale0";
                        To = lib.my.c.colony.prefixes.all.v6;
--- a/nixos/boxes/britway/tailscale.nix
+++ b/nixos/boxes/britway/tailscale.nix
@@ -1,5 +1,6 @@
 { lib, pkgs, config, assignments, allAssignments, ... }:
 let
  inherit (lib) concatStringsSep;
  inherit (lib.my.c) pubDomain;
  inherit (lib.my.c.britway) prefixes domain;
@@ -19,6 +20,10 @@ let
    });
  });
  advRoutes = concatStringsSep "," [
    lib.my.c.home.prefixes.all.v4
    lib.my.c.home.prefixes.all.v6
  ];
  pubNameservers = [
    "1.1.1.1"
    "1.0.0.1"
@@ -85,6 +90,7 @@ in
          "--login-server=https://hs.nul.ie"
          "--netfilter-mode=off"
          "--advertise-exit-node"
          "--advertise-routes=${advRoutes}"
          "--accept-routes=false"
        ];
      };
--- a/nixos/boxes/colony/default.nix
+++ b/nixos/boxes/colony/default.nix
@@ -252,10 +252,10 @@ in
                  };
                  ipv6Prefixes = [
                    {
-                      ipv6PrefixConfig.Prefix = prefixes.vms.v6;
+                      Prefix = prefixes.vms.v6;
                    }
                  ];
-                  routes = map (r: { routeConfig = r; }) [
+                  routes = [
                    {
                      Destination = prefixes.ctrs.v4;
                      Gateway = allAssignments.shill.routing.ipv4.address;
@@ -327,10 +327,10 @@ in
                };
                ipv6Prefixes = [
                  {
-                    ipv6PrefixConfig.Prefix = prefixes.mail.v6;
+                    Prefix = prefixes.mail.v6;
                  }
                ];
-                routes = map (r: { routeConfig = r; }) [
+                routes = [
                  {
                    Destination = prefixes.mail.v4;
                    Scope = "link";
@@ -350,10 +350,10 @@ in
                };
                ipv6Prefixes = [
                  {
-                    ipv6PrefixConfig.Prefix = prefixes.darts.v6;
+                    Prefix = prefixes.darts.v6;
                  }
                ];
-                routes = map (r: { routeConfig = r; }) [
+                routes = [
                  {
                    Destination = prefixes.darts.v4;
                    Scope = "link";
--- a/nixos/boxes/colony/vms/estuary/default.nix
+++ b/nixos/boxes/colony/vms/estuary/default.nix
@@ -164,11 +164,9 @@ in
                    };
                    wireguardPeers = [
                      {
-                        wireguardPeerConfig = {
+                        PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
-                          PublicKey = "7N9YdQaCMWWIwAnW37vrthm9ZpbnG4Lx3gheHeRYz2E=";
+                        AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
-                          AllowedIPs = [ allAssignments.kelder.estuary.ipv4.address ];
+                        PersistentKeepalive = 25;
                          PersistentKeepalive = 25;
                        };
                      }
                    ];
                  };
@@ -278,52 +276,51 @@ in
                    };
                    ipv6Prefixes = [
                      {
-                        ipv6PrefixConfig.Prefix = prefixes.base.v6;
+                        Prefix = prefixes.base.v6;
                      }
                    ];
-                    routes = map (r: { routeConfig = r; }) (flatten
+                    routes = flatten ([
-                      ([
+                      {
-                        {
+                        Destination = prefixes.vip1;
-                          Destination = prefixes.vip1;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                      }
-                        }
+                      {
-                        {
+                        Destination = prefixes.vip3;
-                          Destination = prefixes.vip3;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                      }
-                        }
+                      {
-                        {
+                        Destination = prefixes.darts.v4;
-                          Destination = prefixes.darts.v4;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                      }
-                        }
+                      {
-                        {
+                        Destination = prefixes.cust.v6;
-                          Destination = prefixes.cust.v6;
+                        Gateway = allAssignments.colony.internal.ipv6.address;
-                          Gateway = allAssignments.colony.internal.ipv6.address;
+                      }
                        }
-                        {
+                      {
-                          Destination = lib.my.c.tailscale.prefix.v4;
+                        Destination = lib.my.c.tailscale.prefix.v4;
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                        }
+                      }
-                        {
+                      {
-                          Destination = lib.my.c.tailscale.prefix.v6;
+                        Destination = lib.my.c.tailscale.prefix.v6;
-                          Gateway = allAssignments.colony.internal.ipv6.address;
+                        Gateway = allAssignments.colony.internal.ipv6.address;
-                        }
+                      }
-                        {
+                      {
-                          Destination = prefixes.qclk.v4;
+                        Destination = prefixes.qclk.v4;
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                        }
+                      }
-                      ] ++
+                    ] ++
-                      (map (pName: [
+                    (map (pName: [
-                        {
+                      {
-                          Gateway = allAssignments.colony.routing.ipv4.address;
+                        Gateway = allAssignments.colony.routing.ipv4.address;
-                          Destination = prefixes."${pName}".v4;
+                        Destination = prefixes."${pName}".v4;
-                        }
+                      }
-                        {
+                      {
-                          Destination = prefixes."${pName}".v6;
+                        Destination = prefixes."${pName}".v6;
-                          Gateway = allAssignments.colony.internal.ipv6.address;
+                        Gateway = allAssignments.colony.internal.ipv6.address;
-                        }
+                      }
-                      ]) [ "vms" "ctrs" "oci" ])));
+                    ]) [ "vms" "ctrs" "oci" ]));
                  }
                ];
@@ -332,7 +329,7 @@ in
                  {
                    matchConfig.Name = "as211024";
                    networkConfig.IPv6AcceptRA = mkForce false;
-                    routes = map (r: { routeConfig = r; }) [
+                    routes = [
                      {
                        Destination = lib.my.c.home.prefixes.all.v4;
                        Gateway = lib.my.c.home.vips.as211024.v4;
@@ -344,10 +341,8 @@ in
                  matchConfig.Name = "kelder";
                  routes = [
                    {
-                      routeConfig = {
+                      Destination = allAssignments.kelder.estuary.ipv4.address;
-                        Destination = allAssignments.kelder.estuary.ipv4.address;
+                      Scope = "link";
                        Scope = "link";
                      };
                    }
                  ];
                };
--- a/nixos/boxes/colony/vms/git/gitea-actions.nix
+++ b/nixos/boxes/colony/vms/git/gitea-actions.nix
@@ -35,6 +35,11 @@ in
          ];
          url = "https://git.${pubDomain}";
          tokenFile = config.age.secrets."gitea/actions-runner.env".path;
          settings = {
            runner = {
              timeout = "8h";
            };
          };
        };
      };
    };
--- a/nixos/boxes/colony/vms/shill/containers-ext.nix
+++ b/nixos/boxes/colony/vms/shill/containers-ext.nix
@@ -47,10 +47,10 @@ in
        };
        ipv6Prefixes = [
          {
-            ipv6PrefixConfig.Prefix = prefixes.jam.v6;
+            Prefix = prefixes.jam.v6;
          }
        ];
-        routes = map (r: { routeConfig = r; }) [
+        routes = [
          {
            Destination = prefixes.jam.v4;
            Scope = "link";
--- a/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
+++ b/nixos/boxes/colony/vms/shill/containers/jackflix/default.nix
@@ -94,6 +94,14 @@ in
          };
        };
        nixpkgs.config.permittedInsecurePackages = [
          # FIXME: This is needed for Sonarr
          "aspnetcore-runtime-wrapped-6.0.36"
          "aspnetcore-runtime-6.0.36"
          "dotnet-sdk-wrapped-6.0.428"
          "dotnet-sdk-6.0.428"
        ];
        services = {
          netdata.enable = true;
--- a/nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
+++ b/nixos/boxes/colony/vms/shill/containers/jackflix/networking.nix
@@ -71,14 +71,12 @@ in
              RouteTable = routeTable;
            };
            wireguardPeers = [
              # AirVPN NL
              {
-                # AirVPN NL
+                Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
-                wireguardPeerConfig = {
+                PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
-                  Endpoint = "2a00:1678:1337:2329:e5f:35d4:4404:ef9f:1637";
+                PresharedKeyFile = config.age.secrets."${pskFile}".path;
-                  PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
+                AllowedIPs = [ "0.0.0.0/0" "::/0" ];
                  PresharedKeyFile = config.age.secrets."${pskFile}".path;
                  AllowedIPs = [ "0.0.0.0/0" "::/0" ];
                };
              }
            ];
          };
@@ -94,7 +92,7 @@ in
              matchConfig.Name = "vpn";
              address = [ "10.182.97.37/32" "fd7d:76ee:e68f:a993:735d:ef5e:6907:b122/128" ];
              dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
-              routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
+              routingPolicyRules = [
                {
                  Family = "both";
                  SuppressPrefixLength = 0;
--- a/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
+++ b/nixos/boxes/colony/vms/shill/containers/middleman/vhosts.nix
@@ -35,7 +35,6 @@ let
      # For clients
      (mkWellKnown "matrix/client" (toJSON {
        "m.homeserver".base_url = "https://matrix.nul.ie";
        "org.matrix.msc3575.proxy".url = "https://matrix-syncv3.nul.ie";
      }))
    ];
  };
@@ -182,10 +181,6 @@ in
        ];
        useACMEHost = pubDomain;
      };
      "matrix-syncv3.${pubDomain}" = {
        locations."/".proxyPass = "http://chatterbox-ctr.${domain}:8009";
        useACMEHost = pubDomain;
      };
      "element.${pubDomain}" =
      let
--- a/nixos/boxes/colony/vms/shill/containers/object.nix
+++ b/nixos/boxes/colony/vms/shill/containers/object.nix
@@ -237,7 +237,7 @@ in
            harmonia = {
              enable = true;
-              signKeyPath = config.age.secrets."nix-cache.key".path;
+              signKeyPaths = [ config.age.secrets."nix-cache.key".path ];
              settings = {
                priority = 30;
              };
--- a/nixos/boxes/colony/vms/shill/default.nix
+++ b/nixos/boxes/colony/vms/shill/default.nix
@@ -140,10 +140,10 @@ in
                    };
                    ipv6Prefixes = [
                      {
-                        ipv6PrefixConfig.Prefix = prefixes.ctrs.v6;
+                        Prefix = prefixes.ctrs.v6;
                      }
                    ];
-                    routes = map (r: { routeConfig = r; }) [
+                    routes = [
                      {
                        Destination = lib.my.c.tailscale.prefix.v4;
                        Gateway = allAssignments.waffletail.internal.ipv4.address;
--- a/nixos/boxes/home/castle/default.nix
+++ b/nixos/boxes/home/castle/default.nix
@@ -36,7 +36,7 @@ in
          cpu = {
            amd.updateMicrocode = true;
          };
-          opengl.extraPackages = with pkgs; [
+          graphics.extraPackages = with pkgs; [
            intel-media-driver
          ];
          bluetooth.enable = true;
--- a/nixos/boxes/home/routing-common/default.nix
+++ b/nixos/boxes/home/routing-common/default.nix
@@ -1,7 +1,6 @@
 index: { lib, allAssignments, ... }:
 let
  inherit (builtins) elemAt;
  inherit (lib) concatStringsSep;
  inherit (lib.my) net mkVLAN;
  inherit (lib.my.c) pubDomain;
  inherit (lib.my.c.home) domain vlans prefixes vips routers routersPubV4;
@@ -151,28 +150,6 @@ in
            };
            nginx.enable = true;
            tailscale =
            let
              advRoutes = concatStringsSep "," [
                prefixes.all.v4
                prefixes.all.v6
              ];
            in
            {
              enable = true;
              authKeyFile = config.age.secrets."tailscale-auth.key".path;
              openFirewall = true;
              interfaceName = "tailscale0";
              extraUpFlags = [
                "--operator=${config.my.user.config.name}"
                "--login-server=https://hs.nul.ie"
                "--netfilter-mode=off"
                "--advertise-exit-node"
                "--advertise-routes=${advRoutes}"
                "--accept-routes=false"
              ];
            };
          };
          networking = { inherit domain; };
@@ -299,11 +276,20 @@ in
                  {
                    matchConfig.Name = "as211024";
                    networkConfig.IPv6AcceptRA = mkForce false;
-                    routes = map (r: { routeConfig = r; }) [
+                    routes = [
                      {
                        Destination = lib.my.c.colony.prefixes.all.v4;
                        Gateway = allAssignments.estuary.as211024.ipv4.address;
                      }
                      {
                        Destination = lib.my.c.tailscale.prefix.v4;
                        Gateway = allAssignments.britway.as211024.ipv4.address;
                      }
                      {
                        Destination = lib.my.c.tailscale.prefix.v6;
                        Gateway = allAssignments.britway.as211024.ipv6.address;
                      }
                    ];
                  }
                ];
@@ -315,7 +301,7 @@ in
              {
                "60-lan-hi" = {
-                  routes = map (r: { routeConfig = r; }) [
+                  routes = [
                    {
                      Destination = elemAt routersPubV4 otherIndex;
                      Gateway = net.cidr.host (otherIndex + 1) prefixes.hi.v4;
@@ -330,7 +316,6 @@ in
            secrets = {
              files = {
                "l2mesh/as211024.key" = {};
                "tailscale-auth.key" = {};
              };
            };
@@ -340,7 +325,7 @@ in
              };
            };
            firewall = {
-              trustedInterfaces = [ "lan-hi" "lan-lo" "tailscale0" ];
+              trustedInterfaces = [ "lan-hi" "lan-lo" ];
              udp.allowed = [ 5353 ];
              tcp.allowed = [ 5353 ];
              nat = {
--- a/nixos/boxes/home/routing-common/keepalived.nix
+++ b/nixos/boxes/home/routing-common/keepalived.nix
@@ -61,12 +61,7 @@ in
        v6Alive = pingScriptFor "v6" [ "2606:4700:4700::1111" "2001:4860:4860::8888" "2600::" ];
      };
      vrrpInstances = {
-        v4 = mkVRRP "v4" 51 // {
+        v4 = mkVRRP "v4" 51;
          extraConfig = ''
            notify_master "${config.systemd.package}/bin/systemctl start tailscaled.service" root
            notify_backup "${config.systemd.package}/bin/systemctl stop tailscaled.service" root
          '';
        };
        v6 = (mkVRRP "v6" 52) // {
          extraConfig = ''
            notify_master "${config.systemd.package}/bin/systemctl start radvd.service" root
--- a/nixos/boxes/kelder/containers/acquisition/default.nix
+++ b/nixos/boxes/kelder/containers/acquisition/default.nix
@@ -26,7 +26,7 @@ in
      config = {
        # Hardware acceleration for Jellyfin
-        hardware.opengl = {
+        hardware.graphics = {
          enable = true;
          extraPackages = with pkgs; [
            vaapiIntel
@@ -78,6 +78,14 @@ in
          };
        };
        nixpkgs.config.permittedInsecurePackages = [
          # FIXME: This is needed for Sonarr
          "aspnetcore-runtime-wrapped-6.0.36"
          "aspnetcore-runtime-6.0.36"
          "dotnet-sdk-wrapped-6.0.428"
          "dotnet-sdk-6.0.428"
        ];
        services = {
          transmission = {
            enable = true;
--- a/nixos/boxes/kelder/containers/acquisition/networking.nix
+++ b/nixos/boxes/kelder/containers/acquisition/networking.nix
@@ -73,14 +73,12 @@ in
              RouteTable = routeTable;
            };
            wireguardPeers = [
              # AirVPN IE
              {
-                # AirVPN IE
+                Endpoint = "146.70.94.2:1637";
-                wireguardPeerConfig = {
+                PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
-                  Endpoint = "146.70.94.2:1637";
+                PresharedKeyFile = config.age.secrets."${pskFile}".path;
-                  PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
+                AllowedIPs = [ "0.0.0.0/0" "::/0" ];
                  PresharedKeyFile = config.age.secrets."${pskFile}".path;
                  AllowedIPs = [ "0.0.0.0/0" "::/0" ];
                };
              }
            ];
          };
@@ -97,7 +95,7 @@ in
              matchConfig.Name = "vpn";
              address = [ "10.161.170.28/32" "fd7d:76ee:e68f:a993:b12d:6d15:c80a:9516/128" ];
              dns = [ "10.128.0.1" "fd7d:76ee:e68f:a993::1" ];
-              routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
+              routingPolicyRules = [
                {
                  Family = "both";
                  SuppressPrefixLength = 0;
--- a/nixos/boxes/kelder/default.nix
+++ b/nixos/boxes/kelder/default.nix
@@ -121,8 +121,7 @@ in
            samba = {
              enable = true;
-              enableNmbd = true;
+              settings = {
              shares = {
                storage = {
                  path = "/mnt/storage";
                  browseable = "yes";
@@ -131,6 +130,8 @@ in
                  "directory mask" = "0775";
                };
              };
              nmbd.enable = true;
            };
            samba-wsdd.enable = true;
@@ -180,12 +181,10 @@ in
                  };
                  wireguardPeers = [
                    {
-                      wireguardPeerConfig = {
+                      PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU=";
-                        PublicKey = "bP1XUNxp9i8NLOXhgPaIaRzRwi5APbam44/xjvYcyjU=";
+                      Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}";
-                        Endpoint = "${allAssignments.estuary.internal.ipv4.address}:${toString lib.my.c.kelder.vpn.port}";
+                      AllowedIPs = [ "0.0.0.0/0" ];
-                        AllowedIPs = [ "0.0.0.0/0" ];
+                      PersistentKeepalive = 25;
                        PersistentKeepalive = 25;
                      };
                    }
                  ];
                };
@@ -213,7 +212,7 @@ in
                  address = with assignments.estuary; [
                    (with ipv4; "${address}/${toString mask}")
                  ];
-                  routingPolicyRules = map (r: { routingPolicyRuleConfig = r; }) [
+                  routingPolicyRules = [
                    {
                      Family = "both";
                      SuppressPrefixLength = 0;
--- a/nixos/modules/common.nix
+++ b/nixos/modules/common.nix
@@ -40,6 +40,7 @@ in
      nix = {
        package = pkgs'.mine.nix;
        channel.enable = false;
        settings = with lib.my.c.nix; {
          trusted-users = [ "@wheel" ];
          experimental-features = [ "nix-command" "flakes" "ca-derivations" ];
@@ -144,7 +145,10 @@ in
        fish.enable = mkDefault true;
        # TODO: This is expecting to look up the channel for the database...
        command-not-found.enable = mkDefault false;
-        vim.defaultEditor = true;
+        vim = {
          enable = true;
          defaultEditor = true;
        };
      };
      services = {
@@ -239,9 +243,7 @@ in
    }
    (mkIf config.services.kmscon.enable {
      fonts.fonts = with pkgs; [
-        (nerdfonts.override {
+        nerd-fonts.sauce-code-pro
          fonts = [ "SourceCodePro" ];
        })
      ];
    })
  ];
--- a/nixos/modules/gui.nix
+++ b/nixos/modules/gui.nix
@@ -12,7 +12,7 @@ in
  config = mkIf cfg.enable {
    hardware = {
-      opengl.enable = mkDefault true;
+      graphics.enable = mkDefault true;
    };
    systemd = {
@@ -53,6 +53,8 @@ in
          SUBSYSTEM=="usb", ATTR{idVendor}=="057e", MODE="0664", GROUP="wheel"
          # FT
          SUBSYSTEM=="usb", ATTR{idVendor}=="0403", MODE="0664", GROUP="wheel"
          # /dev/player0
          SUBSYSTEM=="usb", ATTR{idVendor}=="6969", MODE="0664", GROUP="wheel"
        '';
      };
    };
--- a/nixos/modules/l2mesh.nix
+++ b/nixos/modules/l2mesh.nix
@@ -44,10 +44,8 @@ let
      toString (mesh.baseMTU - overhead);
      bridgeFDBs = mapAttrsToList (n: peer: {
-        bridgeFDBConfig = {
+        MACAddress = "00:00:00:00:00:00";
-          MACAddress = "00:00:00:00:00:00";
+        Destination = peer.addr;
          Destination = peer.addr;
        };
      }) otherPeers;
    };
  };
--- a/nixos/modules/netboot/default.nix
+++ b/nixos/modules/netboot/default.nix
@@ -5,10 +5,19 @@ let
  cfg = config.my.netboot;
  ipxe = pkgs.ipxe.overrideAttrs (o: rec {
    version = "1.21.1-unstable-2024-06-27";
    src = pkgs.fetchFromGitHub {
      owner = "ipxe";
      repo = "ipxe";
      rev = "b66e27d9b29a172a097c737ab4d378d60fe01b05";
      hash = "sha256-TKZ4WjNV2oZIYNefch7E7m1JpeoC/d7O1kofoNv8G40=";
    };
  });
  tftpRoot = pkgs.linkFarm "tftp-root" [
    {
      name = "ipxe-x86_64.efi";
-      path = "${pkgs.ipxe}/ipxe.efi";
+      path = "${ipxe}/ipxe.efi";
    }
  ];
  menuFile = pkgs.runCommand "menu.ipxe" {
--- a/nixos/modules/nvme/default.nix
+++ b/nixos/modules/nvme/default.nix
@@ -5,7 +5,15 @@ let
  cfg = config.my.nvme;
  nvme-cli = pkgs.nvme-cli.override {
-    libnvme = pkgs.libnvme.overrideAttrs (o: {
+    libnvme = pkgs.libnvme.overrideAttrs (o: rec {
      # TODO: Remove when 1.11.1 releases (see https://github.com/linux-nvme/libnvme/pull/914)
      version = "1.11.1";
      src = pkgs.fetchFromGitHub {
        owner = "linux-nvme";
        repo = "libnvme";
        rev = "v${version}";
        hash = "sha256-CEGr7PDOVRi210XvICH8iLYDKn8S9bGruBO4tycvsT8=";
      };
      patches = (if (o ? patches) then o.patches else [ ]) ++ [ ./libnvme-hostconf.patch ];
    });
  };
--- a/nixos/modules/tmproot.nix
+++ b/nixos/modules/tmproot.nix
@@ -147,6 +147,15 @@ in
            "/var/lib/systemd"
            { directory = "/root/.cache/nix"; mode = "0700"; }
            # Including these unconditionally due to infinite recursion problems...
            {
              directory = "/etc/lvm/archive";
              mode = "0700";
            }
            {
              directory = "/etc/lvm/backup";
              mode = "0700";
            }
          ];
          files = [
            "/etc/machine-id"
@@ -260,18 +269,6 @@ in
        my.tmproot.persistence.config.files =
          concatMap (k: [ k.path "${k.path}.pub" ]) config.services.openssh.hostKeys;
      })
      (mkIf config.services.lvm.enable {
        my.tmproot.persistence.config.directories = [
          {
            directory = "/etc/lvm/archive";
            mode = "0700";
          }
          {
            directory = "/etc/lvm/backup";
            mode = "0700";
          }
        ];
      })
      (mkIf (config.security.acme.certs != { }) {
        my.tmproot.persistence.config.directories = [
          {
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -8,7 +8,6 @@ in
  vfio-pci-bind = callPackage ./vfio-pci-bind.nix { };
  librespeed-go = callPackage ./librespeed-go.nix { };
  # modrinth-app = callPackage ./modrinth-app { };
  glfw-minecraft = callPackage ./glfw-minecraft { };
  chocolate-doom2xx = callPackage ./chocolate-doom2xx { };
  windowtolayer = callPackage ./windowtolayer.nix { };
  swaylock-plugin = callPackage ./swaylock-plugin.nix { };
--- a/pkgs/glfw-minecraft/default.nix
+++ b/pkgs/glfw-minecraft/default.nix
@@ -1,6 +0,0 @@
 { lib, glfw-wayland-minecraft, ... }:
 glfw-wayland-minecraft.overrideAttrs (o: {
  patches = [
    ./suppress-wayland-errors.patch
  ];
 })
--- a/pkgs/glfw-minecraft/suppress-wayland-errors.patch
+++ b/pkgs/glfw-minecraft/suppress-wayland-errors.patch
@@ -1,43 +0,0 @@
 diff --git a/src/wl_window.c b/src/wl_window.c
 index 7c509896..db9a6451 100644
 --- a/src/wl_window.c
 +++ b/src/wl_window.c
@@ -2115,25 +2115,21 @@ void _glfwSetWindowTitleWayland(_GLFWwindow* window, const char* title)
 void _glfwSetWindowIconWayland(_GLFWwindow* window,
                                int count, const GLFWimage* images)
 {
 -    _glfwInputError(GLFW_FEATURE_UNAVAILABLE,
 -                    "Wayland: The platform does not support setting the window icon");
 +    fprintf(stderr, "!!! Ignoring Error: Wayland: The platform does not support setting the window icon\n");
 }
 void _glfwGetWindowPosWayland(_GLFWwindow* window, int* xpos, int* ypos)
 {
     // A Wayland client is not aware of its position, so just warn and leave it
     // as (0, 0)
 -
 -    _glfwInputError(GLFW_FEATURE_UNAVAILABLE,
 -                    "Wayland: The platform does not provide the window position");
 +    fprintf(stderr, "!!! Ignoring Error: Wayland: The platform does not provide the window position\n");
 }
 void _glfwSetWindowPosWayland(_GLFWwindow* window, int xpos, int ypos)
 {
     // A Wayland client can not set its position, so just warn
 -    _glfwInputError(GLFW_FEATURE_UNAVAILABLE,
 -                    "Wayland: The platform does not support setting the window position");
 +    fprintf(stderr, "!!! Ignoring Error: Wayland: The platform does not support setting the window position\n");
 }
 void _glfwGetWindowSizeWayland(_GLFWwindow* window, int* width, int* height)
@@ -2359,8 +2355,7 @@ void _glfwRequestWindowAttentionWayland(_GLFWwindow* window)
 void _glfwFocusWindowWayland(_GLFWwindow* window)
 {
 -    _glfwInputError(GLFW_FEATURE_UNAVAILABLE,
 -                    "Wayland: The platform does not support setting the input focus");
 +    fprintf(stderr, "!!! Ignoring Error: Wayland: The platform does not support setting the input focus\n");
 }
 void _glfwSetWindowMonitorWayland(_GLFWwindow* window,
--- a/secrets/tailscale-auth.key.age
+++ b/secrets/tailscale-auth.key.age
@@ -1,18 +1,14 @@
 -----BEGIN AGE ENCRYPTED FILE-----
-YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IERMTWVGZyBtay96
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IERMTWVGZyByYlJn
-encxaVJmQWhqenRmVjZkdDVFdnNINENTT0RLUGxsUkdoK1pvMjBjCjUycDh3ZTAr
+aERLcEhadS9jVUlyUmgxWEk5K0U2cE9WUlhCc0ZXbzhDRnZLTERvCmo2Vy9XeFhq
-QnN5MkdaY1ozR1pRNGVVL0pQZWtYMXd0dlo3cnNiQWhjSkUKLT4gc3NoLWVkMjU1
+NTcwdG5PZjlDb1JIM3BYWEVzMlBFWHFmRWt2dkF2OEQ2TDQKLT4gc3NoLWVkMjU1
-MTkgWk5xSW9nIDIvNFZURjZQeW4wRkpqZS9YRXhhRFYwMmx3Mks4czJidFo3elht
+MTkgT0VxTXNnIHROaUlGUExERTZFaU5QL3dBcFpQVWNobGQwSEZ1YTU3NXJkekRi
-ZVhBejQKTXpqUGVHcytSbENoc3hQZ01wcXBQMklMNU1XTnp4TmtvenFoaGphS3Qz
+c0RUMGsKUHg4V0hIdFJ0aGxwOTFhaVB6MUdVWE0wUFgrMjI2am5uZlhWL09ObjhB
-MAotPiBzc2gtZWQyNTUxOSBzK3FSZmcgV2J4TlhYQXVwdisyWmF1QTkzUXUvNEVt
+VQotPiBYMjU1MTkgTWwyQjZjcUFYQ01KUHpoajRrVkpZd0czSzVrMTZxdjVHaHRh
-ZTRoM0ppQVdFZDFsUCtYbnlUUQpqWmYxYTZ3ZnFVYk5SSWN5QUt4MFlUMFFrdDUx
+bERCSjBqSQpYOXJibDZPM2Z6bkNCSGpMRExZT21UTzU0N0RiT2FNM0l3N1pnRkl6
-MjF6b1lDbkVaMElnLzNNCi0+IHNzaC1lZDI1NTE5IE9FcU1zZyByNWNDQkRmMHlD
+WUJBCi0+IE0qLWdyZWFzZSB6TDVwIGRiQm0gajFFIEVqUXcKU3pEOFBqRVQ0dDZi
-NFExRVk3MHhjYnREcXh2ZmVDMnNEaE5lWks2azlHTEVnCnNXQm94eTJPVk1mYmxZ
+REszS1h0T2FnOFF6cHBrN2xtOHdEQkIrCi0tLSBTM3EwNHhDaEo1eldDOTN5dzQz
-U1RqRTE1bDVHNFY2c0VQS1QyQWx6TGRYL01HRzAKLT4gWDI1NTE5IFMrZnlnNTQ1
+Q3Rpeno1K25KRU15L01wU21tczNmdlVJCqHBdFLovtLJGH9IY86pvc3xhpoLnfI/
-UFdQZ0RnRUdiMkNTaXhjRnVFcUpULzJveFNyd2FGcmVJaDAKU2hzZ0NxYzU4ZEgv
+OVAF5RdpR9T2oNCr3oAiVURkPocYXLHnbjZhLKoj3uDoSZAE52VN9l05jhyX1wwY
-VnRqNlJIRmFHSisyWWlaTGVtbDFITHljWGt2b0V3bwotPiBbNFpCbn0tZ3JlYXNl
+/Vfnp48kP8xfbQ==
 IDxDeCBKbiBBP0ImJCBQClJBV2gwUy9ldUU0MUFPczFRTXVEeHR4akZqTEEKLS0t
 IFY1Z0V5Z1Z2U0Q4alFmaFV5bnY3QjRxOTlkTWRRL0hVTlRiWWk2MWdXdVkKS8oI
 z3Eyu1ZdBwLrTINoorZTBBgx8vp5iIdUevCg4dyH3WnkW/DHXZuuRGSH6xiSAroH
 JI5toFkwp3ZHWcodcYNvyP7ECRBsTyuCk7aRPgnZ
 -----END AGE ENCRYPTED FILE-----
Author	SHA1	Message	Date
Jack O'Sullivan	820bb2de5b	lib: River IP update All checks were successful CI / Check, build and cache nixfiles (push) Successful in 1h4m34s Details Installer / Build installer (push) Successful in 5m54s Details	2025-01-01 19:14:04 +00:00
Jack O'Sullivan	7d3ad52a44	devshell: Add `git config safe.directory` for build-n-switch All checks were successful CI / Check, build and cache nixfiles (push) Successful in 1h2m7s Details	2024-12-23 10:32:13 +00:00
Jack O'Sullivan	2cdb98e898	nixos/common: Disable channels All checks were successful CI / Check, build and cache nixfiles (push) Successful in 53m0s Details	2024-12-12 12:38:01 +00:00
Jack O'Sullivan	b717b1ceb4	nixos/gui: Add /dev/player0 VID All checks were successful CI / Check, build and cache nixfiles (push) Successful in 1h1m16s Details	2024-12-11 17:17:33 +00:00
Jack O'Sullivan	f31ce61c2b	Update borgthin All checks were successful CI / Check, build and cache nixfiles (push) Successful in 2h31m34s Details	2024-11-30 19:31:58 +00:00
Jack O'Sullivan	aec22942f7	Update latest Linux kernel to 6.12	2024-11-30 19:31:43 +00:00
Jack O'Sullivan	fc8676c3bb	devshell: Remove deprecated Nix command stuff	2024-11-30 19:19:23 +00:00
Jack O'Sullivan	2915e42a1d	ci: Group CI jobs Some checks failed CI / Check, build and cache nixfiles (push) Failing after 33m39s Details	2024-11-30 18:05:22 +00:00
Jack O'Sullivan	5783d3a51e	Update nixpkgs-stable to 24.11	2024-11-30 17:45:59 +00:00
Jack O'Sullivan	2fe94bba23	nixos/git: Add longer timeout for Gitea actions runner All checks were successful CI / Check, build and cache Nix flake (push) Successful in 2h29m25s Details	2024-11-27 12:29:04 +00:00
Jack O'Sullivan	4b42960d26	home-manager/gui: Update alacritty import setting to new section Some checks failed CI / Check, build and cache Nix flake (push) Failing after 3h1m26s Details	2024-11-26 23:19:58 +00:00
Jack O'Sullivan	56e9abf945	ci: Build and grab path for jobs in separate calls Some checks failed CI / Check, build and cache Nix flake (push) Has been cancelled Details The old build-n-parse seemed to output null sometimes.....	2024-11-26 22:45:19 +00:00
Jack O'Sullivan	4e2c2f92f0	nixos/middleman: Remove config for Matrix sliding sync proxy Some checks failed CI / Check, build and cache Nix flake (push) Failing after 6m29s Details	2024-11-26 22:15:53 +00:00
Jack O'Sullivan	caa208b288	nixos/netboot: Use older version of iPXE for now Some checks failed CI / Check, build and cache Nix flake (push) Failing after 6m33s Details	2024-11-26 22:01:42 +00:00
Jack O'Sullivan	9e6f885c17	ci: Tweak log messages	2024-11-26 22:00:17 +00:00
Jack O'Sullivan	d8ca87bfd8	pkgs: Remove glfw-wayland-minecraft Some checks failed CI / Check, build and cache Nix flake (push) Failing after 6m15s Details	2024-11-26 21:23:50 +00:00
Jack O'Sullivan	e9467e0cc7	ci: Build and cache CI jobs individually Some checks failed CI / Check, build and cache Nix flake (push) Failing after 6m27s Details	2024-11-26 12:37:47 +00:00
Jack O'Sullivan	6c98ef8944	Revert "nixos/home/routing-common: Move Tailscale to home routers" Some checks failed CI / Check, build and cache Nix flake (push) Failing after 1h15m14s Details This reverts commit `7c05b6158f`.	2024-11-26 00:04:43 +00:00
Jack O'Sullivan	18981e240b	nixos/nvme: Update to libnvme v1.11.1 to fix LTS kernels	2024-11-25 23:58:15 +00:00