Fix actions runner in macos

This reverts commit 8402c6f1d2.

dotfiles/config/taffybar/taffybar

@@ -1 +1 @@
-Subproject commit 9c8540a56432db6555755a9a649b4874833520ed
+Subproject commit a82a8a0cffb34b5eae38e46d88f02641bf8a8fe5

dotfiles/emacs.d/.mc-lists.el

@@ -4,6 +4,7 @@
 (setq mc/cmds-to-run-for-all
       '(
         TeX-insert-backslash
+        align
         backward-sexp
         beginning-of-buffer
         beginning-of-visual-line

dotfiles/emacs.d/README.org

@@ -1514,20 +1514,26 @@ https://github.com/alpaker/Fill-Column-Indicator/issues/21 for more details
     (advice-add 'company-call-frontends :before #'fci-on-off-fci-before-company)
     (add-hook 'prog-mode-hook 'fci-mode)))
 #+END_SRC
-** highlight-indent-guides
-If the load-theme hook from this package starts causing trouble check for
-custom-set-faces in your custom file.
-#+BEGIN_SRC emacs-lisp
-(use-package highlight-indent-guides
-  :commands highlight-indent-guides-mode
-  :diminish highlight-indent-guides-mode
-  :preface
-  (progn
-    (add-hook 'prog-mode-hook 'highlight-indent-guides-mode))
+** indent-bars
+#+begin_src emacs-lisp
+(use-package indent-bars
+  :disabled t
+  :straight (indent-bars :type git :host github :repo "jdtsmith/indent-bars")
   :config
-  (progn
-    (setq highlight-indent-guides-method 'fill)))
-#+END_SRC
+  (require 'indent-bars-ts) 		; not needed with straight
+  :custom
+  (indent-bars-treesit-support t)
+  (indent-bars-treesit-ignore-blank-lines-types '("module"))
+  ;; Add other languages as needed
+  (indent-bars-treesit-scope '((python function_definition class_definition for_statement
+	  if_statement with_statement while_statement)))
+  ;; wrap may not be needed if no-descend-list is enough
+  ;; (indent-bars-treesit-wrap '((python argument_list parameters ; for python, as an example
+  ;;   			                      list list_comprehension
+  ;;   			                      dictionary dictionary_comprehension
+  ;;   			                      parenthesized_expression subscript)))
+  :hook ((prog-mode) . indent-bars-mode))
+#+end_src
 ** man-mode
 Man page escape sequences aren't properly handled by emacs pager. This function
 fixes that, but for now, it needs to be run manually, since I haven't figured
@@ -1785,7 +1791,8 @@ bind-key and global-set-key forms.
 
     (defun imalison:do-rg-default-directory (&rest args)
       (interactive)
-      (apply 'consult-ripgrep default-directory args))
+      (let ((consult-ripgrep-args (concat consult-ripgrep-args " --no-ignore" " --hidden")))
+        (apply 'consult-ripgrep default-directory args)))
 
     (emit-prefix-selector imalison:do-rg
       consult-ripgrep
@@ -2316,6 +2323,13 @@ I don't use auto-complete at all, so I have set up a hook to automatically disab
 	(unbind-key "C-j" python-mode-map)
 	(add-hook 'python-mode-hook #'imalison:python-mode)))
 #+END_SRC
+*** ruby
+#+begin_src emacs-lisp
+(use-package ruby-mode
+  :config
+  (setf (alist-get 'ruby-ts-mode apheleia-mode-alist)
+        '(rubocop)))
+#+end_src
 *** go
 #+BEGIN_SRC emacs-lisp
 (use-package go-mode
@@ -3356,7 +3370,8 @@ emr (emacs refactor) provides support for refactoring in many programming langua
           (file-name-directory
            (file-truename (imalison:join-paths eat--install-path "eat.el"))))
     (eat-compile-terminfo)
-    (setq eat-term-shell-integration-directory (imalison:join-paths eat--install-path "integration"))))
+    (setq eat-term-shell-integration-directory
+          (imalison:join-paths eat--install-path "integration"))))
 #+end_src
 ** term
 The main thing I do here is restore a bunch of keybindings that are eliminated
@@ -3640,15 +3655,6 @@ I had to disable this mode because something that it does messes with coding set
   (progn
     (setq dtrt-indent-active-mode-line-info " [⟼]")))
 #+END_SRC
-** indent-guide
-#+BEGIN_SRC emacs-lisp
-(use-package indent-guide
-  :disabled t
-  :config
-  (progn
-    (indent-guide-global-mode -1)
-    (setq indent-guide-delay 0.1)))
-#+END_SRC
 ** rainbow-delimiters
 #+BEGIN_SRC emacs-lisp
 (use-package rainbow-delimiters

dotfiles/emacs.d/snippets/python-mode/inp

@@ -0,0 +1,5 @@
+# -*- mode: snippet -*-
+# name: inp
+# key: inp
+# --
+import numpy as np

dotfiles/emacs.d/snippets/python-mode/isa

@@ -0,0 +1,5 @@
+# -*- mode: snippet -*-
+# name: isa
+# key: isa
+# --
+import sqlalchemy as sa

dotfiles/gitignore

@@ -24,7 +24,6 @@ pom.xml
 TAGS
 
 # Vim
-*.sw*
 *.tmp*
 
 # JavaScript

dotfiles/gtkrc-2.0

@@ -1,20 +0,0 @@
-binding "gtk-emacs-text-entry"
-{
-   bind "<alt>BackSpace" { "delete-from-cursor" (word-ends, -1) }
-}
-
-gtk-theme-name="Paper"
-gtk-icon-theme-name="Paper"
-gtk-font-name="Roboto 11"
-gtk-cursor-theme-name="Paper"
-gtk-cursor-theme-size=0
-gtk-toolbar-style=GTK_TOOLBAR_BOTH
-gtk-toolbar-icon-size=GTK_ICON_SIZE_LARGE_TOOLBAR
-gtk-button-images=1
-gtk-menu-images=1
-gtk-enable-event-sounds=1
-gtk-enable-input-feedback-sounds=1
-gtk-xft-antialias=1
-gtk-xft-hinting=1
-gtk-xft-hintstyle="hintfull"
-

dotfiles/lib/bin/brightness_manager.py

@@ -2,18 +2,25 @@
 import argparse
 import os
 import sys
+import logging
+
+logger = logging.getLogger(__name__)
 
 
 class BrightnessManager(object):
 
     @classmethod
     def find_brightness(cls):
+        items_in_backlight_directory = os.listdir("/sys/class/backlight")
+        if len(items_in_backlight_directory) > 1:
+            logger.warning(f"More than one entry in the backlight directory {items_in_backlight_directory}")
         return cls.from_path(
-            os.path.join("/sys/class/backlight", os.listdir("/sys/class/backlight")[0])
+            os.path.join("/sys/class/backlight", items_in_backlight_directory[0])
         )
 
     @classmethod
     def from_path(cls, path):
+        logger.warning(f"Using path {path}")
         return cls(
             set_brightness_filepath=os.path.join(path, "brightness"),
             actual_brightness_filepath=os.path.join(path, "actual_brightness"),
@@ -21,7 +28,7 @@ class BrightnessManager(object):
         )
 
     def __init__(
-            self, set_brightness_filepath, max_brightness_filepath, actual_brightness_filepath
+        self, set_brightness_filepath, max_brightness_filepath, actual_brightness_filepath
     ):
         self.set_brightness_filepath = set_brightness_filepath
         self.max_brightness_filepath = max_brightness_filepath
@@ -71,6 +78,11 @@ def build_parser():
 
 if __name__ == '__main__':
     args = build_parser().parse_args()
-    BrightnessManager.find_brightness().increment_by_proportion(float(args.change) / 100)
+    symlink_path = os.readlink("/home/imalison/.config/brightness_manager/symlink")
+    if os.path.exists(symlink_path):
+        manager = BrightnessManager.from_path(symlink_path)
+    else:
+        manager = BrightnessManager.find_brightness()
+    manager.increment_by_proportion(float(args.change) / 100)
     if args.do_print:
-        print(int(IntelBrightnessManager.current_proportion * 100))
+        print(int(manager.current_proportion * 100))

dotfiles/lib/functions/ns

@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+
+function nr {
+    sk --ansi -i -c 'nix-search "{}"' | get_cols 1
+}
+
+nr "$@"

nix-darwin/flake.nix

@@ -30,7 +30,7 @@
       networking.hostName = "mac-demarco-mini";
       imports = [ (import ./gitea-actions-runner.nix) ];
       services.gitea-actions-runner = {
-        user = "gitearunner";
+        user = "gitea-runner";
         instances.nix = {
           enable = true;
           name = config.networking.hostName;
@@ -55,7 +55,9 @@
             curl
             direnv
             gawk
+            just
             git-lfs
+            isort
             gitFull
             gnused
             ncdu
@@ -70,7 +72,44 @@
       launchd.daemons.gitea-runner-nix.serviceConfig.EnvironmentVariables = {
         XDG_CONFIG_HOME = "/var/lib/gitea-runner";
         XDG_CACHE_HOME = "/var/lib/gitea-runner/.cache";
+        XDG_RUNTIME_DIR = "/var/lib/gitea-runner/tmp";
       };
+
+      # launchd.daemons.gitea-runner-restarter = {
+      #   serviceConfig = {
+      #     ProgramArguments = [
+      #       "/usr/bin/env"
+      #       "bash"
+      #       "-c"
+      #       ''
+      #         SERVICE_NAME="org.nixos.gitea-runner-nix"
+      #         while true; do
+      #         # Check the second column of launchctl list output for our service
+      #         EXIT_CODE=$(sudo launchctl list | grep "$SERVICE_NAME" | awk '{print $2}')
+      #         if [ -z "$EXIT_CODE" ]; then
+      #         echo "$(date): $SERVICE_NAME is running correctly. Terminating the restarter."
+      #         exit 0
+      #         else
+      #         echo "$(date): $SERVICE_NAME is not running or in error state. Attempting to restart..."
+      #         sudo launchctl bootout system/$SERVICE_NAME 2>/dev/null || true
+      #         sudo launchctl load /Library/LaunchDaemons/$SERVICE_NAME.plist
+      #         sleep 2  # Give the service some time to start
+      #         fi
+      #         done
+      #       ''
+      #     ];
+      #     RunAtLoad = true;
+      #     ThrottleInterval = 300;
+      #   };
+      # };
+
+      launchd.daemons.does-anything-work = {
+        serviceConfig = {
+          ProgramArguments = ["/usr/bin/env" "bash" "-c" "date > /var/log/does-anything-work"];
+          RunAtLoad = true;
+        };
+      };
+
       nixpkgs.overlays = [(import ../nixos/overlay.nix)];
       environment.systemPackages = with pkgs; [
         python-with-my-packages
@@ -113,11 +152,11 @@
       nixpkgs.hostPlatform = "aarch64-darwin";
       users.users.kat.openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.kanivanKeys;
       users.users.gitea-runner = {
-         name = "gitea-runner";
-         isHidden = false;
-         home = "/Users/gitea-runner";
-         createHome = false;
-       };
+        name = "gitea-runner";
+        isHidden = false;
+        home = "/Users/gitea-runner";
+        createHome = false;
+      };
 
       home-manager.useGlobalPkgs = true;      home-manager.useUserPackages = true;
 
@@ -150,6 +189,7 @@
         programs.starship = {
           enable = true;
         };
+        programs.zsh.enable = true;
         home.stateVersion = "24.05";
       };
     };

nix-darwin/gitea-actions-runner.nix

@@ -1,11 +1,13 @@
-{ config, lib, pkgs, ... }:
-
-with lib;
-
-let
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
   cfg = config.services.gitea-actions-runner;
 
-  settingsFormat = pkgs.formats.yaml { };
+  settingsFormat = pkgs.formats.yaml {};
 
   hasDockerScheme = instance:
     instance.labels == [] || any (label: hasInfix ":docker:" label) instance.labels;
@@ -14,9 +16,8 @@ let
   hasHostScheme = instance: any (label: hasSuffix ":host" label) instance.labels;
 
   tokenXorTokenFile = instance:
-    (instance.token == null && instance.tokenFile != null) ||
-    (instance.token != null && instance.tokenFile == null);
-
+    (instance.token == null && instance.tokenFile != null)
+    || (instance.token != null && instance.tokenFile == null);
 in {
   options.services.gitea-actions-runner = {
     package = mkOption {
@@ -66,7 +67,7 @@ in {
           labels = mkOption {
             type = types.listOf types.str;
             default = [];
-            example = [ "macos:host" "x86_64:host" ];
+            example = ["macos:host" "x86_64:host"];
             description = "Labels used to map jobs to their runtime environment.";
           };
 
@@ -75,7 +76,7 @@ in {
             type = types.submodule {
               freeformType = settingsFormat.type;
             };
-            default = { };
+            default = {};
           };
 
           hostPackages = mkOption {
@@ -111,64 +112,65 @@ in {
       description = "Gitea Actions Runner user";
     };
 
-    launchd.daemons = mapAttrs' (name: instance:
-      nameValuePair "gitea-runner-${name}" {
-        serviceConfig = {
-          ProgramArguments = [
-            "${pkgs.writeShellScript "gitea-runner-start-${name}" ''
-              echo "home is $HOME"
-              mkdir -p /var/log/gitea-runner/
-              chown -R ${cfg.user} /var/log/gitea-runner
-              chmod 755 /var/log/gitea-runner
+    launchd.daemons =
+      (mapAttrs' (
+          name: instance:
+            nameValuePair "gitea-runner-${name}" {
+              serviceConfig = {
+                ProgramArguments = [
+                  "/usr/bin/env"
+                  "bash"
+                  "-c"
+                  ''
+                    cd /var/lib/gitea-runner/${name}
+                    exec ${cfg.package}/bin/act_runner daemon --config ${settingsFormat.generate "config.yaml" instance.settings}
+                  ''
+                ];
+                KeepAlive = true;
+                ThrottleInterval = 5;
+                SessionCreate = true;
+                UserName = cfg.user;
+                GroupName = "staff";
+                WorkingDirectory = "/var/lib/gitea-runner/${name}";
+                EnvironmentVariables = {
+                  PATH = (lib.makeBinPath (instance.hostPackages ++ [cfg.package])) + ":/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin";
+                };
+              };
+            }
+        )
+        cfg.instances)
+      // (mapAttrs' (
+          name: instance:
+            nameValuePair "gitea-runner-setup-${name}"
+            {
+              serviceConfig = {
+                EnvironmentVariables =
+                  {}
+                  // optionalAttrs (instance.token != null) {
+                    TOKEN = instance.token;
+                  };
+                RunAtLoad = true;
+                ProgramArguments = [
+                  "${pkgs.writeShellScript "gitea-runner-setup-${name}" ''
+                    mkdir -p /var/lib/gitea-runner/${name}
+                    cd /var/lib/gitea-runner/${name}
+                    if [ ! -e "/var/lib/gitea-runner/${name}/.runner" ]; then
+                        ${cfg.package}/bin/act_runner register --no-interactive \
+                        --instance ${escapeShellArg instance.url} \
+                        --token "$TOKEN" \
+                        --name ${escapeShellArg instance.name} \
+                        --labels ${escapeShellArg (concatStringsSep "," instance.labels)} \
+                        --config ${settingsFormat.generate "config.yaml" instance.settings}
+                    fi
 
-              mkdir -p /var/lib/gitea-runner/${name}
-              chown -R ${cfg.user} /var/lib/gitea-runner
-              chmod 755 /var/lib/gitea-runner
-
-              sudo su - ${cfg.user}
-              echo "STARTING"
-
-              # Register the runner if not already registered
-              if [ ! -e "$HOME/.runner" ]; then
-                ${cfg.package}/bin/act_runner register --no-interactive \
-                  --instance ${escapeShellArg instance.url} \
-                  --token "$TOKEN" \
-                  --name ${escapeShellArg instance.name} \
-                  --labels ${escapeShellArg (concatStringsSep "," instance.labels)} \
-                  --config ${settingsFormat.generate "config.yaml" instance.settings}
-              fi
-
-              # Start the runner
-              exec ${cfg.package}/bin/act_runner daemon --config ${settingsFormat.generate "config.yaml" instance.settings}
-            ''}"
-          ];
-          KeepAlive = true;
-          RunAtLoad = true;
-          SessionCreate = true;
-          UserName = cfg.user;
-          GroupName = "staff";
-          WorkingDirectory = "/var/lib/gitea-runner/${name}";
-          EnvironmentVariables = {
-            PATH = (lib.makeBinPath (instance.hostPackages ++ [ cfg.package ])) + ":/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin";
-          } // optionalAttrs (instance.token != null) {
-            TOKEN = instance.token;
-          };
-        } // optionalAttrs (instance.tokenFile != null) {
-          EnvironmentVariables.__TokenFile = instance.tokenFile;
-        };
-      }
-    ) cfg.instances;
-
-    system.activationScripts.gitea-runner-setup = {
-      text = ''
-        mkdir -p /var/log/gitea-runner/
-        mkdir -p /var/lib/gitea-runner/${name}
-        chown -R ${cfg.user} /var/log/gitea-runner
-        chmod 755 /var/log/gitea-runner
-
-        chown -R ${cfg.user} /var/lib/gitea-runner
-        chmod 755 /var/lib/gitea-runner
-      '';
-    };
+                    # Start the runner
+                    chown -R ${cfg.user} /var/lib/gitea-runner
+                    chown -R ${cfg.user} /var/log/gitea-runner
+                  ''}"
+                ];
+              };
+            }
+        )
+        cfg.instances);
   };
 }

nixos/base.nix

@@ -1,5 +1,5 @@
 { config, pkgs, forEachUser, makeEnable, realUsers, ... }:
-makeEnable config "modules.base" true {
+makeEnable config "myModules.base" true {
   nixpkgs.config.permittedInsecurePackages = [
     "openssl-1.0.2u"
     "electron-12.2.3"
@@ -36,8 +36,7 @@ makeEnable config "modules.base" true {
   };
 
   # Audio
-  sound.enable = true;
-  hardware.pulseaudio.enable = true;
+  hardware.pulseaudio.enable = false;
 
   # Bluetooth
   hardware.bluetooth.enable = true;
@@ -71,5 +70,5 @@ makeEnable config "modules.base" true {
   programs.dconf.enable = true;
 
   home-manager.users = forEachUser (import ./home-manager.nix);
-  nix.settings.trusted-users = realUsers;
+  nix.settings.trusted-users = realUsers ++ ["gitea-runner"];
 }

nixos/ben.nix

@@ -1,5 +1,5 @@
 { pkgs, inputs, config, makeEnable, ... }:
-makeEnable config "modules.ben" true {
+makeEnable config "myModules.ben" true {
   home-manager.backupFileExtension = "backup"; # Add this line
   home-manager.users.ben = {
     programs.zsh = {

nixos/cache-server.nix

@@ -1,10 +1,10 @@
 { config, lib, ... }:
 with lib;
-let cfg = config.modules.cache-server;
+let cfg = config.myModules.cache-server;
 in
 {
   options = {
-    modules.cache-server = {
+    myModules.cache-server = {
       enable = mkEnableOption "nix cache server";
       port = mkOption {
         type = types.int;

nixos/code.nix

@@ -1,5 +1,5 @@
 { pkgs, config, makeEnable, ... }:
-makeEnable config "modules.code" true {
+makeEnable config "myModules.code" true {
   programs.direnv = {
     enable = true;
     nix-direnv.enable = true;

nixos/configuration.nix

@@ -19,10 +19,13 @@
     ./gnome.nix
     ./imalison.nix
     ./internet-computer.nix
+    ./k3s.nix
     ./kat.nix
     ./keybase.nix
+    ./kubelet.nix
     ./nix.nix
     ./nixified.ai.nix
+    ./nvidia.nix
     ./options.nix
     ./plasma.nix
     ./postgres.nix
@@ -42,17 +45,17 @@
   };
 
   config = lib.mkIf config.features.full.enable {
-    modules.base.enable = true;
-    modules.desktop.enable = true;
-    modules.plasma.enable = true;
-    modules.gnome.enable = false;
-    modules.xmonad.enable = true;
-    modules.extra.enable = true;
-    modules.electron.enable = true;
-    modules.code.enable = true;
-    modules.games.enable = true;
-    modules.syncthing.enable = true;
-    modules.fonts.enable = true;
-    modules.nixified-ai.enable = false;
+    myModules.base.enable = true;
+    myModules.desktop.enable = true;
+    myModules.plasma.enable = true;
+    myModules.gnome.enable = false;
+    myModules.xmonad.enable = true;
+    myModules.extra.enable = true;
+    myModules.electron.enable = true;
+    myModules.code.enable = true;
+    myModules.games.enable = true;
+    myModules.syncthing.enable = true;
+    myModules.fonts.enable = true;
+    myModules.nixified-ai.enable = false;
   };
 }

nixos/desktop.nix

@@ -1,5 +1,5 @@
 { config, pkgs, makeEnable, ... }:
-makeEnable config "modules.desktop" true {
+makeEnable config "myModules.desktop" true {
   imports = [
     ./fonts.nix
   ];
@@ -34,7 +34,7 @@ makeEnable config "modules.desktop" true {
 
   environment.systemPackages = with pkgs; [
     # Appearance
-    gnome.adwaita-icon-theme
+    adwaita-icon-theme
     hicolor-icon-theme
     libsForQt5.breeze-gtk
     # materia-theme
@@ -60,8 +60,8 @@ makeEnable config "modules.desktop" true {
 
     feh
     firefox
-    gnome.cheese
-    gnome.gpaste
+    cheese
+    gpaste
     kleopatra
     libnotify
     libreoffice
@@ -70,9 +70,8 @@ makeEnable config "modules.desktop" true {
     networkmanagerapplet
     notify-osd-customizable
     okular
-    picom
     pinentry
-    psensor
+    mission-center
     quassel
     remmina
     rofi
@@ -82,7 +81,7 @@ makeEnable config "modules.desktop" true {
     simplescreenrecorder
     skippy-xd
     synergy
-    transmission-gtk
+    transmission_3-gtk
     vlc
     volnoti
     xfce.thunar

nixos/electron.nix

@@ -1,5 +1,5 @@
 { pkgs, config, makeEnable, forEachUser, ... }:
-makeEnable config "modules.electron" false {
+makeEnable config "myModules.electron" false {
   environment.systemPackages = with pkgs; [
     element-desktop
     # bitwarden

nixos/environment.nix

@@ -34,6 +34,10 @@ with lib;
         eval "$(register-python-argcomplete prod-prb)"
         eval "$(register-python-argcomplete railbird)"
         [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/zsh"
+
+        # Enable bracketed paste
+        autoload -Uz bracketed-paste-magic
+        zle -N bracketed-paste bracketed-paste-magic
       '';
     };
 

nixos/essential.nix

@@ -5,6 +5,7 @@
   environment.systemPackages = with pkgs; [
     automake
     bazel
+    bento4
     bind
     binutils
     cachix
@@ -16,13 +17,12 @@
     emacs
     fd
     ffmpeg
-    bento4
     file
     gawk
     gcc
     gdb
-    git-lfs
     git-fame
+    git-lfs
     git-sync
     gitFull
     glxinfo
@@ -42,6 +42,7 @@
     neofetch
     neovim
     nix-index
+    nix-search-cli
     pass
     patchelf
     pciutils
@@ -51,8 +52,9 @@
     rcm
     ripgrep
     silver-searcher
-    sysz
+    skim
     sshfs
+    sysz
     tmux
     tzupdate
     udiskie

nixos/extra.nix

@@ -1,5 +1,5 @@
 { config, pkgs, makeEnable, ... }:
-makeEnable config "modules.extra" false {
+makeEnable config "myModules.extra" false {
   services.expressvpn.enable = true;
   programs.hyprland.enable = true;
 

nixos/flake.lock

@@ -8,11 +8,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1715290355,
-        "narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=",
+        "lastModified": 1723293904,
+        "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "8d37c5bdeade12b6479c85acd133063ab53187a0",
+        "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
         "type": "github"
       },
       "original": {
@@ -93,11 +93,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1673956053,
-        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
         "type": "github"
       },
       "original": {
@@ -162,11 +162,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1712014858,
-        "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
+        "lastModified": 1719994518,
+        "narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
+        "rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
         "type": "github"
       },
       "original": {
@@ -217,6 +217,45 @@
         "type": "indirect"
       }
     },
+    "flake-parts_4": {
+      "inputs": {
+        "nixpkgs-lib": "nixpkgs-lib"
+      },
+      "locked": {
+        "lastModified": 1701473968,
+        "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "type": "github"
+      }
+    },
+    "flake-parts_5": {
+      "inputs": {
+        "nixpkgs-lib": [
+          "nixtheplanet",
+          "hercules-ci-effects",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1696343447,
+        "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
+        "owner": "hercules-ci",
+        "repo": "flake-parts",
+        "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
+        "type": "github"
+      },
+      "original": {
+        "id": "flake-parts",
+        "type": "indirect"
+      }
+    },
     "flake-utils": {
       "inputs": {
         "systems": [
@@ -224,11 +263,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "lastModified": 1726560853,
+        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
         "type": "github"
       },
       "original": {
@@ -238,12 +277,15 @@
       }
     },
     "flake-utils_2": {
+      "inputs": {
+        "systems": "systems_2"
+      },
       "locked": {
-        "lastModified": 1667395993,
-        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
+        "lastModified": 1726560853,
+        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
+        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
         "type": "github"
       },
       "original": {
@@ -253,24 +295,6 @@
       }
     },
     "flake-utils_3": {
-      "inputs": {
-        "systems": "systems_2"
-      },
-      "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_4": {
       "inputs": {
         "systems": "systems_3"
       },
@@ -288,7 +312,7 @@
         "type": "github"
       }
     },
-    "flake-utils_5": {
+    "flake-utils_4": {
       "inputs": {
         "systems": "systems_5"
       },
@@ -306,7 +330,7 @@
         "type": "github"
       }
     },
-    "flake-utils_6": {
+    "flake-utils_5": {
       "inputs": {
         "systems": "systems_7"
       },
@@ -324,7 +348,7 @@
         "type": "github"
       }
     },
-    "flake-utils_7": {
+    "flake-utils_6": {
       "inputs": {
         "systems": "systems_8"
       },
@@ -390,6 +414,37 @@
         "url": "https://hackage.haskell.org/package/fourmolu-0.12.0.0/fourmolu-0.12.0.0.tar.gz"
       }
     },
+    "git-hooks-nix": {
+      "inputs": {
+        "flake-compat": [
+          "nix"
+        ],
+        "gitignore": [
+          "nix"
+        ],
+        "nixpkgs": [
+          "nix",
+          "nixpkgs"
+        ],
+        "nixpkgs-stable": [
+          "nix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1721042469,
+        "narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
+        "rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
+        "type": "github"
+      }
+    },
     "git-ignore-nix": {
       "inputs": {
         "nixpkgs": [
@@ -566,7 +621,7 @@
     "haskell-language-server": {
       "inputs": {
         "flake-compat": "flake-compat_3",
-        "flake-utils": "flake-utils_4",
+        "flake-utils": "flake-utils_3",
         "fourmolu-011": "fourmolu-011",
         "fourmolu-012": "fourmolu-012",
         "gitignore": "gitignore",
@@ -578,7 +633,7 @@
         "lsp": "lsp",
         "lsp-test": "lsp-test",
         "lsp-types": "lsp-types",
-        "nixpkgs": "nixpkgs_6",
+        "nixpkgs": "nixpkgs_8",
         "ormolu-052": "ormolu-052",
         "ormolu-07": "ormolu-07",
         "stylish-haskell-0145": "stylish-haskell-0145"
@@ -601,7 +656,7 @@
     "haskell-language-server_2": {
       "inputs": {
         "flake-compat": "flake-compat_4",
-        "flake-utils": "flake-utils_6",
+        "flake-utils": "flake-utils_5",
         "fourmolu-011": "fourmolu-011_2",
         "fourmolu-012": "fourmolu-012_2",
         "gitignore": "gitignore_2",
@@ -613,7 +668,7 @@
         "lsp": "lsp_2",
         "lsp-test": "lsp-test_2",
         "lsp-types": "lsp-types_2",
-        "nixpkgs": "nixpkgs_8",
+        "nixpkgs": "nixpkgs_10",
         "ormolu-052": "ormolu-052_2",
         "ormolu-07": "ormolu-07_2",
         "stylish-haskell-0145": "stylish-haskell-0145_2"
@@ -655,6 +710,25 @@
         "type": "github"
       }
     },
+    "hercules-ci-effects_2": {
+      "inputs": {
+        "flake-parts": "flake-parts_5",
+        "nixpkgs": "nixpkgs_6"
+      },
+      "locked": {
+        "lastModified": 1701009247,
+        "narHash": "sha256-GuX16rzRze2y7CsewJLTV6qXkXWyEwp6VCZXi8HLruU=",
+        "owner": "hercules-ci",
+        "repo": "hercules-ci-effects",
+        "rev": "31b6cd7569191bfcd0a548575b0e2ef953ed7d09",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "hercules-ci-effects",
+        "type": "github"
+      }
+    },
     "hiedb": {
       "flake": false,
       "locked": {
@@ -765,11 +839,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1715380449,
-        "narHash": "sha256-716+f9Rj3wjSyD1xitCv2FcYbgPz1WIVDj+ZBclH99Y=",
+        "lastModified": 1727381010,
+        "narHash": "sha256-2PqUwnZXjYiPUm5A4d8Z31mvLS4lvUeV/9gUhSMmNR4=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d7682620185f213df384c363288093b486b2883f",
+        "rev": "853e7bd24f875bac2e3a0cf72f993e917d0f8cf5",
         "type": "github"
       },
       "original": {
@@ -846,15 +920,16 @@
     "libgit2": {
       "flake": false,
       "locked": {
-        "lastModified": 1697646580,
-        "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
+        "lastModified": 1715853528,
+        "narHash": "sha256-J2rCxTecyLbbDdsyBWn9w7r3pbKRMkI9E7RvRgAqBdY=",
         "owner": "libgit2",
         "repo": "libgit2",
-        "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
+        "rev": "36f7e21ad757a3dacc58cf7944329da6bc1d6e96",
         "type": "github"
       },
       "original": {
         "owner": "libgit2",
+        "ref": "v1.8.1",
         "repo": "libgit2",
         "type": "github"
       }
@@ -935,17 +1010,18 @@
       "inputs": {
         "flake-compat": "flake-compat",
         "flake-parts": "flake-parts",
+        "git-hooks-nix": "git-hooks-nix",
         "libgit2": "libgit2",
         "nixpkgs": "nixpkgs_2",
-        "nixpkgs-regression": "nixpkgs-regression",
-        "pre-commit-hooks": "pre-commit-hooks"
+        "nixpkgs-23-11": "nixpkgs-23-11",
+        "nixpkgs-regression": "nixpkgs-regression"
       },
       "locked": {
-        "lastModified": 1715361977,
-        "narHash": "sha256-j/PLYYGs+Gjge4JGYxMjOhWQEp+GB4Fdicetbpmp6n0=",
+        "lastModified": 1727380702,
+        "narHash": "sha256-1YUAqvZc9YOUERyPiaOGYEg2fIf20+yIWGhzB0Ke6j8=",
         "owner": "NixOS",
         "repo": "nix",
-        "rev": "87ab3c0ea4e6f85e7b902050365bb75cf2836fbb",
+        "rev": "0ed67e5b7ee9ad8fae162e1b10b25d22ada2b1f3",
         "type": "github"
       },
       "original": {
@@ -977,15 +1053,16 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1707802617,
-        "narHash": "sha256-29HCocTg8aPr6gaY6VHNxJQpZQJ6GAqjFsKPqNFj5qo=",
+        "lastModified": 1719989395,
+        "narHash": "sha256-AppMOCCJ6LYteg4mvlf0xQV+cc9a4iehRWxTOHewouA=",
         "owner": "colonelpanic8",
         "repo": "nixos-hardware",
-        "rev": "cb96be8513e2959110c7f90ae5d61ca5aff35862",
+        "rev": "a91e03ef13614285d5d476fbf2f096ce65de0a71",
         "type": "github"
       },
       "original": {
         "owner": "colonelpanic8",
+        "ref": "add-g834jzr",
         "repo": "nixos-hardware",
         "type": "github"
       }
@@ -993,15 +1070,15 @@
     "nixos-wsl": {
       "inputs": {
         "flake-compat": "flake-compat_2",
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_2",
         "nixpkgs": "nixpkgs_4"
       },
       "locked": {
-        "lastModified": 1715237610,
-        "narHash": "sha256-/ZeWQ4mL3DfHsbTZYc80qMrL4vBfENP0RiGv2KrCrEo=",
+        "lastModified": 1727091786,
+        "narHash": "sha256-n36Vtdtx7tTTKFI9aoWxdNIlJ2dwxoitFDwcPXrS+Jk=",
         "owner": "nix-community",
         "repo": "NixOS-WSL",
-        "rev": "61fe33f4194bbbc48c090a2e79f4eb61b47c9b75",
+        "rev": "1fcec53c692c15091ca5bb9eaf86a2cac6c53278",
         "type": "github"
       },
       "original": {
@@ -1026,6 +1103,40 @@
         "type": "github"
       }
     },
+    "nixpkgs-23-11": {
+      "locked": {
+        "lastModified": 1717159533,
+        "narHash": "sha256-oamiKNfr2MS6yH64rUn99mIZjc45nGJlj9eGth/3Xuw=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a62e6edd6d5e1fa0329b8653c801147986f8d446",
+        "type": "github"
+      }
+    },
+    "nixpkgs-lib": {
+      "locked": {
+        "dir": "lib",
+        "lastModified": 1701253981,
+        "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58",
+        "type": "github"
+      },
+      "original": {
+        "dir": "lib",
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs-regression": {
       "locked": {
         "lastModified": 1643052045,
@@ -1042,33 +1153,48 @@
         "type": "github"
       }
     },
-    "nixpkgs-regression_2": {
+    "nixpkgs_10": {
       "locked": {
-        "lastModified": 1715484633,
-        "narHash": "sha256-Es5etYksi9VsAZSBKZe4rdyi9L000MEx9lFb3TF6Eo8=",
+        "lastModified": 1686874404,
+        "narHash": "sha256-u2Ss8z+sGaVlKtq7sCovQ8WvXY+OoXJmY1zmyxITiaY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "25e9a6d07dd142bafd94603208a59c107e8f2905",
+        "rev": "efc10371d5c5b8d2d58bab6c1100753efacfe550",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
+        "ref": "haskell-updates",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
-    "nixpkgs_2": {
+    "nixpkgs_11": {
       "locked": {
-        "lastModified": 1709083642,
-        "narHash": "sha256-7kkJQd4rZ+vFrzWu8sTRtta5D1kBG0LSRYAfhtmMlSo=",
+        "lastModified": 1682134069,
+        "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b550fe4b4776908ac2a861124307045f8e717c8e",
+        "rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1723688146,
+        "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "release-23.11",
+        "ref": "nixos-24.05",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -1091,27 +1217,27 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1714782413,
-        "narHash": "sha256-tbg0MEuKaPcUrnmGCu4xiY5F+7LW2+ECPKVAJd2HLwM=",
+        "lastModified": 1726838390,
+        "narHash": "sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "651b4702e27a388f0f18e1b970534162dec09aff",
+        "rev": "944b2aea7f0a2d7c79f72468106bc5510cbf5101",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-23.11",
+        "ref": "nixos-24.05",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1715266358,
-        "narHash": "sha256-doPgfj+7FFe9rfzWo1siAV2mVCasW+Bh8I1cToAXEE4=",
+        "lastModified": 1727122398,
+        "narHash": "sha256-o8VBeCWHBxGd4kVMceIayf5GApqTavJbTa44Xcg5Rrk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "f1010e0469db743d14519a1efd37e23f8513d714",
+        "rev": "30439d93eb8b19861ccbe3e581abf97bdc91b093",
         "type": "github"
       },
       "original": {
@@ -1123,31 +1249,31 @@
     },
     "nixpkgs_6": {
       "locked": {
-        "lastModified": 1686874404,
-        "narHash": "sha256-u2Ss8z+sGaVlKtq7sCovQ8WvXY+OoXJmY1zmyxITiaY=",
+        "lastModified": 1697723726,
+        "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "efc10371d5c5b8d2d58bab6c1100753efacfe550",
+        "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "haskell-updates",
+        "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
     "nixpkgs_7": {
       "locked": {
-        "lastModified": 1709703039,
-        "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
-        "owner": "NixOS",
+        "lastModified": 1703255338,
+        "narHash": "sha256-Z6wfYJQKmDN9xciTwU3cOiOk+NElxdZwy/FiHctCzjU=",
+        "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
+        "rev": "6df37dc6a77654682fe9f071c62b4242b5342e04",
         "type": "github"
       },
       "original": {
-        "owner": "NixOS",
+        "owner": "nixos",
         "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
@@ -1171,16 +1297,39 @@
     },
     "nixpkgs_9": {
       "locked": {
-        "lastModified": 1682134069,
-        "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
+        "lastModified": 1709703039,
+        "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "fd901ef4bf93499374c5af385b2943f5801c0833",
+        "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
         "type": "github"
       },
       "original": {
-        "id": "nixpkgs",
-        "type": "indirect"
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixtheplanet": {
+      "inputs": {
+        "flake-parts": "flake-parts_4",
+        "hercules-ci-effects": "hercules-ci-effects_2",
+        "nixpkgs": "nixpkgs_7",
+        "osx-kvm": "osx-kvm"
+      },
+      "locked": {
+        "lastModified": 1727105240,
+        "narHash": "sha256-FEuqbcZ4TDUMwCpTA/E3J5L7pLD4U+zXPnZbmXSmaJo=",
+        "owner": "matthewcroughan",
+        "repo": "nixtheplanet",
+        "rev": "2f622af217807da78e44a5a15f620743dac57f46",
+        "type": "github"
+      },
+      "original": {
+        "owner": "matthewcroughan",
+        "repo": "nixtheplanet",
+        "type": "github"
       }
     },
     "notifications-tray-icon": {
@@ -1258,50 +1407,34 @@
         "url": "https://hackage.haskell.org/package/ormolu-0.7.1.0/ormolu-0.7.1.0.tar.gz"
       }
     },
-    "pre-commit-hooks": {
-      "inputs": {
-        "flake-compat": [
-          "nix"
-        ],
-        "flake-utils": "flake-utils_2",
-        "gitignore": [
-          "nix"
-        ],
-        "nixpkgs": [
-          "nix",
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": [
-          "nix",
-          "nixpkgs"
-        ]
-      },
+    "osx-kvm": {
+      "flake": false,
       "locked": {
-        "lastModified": 1712897695,
-        "narHash": "sha256-nMirxrGteNAl9sWiOhoN5tIHyjBbVi5e2tgZUgZlK3Y=",
-        "owner": "cachix",
-        "repo": "pre-commit-hooks.nix",
-        "rev": "40e6053ecb65fcbf12863338a6dcefb3f55f1bf8",
+        "lastModified": 1701316418,
+        "narHash": "sha256-Sk8LYhFovoMX1ln7DWYArJQphW2a4h8Xg7/ZEZXwZv4=",
+        "owner": "kholia",
+        "repo": "OSX-KVM",
+        "rev": "09daff670a7eb9ff616073df329586c5995623a9",
         "type": "github"
       },
       "original": {
-        "owner": "cachix",
-        "repo": "pre-commit-hooks.nix",
+        "owner": "kholia",
+        "repo": "OSX-KVM",
         "type": "github"
       }
     },
     "railbird-secrets": {
       "inputs": {
         "agenix": "agenix_2",
-        "flake-utils": "flake-utils_5",
-        "nixpkgs": "nixpkgs_7"
+        "flake-utils": "flake-utils_4",
+        "nixpkgs": "nixpkgs_9"
       },
       "locked": {
-        "lastModified": 1718069159,
-        "narHash": "sha256-L66mczMl8BPLwZrTVKrXMZRyxHiPvA3CHywbsQyFHW0=",
+        "lastModified": 1726075726,
+        "narHash": "sha256-eQPDAzUJg8fwqiCyWsKxtHV+G1LGJKs9X3ZtOzytuDE=",
         "ref": "refs/heads/master",
-        "rev": "609f1d32fd1112068d97df0f7d4de82cec878002",
-        "revCount": 52,
+        "rev": "70d8ffd3f3b79b97477ae0655524273bb098b6c5",
+        "revCount": 86,
         "type": "git",
         "url": "ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git"
       },
@@ -1324,7 +1457,7 @@
         "nixos-hardware": "nixos-hardware",
         "nixos-wsl": "nixos-wsl",
         "nixpkgs": "nixpkgs_5",
-        "nixpkgs-regression": "nixpkgs-regression_2",
+        "nixtheplanet": "nixtheplanet",
         "notifications-tray-icon": "notifications-tray-icon",
         "railbird-secrets": "railbird-secrets",
         "status-notifier-item": "status-notifier-item",
@@ -1567,6 +1700,7 @@
       },
       "original": {
         "owner": "taffybar",
+        "ref": "old-master",
         "repo": "taffybar",
         "type": "github"
       }
@@ -1590,11 +1724,11 @@
     },
     "unstable": {
       "locked": {
-        "lastModified": 1715266358,
-        "narHash": "sha256-doPgfj+7FFe9rfzWo1siAV2mVCasW+Bh8I1cToAXEE4=",
+        "lastModified": 1727122398,
+        "narHash": "sha256-o8VBeCWHBxGd4kVMceIayf5GApqTavJbTa44Xcg5Rrk=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "f1010e0469db743d14519a1efd37e23f8513d714",
+        "rev": "30439d93eb8b19861ccbe3e581abf97bdc91b093",
         "type": "github"
       },
       "original": {
@@ -1606,8 +1740,8 @@
     },
     "vscode-server": {
       "inputs": {
-        "flake-utils": "flake-utils_7",
-        "nixpkgs": "nixpkgs_9"
+        "flake-utils": "flake-utils_6",
+        "nixpkgs": "nixpkgs_11"
       },
       "locked": {
         "lastModified": 1713958148,
@@ -1637,11 +1771,11 @@
         "unstable": "unstable"
       },
       "locked": {
-        "lastModified": 1714229485,
-        "narHash": "sha256-AOy87dJL0T9wSe1kM0tTzFlV++JwmoGW4BfBXzIUbsI=",
+        "lastModified": 1726451364,
+        "narHash": "sha256-6WKgYq0+IzPSXxVl1MfODIVwEbd3Sw0zc5sMSOyzA8I=",
         "owner": "xmonad",
         "repo": "xmonad",
-        "rev": "cde1a25bca9b7aeeb24af73588221f5f54ae770b",
+        "rev": "a4140b93497333ec7f3127ee4dabcb8ae8a721b6",
         "type": "github"
       },
       "original": {

nixos/flake.nix

@@ -1,9 +1,10 @@
 {
   inputs = {
+    nixtheplanet.url = "github:matthewcroughan/nixtheplanet";
     railbird-secrets = {
       url = "git+ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git";
     };
-    nixos-hardware = { url = "github:colonelpanic8/nixos-hardware"; };
+    nixos-hardware = { url = "github:colonelpanic8/nixos-hardware/add-g834jzr"; };
 
     nixpkgs = {
       url = "github:NixOS/nixpkgs/nixos-unstable";
@@ -34,7 +35,7 @@
     };
 
     taffybar = {
-      url = "github:taffybar/taffybar";
+      url = "github:taffybar/taffybar/old-master";
       inputs = {
         nixpkgs.follows = "nixpkgs";
         flake-utils.follows = "flake-utils";
@@ -104,8 +105,6 @@
 
     vscode-server.url = "github:nix-community/nixos-vscode-server";
 
-    nixpkgs-regression = { url = "github:NixOS/nixpkgs"; };
-
     nixified-ai = { url = "github:nixified-ai/flake"; };
 
     nixos-wsl = { url = "github:nix-community/NixOS-WSL"; };
@@ -114,7 +113,7 @@
   };
 
   outputs = inputs@{
-    self, nixpkgs, nixos-hardware, home-manager, taffybar, xmonad,
+    self, nixpkgs, nixos-hardware, home-manager, taffybar, xmonad, nixtheplanet,
     xmonad-contrib, notifications-tray-icon, nix, agenix, imalison-taffybar, ...
   }:
   let
@@ -126,7 +125,7 @@
       name = machineNameFromFilename filename;
       value = {
         modules = [
-          (machinesFilepath + ("/" + filename)) agenix.nixosModules.default
+          (machinesFilepath + ("/" + filename)) agenix.nixosModules.default nixtheplanet.nixosModules.macos-ventura
         ];
       };
     };

nixos/fonts.nix

@@ -1,5 +1,5 @@
 { pkgs, makeEnable, config, ... }:
-makeEnable config "modules.fonts" true {
+makeEnable config "myModules.fonts" true {
   # Enable the gtk icon cache
   gtk.iconCache.enable = true;
 

nixos/games.nix

@@ -1,5 +1,5 @@
 { config, pkgs, makeEnable, ... }:
-makeEnable config "modules.games" false {
+makeEnable config "myModules.games" false {
   environment.systemPackages = with pkgs; [
     steam
     # heroic

nixos/gitea-runner.nix

@@ -1,7 +1,7 @@
 { pkgs, config, makeEnable, ... }:
-makeEnable config "modules.gitea-runner" false {
+makeEnable config "myModules.gitea-runner" false {
   age.secrets.gitea-runner-token = {
-    file = ./secrets/gitea-runner-token.${config.networking.hostName}.age;
+    file = ./secrets/gitea-runner-token.age;
     group = "docker";
   };
 

nixos/gitea.nix

@@ -1,5 +1,5 @@
 { config, makeEnable, ... }:
-makeEnable config "modules.gitea" false {
+makeEnable config "myModules.gitea" false {
 
   services.gitea = {
     enable = true;
@@ -13,6 +13,7 @@ makeEnable config "modules.gitea" false {
       SSH_PORT = 1123;
       HTTP_PORT = 3001;
       ROOT_URL = "https://dev.railbird.ai";
+      DISABLE_REGISTRATION = true;
     };
     settings.actions = {
       ENABLED = true;

nixos/gnome.nix

@@ -1,5 +1,5 @@
 { config, makeEnable, ... }:
-makeEnable config "modules.gnome" false {
+makeEnable config "myModules.gnome" false {
   services.xserver = {
     desktopManager.gnome.enable = true;
     displayManager.gdm.enable = true;

nixos/home-manager.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, specialArgs, ... }:
+{ pkgs, ... }:
 {
   xsession = {
     enable = true;

nixos/k3s.nix

@@ -0,0 +1,96 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+with lib; let
+  cfg = config.myModules.railbird-k3s;
+  mount-path = "/var/lib/railbird/bucket";
+  bucket-name = "railbird-dev-videos";
+in {
+  options = {
+    myModules.railbird-k3s = {
+      enable = mkEnableOption "railbird k3s";
+      serverAddr = mkOption {
+        type = lib.types.str;
+        default = "";
+      };
+    };
+  };
+  config = mkIf cfg.enable {
+    age.secrets."1896Folsom-k3s-token.age".file = ./secrets/1896Folsom-k3s-token.age;
+    age.secrets."k3s-registry.yaml.age".file = ./secrets/k3s-registry.yaml.age;
+    age.secrets.api-service-key = {
+      file = ./secrets/api_service_account_key.json.age;
+      owner = "railbird";
+      group = "users";
+    };
+    environment.etc."rancher/k3s/registries.yaml".source = config.age.secrets."k3s-registry.yaml.age".path;
+    services.dockerRegistry = {
+      enable = true;
+      listenAddress = "0.0.0.0";
+      port = 5279;
+      enableDelete = true;
+      enableGarbageCollect = true;
+    };
+    systemd.services.mount-railbird-bucket = {
+      after = ["agenix.service"];
+      description = "Mount railbird bucket";
+      serviceConfig = {
+        Type = "simple";
+        RemainAfterExit = true;
+        ExecStartPre = [
+          "-${pkgs.util-linux}/bin/umount -f ${mount-path}"
+          "${pkgs.coreutils}/bin/mkdir -p ${mount-path}"
+          "${pkgs.coreutils}/bin/chown railbird:users ${mount-path}"
+          "${pkgs.coreutils}/bin/chmod 0775 ${mount-path}"
+        ];
+        ExecStart = "${pkgs.gcsfuse}/bin/gcsfuse --implicit-dirs --key-file ${config.age.secrets.api-service-key.path} ${bucket-name} ${mount-path}";
+        User = "root";
+      };
+    };
+
+    services.k3s = {
+      enable = true;
+      clusterInit = cfg.serverAddr == "";
+      serverAddr = cfg.serverAddr;
+      configPath = pkgs.writeTextFile {
+        name = "k3s-config.yaml";
+        text = ''
+          kubelet-arg:
+          - "eviction-hard=nodefs.available<2Gi"
+          - "eviction-soft=nodefs.available<5Gi"
+          - "eviction-soft-grace-period=nodefs.available=5m"
+        '';
+      };
+      tokenFile = config.age.secrets."1896Folsom-k3s-token.age".path;
+      extraFlags = [
+        "--tls-san ryzen-shine.local"
+        "--tls-san nixquick.local"
+        "--tls-san biskcomp.local"
+        "--tls-san jimi-hendnix.local"
+        "--tls-san dev.railbird.ai"
+        "--node-label nixos-nvidia-cdi=enabled"
+      ];
+      containerdConfigTemplate = ''
+        {{ template "base" . }}
+
+        [plugins]
+        "io.containerd.grpc.v1.cri".enable_cdi = true
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia]
+        privileged_without_host_devices = false
+        runtime_engine = ""
+        runtime_root = ""
+        runtime_type = "io.containerd.runc.v2"
+
+        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.nvidia.options]
+        BinaryName = "/run/current-system/sw/bin/nvidia-container-runtime"
+      '';
+      gracefulNodeShutdown = {
+        enable = true;
+      };
+    };
+  };
+}

nixos/kat.nix

@@ -1,10 +1,11 @@
 { pkgs, inputs, config, makeEnable, ... }:
-makeEnable config "modules.kat" false {
+makeEnable config "myModules.kat" false {
   environment.systemPackages = with pkgs; [
     bitwarden
     obsidian
     obs-studio
     ffmpeg
+    code-cursor
   ];
 
   environment.extraInit = ''

nixos/keys.nix

@@ -56,4 +56,6 @@ rec {
   benKeys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ6lD0c+frh2vzQjvsrsmJpwM1ovaY59m5NNPml5G+E benjamin.j.corner@gmail.com"
   ];
+  interviewKeys = [
+  ];
 }

nixos/kubelet-client.crt

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDyTCCAjGgAwIBAgIRAMQBZiVjA5BGSkDldScI9cMwDQYJKoZIhvcNAQELBQAw
+LzEtMCsGA1UEAxMkM2I2N2M2NzgtNzI5My00YTIzLTg3ZWItY2NiMTZjYWFkMzFm
+MB4XDTI0MDkyOTIwNTAzNloXDTI5MDkyODIwNTIzNlowOTEVMBMGA1UEChMMc3lz
+dGVtOm5vZGVzMSAwHgYDVQQDExdzeXN0ZW06bm9kZTpyeXplbi1zaGluZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIOfbq05IIdgX2jXYLaEt66rkXp
+NlqPNfh6v9nL1Aw6PSM3DEIWXVko8AyduRF4kXNO6xc6l/Rzk03w3qSvJpWpALGD
+JjslgRL4VJWUC6/QydsCO9io7SoUEmXFtDcsW6DftFejosr+56ZnVFrz5MMzfUAL
+Ix6n83NJvXZ8f9oHSX8TFW34ZClLxDq2fprFIs+D2QlFRE50Jr/Q8gPI2OSQDUBW
+DFdQrjt81bLs6doQipUqvHb4/Ms49agHek1ceWIMf+KZWoao5KNQTBe6XL2BUgA/
+MS3ZvQppDDTygA0QkgdtOJyG2lsrAmd7LEXTr9ilsqLV3YQMMKhCifwINa0CAwEA
+AaNWMFQwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1Ud
+EwEB/wQCMAAwHwYDVR0jBBgwFoAUjvcbOeZ4QIk53EkATOaOFiAZUq0wDQYJKoZI
+hvcNAQELBQADggGBAELWgmdmg9TKjDDqmF6pYr1j43gZYclXW4sB509itSiIeltX
+Isrvn5R5ok0W5Jcl+7QMhpntqIKJi26OqbcdBhqlaVURkBkbrx8aegkWJfPO+Fzz
+NyyiIpk7KQzGy6N5//jfMPZtJfQEQZwMenW0cj7F0QHOdVZy90+JNr2P3uV3Ad7u
+WZuYpbOFjOeQg1hJsX8wEU4KJyptn/kXhM+CqAnQ4S+k2wpjECD8KpWKAmpJWZg0
+RaBPyHZSmWnbXqs4LU6ERaZJxZQG0ODuA18DmGfaAkUUUvE2J0ploc2Y8Xl4zUWW
+Ivwslyx30YO3J9qI30d9tTQw/A0vHCoDNDbCg7lorZqP3TiTG9ANLndPqqg6inYU
+yfj612//JrO8w/4qh7cxR03P35aK0paLC74FaKLtZ5CwPK3BAW/0Zhv5fH4io6hE
+rfJmcjhbKD0Cwr9Dn6wVFz/a33H+0vMohHrVlDk4bSDIymbuJcZpYgR8n5WNQbGu
+nwjiLXCnVxcVjkcj2w==
+-----END CERTIFICATE-----

nixos/kubelet.nix

@@ -0,0 +1,22 @@
+{ config, pkgs, makeEnable, ... }:
+makeEnable config "myModules.kubelet" false {
+  age.secrets."api_service_account_key.json.age".file = ./secrets/api_service_account_key.json.age;
+  services.kubernetes.kubelet = {
+    enable = true;
+    kubeconfig = {
+      server = "https://34.31.205.230";
+      caFile = ./railbird-kubernetes.crt;
+      certFile = ./kubelet-client.crt;
+      keyFile = config.age.secrets."api_service_account_key.json.age".path;
+    };
+    registerNode = true;
+    cni = {
+      packages = [ pkgs.cni-plugins pkgs.calico-cni-plugin ];
+    };
+    extraOpts = ''
+      --fail-swap-on=false
+      # --container-runtime=remote
+      # --container-runtime-endpoint=unix:///run/containerd/containerd.sock
+    '';
+  };
+}

nixos/machines/adele.nix

@@ -6,16 +6,16 @@
     inputs.nixos-hardware.nixosModules.dell-xps-17-9700-nvidia
   ];
 
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = true;
-  modules.extra.enable = false;
-  modules.code.enable = true;
-  modules.games.enable = false;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.nixified-ai.enable = false;
-  modules.gitea-runner.enable = false;
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = true;
+  myModules.extra.enable = false;
+  myModules.code.enable = true;
+  myModules.games.enable = false;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.nixified-ai.enable = false;
+  myModules.gitea-runner.enable = false;
 
   hardware.enableRedistributableFirmware = true;
 

nixos/machines/bencbox.nix

@@ -8,10 +8,10 @@
     sublime
     vlc
   ];
-  modules.desktop.enable = false;
-  modules.plasma.enable = false;
+  myModules.desktop.enable = false;
+  myModules.plasma.enable = false;
   imalison.nixOverlay.enable = false;
-  modules.wsl.enable = true;
+  myModules.wsl.enable = true;
 
   networking.hostName = "bencbox";
 

nixos/machines/biskcomp.nix

@@ -13,25 +13,31 @@ in
     extraGroups = ["syncthing"];
   };
 
-  modules.raspberry-pi.enable = true;
+  myModules.raspberry-pi.enable = true;
 
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = false;
-  modules.extra.enable = false;
-  modules.code.enable = true;
-  modules.games.enable = false;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.nixified-ai.enable = false;
-  modules.cache-server = {
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = false;
+  myModules.extra.enable = false;
+  myModules.code.enable = true;
+  myModules.games.enable = false;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.nixified-ai.enable = false;
+  myModules.cache-server = {
     enable = false;
     host-string = biskcomp-nginx-hostnames;
     port = 80;
     path = "/nix-cache";
   };
-  modules.gitea.enable = true;
-  modules.gitea-runner.enable = false;
+  myModules.gitea.enable = true;
+  myModules.gitea-runner.enable = false;
+
+  myModules.railbird-k3s = {
+    enable = true;
+    serverAddr = "https://dev.railbird.ai:6443";
+  };
+  services.k3s.disableAgent = true;
 
   services.vaultwarden = {
     enable = true;
@@ -85,6 +91,16 @@ in
           '';
         };
       };
+      "docs.railbird.ai" = {
+        enableACME = true;
+        forceSSL = true;
+        root = "/var/lib/syncthing/railbird/docs";
+        locations."/" = {
+          extraConfig = ''
+            autoindex on;
+          '';
+        };
+      };
     };
   };
 

nixos/machines/david-blade.nix

@@ -5,15 +5,15 @@
     ../configuration.nix
   ];
 
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = false;
-  modules.extra.enable = false;
-  modules.code.enable = true;
-  modules.games.enable = false;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.nixified-ai.enable = false;
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = false;
+  myModules.extra.enable = false;
+  myModules.code.enable = true;
+  myModules.games.enable = false;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.nixified-ai.enable = false;
 
   hardware.enableRedistributableFirmware = true;
 

nixos/machines/dean-zephyrus.nix

@@ -5,10 +5,10 @@
   ];
   services.xserver.enable = true;
   environment.systemPackages = with pkgs; [sublime];
-  modules.desktop.enable = false;
-  modules.plasma.enable = false;
+  myModules.desktop.enable = false;
+  myModules.plasma.enable = false;
   imalison.nixOverlay.enable = false;
-  modules.wsl.enable = true;
+  myModules.wsl.enable = true;
 
   networking.hostName = "dean-zephyrus";
 

nixos/machines/jay-lenovo-wsl.nix

@@ -5,7 +5,7 @@
   ];
 
   imalison.nixOverlay.enable = false;
-  modules.wsl.enable = true;
+  myModules.wsl.enable = true;
 
   networking.hostName = "jay-lenovo-wsl";
 

nixos/machines/jay-lenovo.nix

@@ -11,6 +11,7 @@
     android-studio
     linuxPackages_latest.perf
     zenmonitor
+    code-cursor
   ];
 
   hardware.enableRedistributableFirmware = true;
@@ -26,7 +27,7 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
-  modules.postgres.enable = true;
+  myModules.postgres.enable = true;
 
   networking.networkmanager.enable = true;
 

nixos/machines/jimi-hendnix.nix

@@ -5,23 +5,24 @@
     ../configuration.nix
   ];
 
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = true;
-  modules.extra.enable = false;
-  modules.code.enable = true;
-  modules.games.enable = false;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.nixified-ai.enable = false;
-  modules.gitea-runner.enable = true;
-  modules.postgres.enable = true;
+  myModules.railbird-k3s = {
+    enable = true;
+    serverAddr = "https://ryzen-shine.local:6443";
+  };
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = true;
+  myModules.extra.enable = false;
+  myModules.code.enable = true;
+  myModules.games.enable = false;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.nixified-ai.enable = false;
+  myModules.gitea-runner.enable = true;
+  myModules.postgres.enable = true;
 
   hardware.enableRedistributableFirmware = true;
-
-  # install nvidia drivers in addition to intel one
-  hardware.opengl.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
-  hardware.opengl.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
+  myModules.nvidia.enable = true;
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
   boot.kernelModules = [ "kvm-intel" ];

nixos/machines/nixquick.nix

@@ -4,13 +4,25 @@
     ../configuration.nix
   ];
 
+  services.macos-ventura = {
+    enable = true;
+    openFirewall = true;
+    vncListenAddr = "0.0.0.0";
+  };
+
   features.full.enable = true;
-  modules.cache-server = {
+  myModules.cache-server = {
     enable = true;
     port = 3090;
   };
-  modules.gitea-runner.enable = true;
-  modules.vscode.enable = true;
+  myModules.gitea-runner.enable = true;
+  myModules.vscode.enable = true;
+  myModules.kat.enable = true;
+  myModules.nvidia.enable = true;
+  myModules.railbird-k3s = {
+    enable = true;
+    serverAddr = "https://dev.railbird.ai:6443";
+  };
 
   networking.hostName = "nixquick";
 
@@ -21,15 +33,6 @@
   boot.extraModulePackages = [ ];
   boot.loader.systemd-boot.enable = true;
 
-  # install nvidia drivers in addition to intel one
-  hardware.opengl.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
-  hardware.opengl.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
-  services.xserver = {
-    videoDrivers = [ "nvidia" ];
-  };
-
-  hardware.opengl.driSupport32Bit = true;
-
   hardware.nvidia.modesetting.enable = true;
 
   # This also enables v4l2loopback

nixos/machines/railbird-sf.nix

@@ -12,58 +12,36 @@
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
   boot.loader.systemd-boot.enable = true;
+  modules.postgres.enable = true;
 
-  hardware.opengl.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
-  hardware.opengl.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
-  services.xserver = {
-    videoDrivers = [ "nvidia" ];
-  };
-
-  # Enable OpenGL
-  hardware.opengl = {
-    enable = true;
-    driSupport = true;
-    driSupport32Bit = true;
-  };
+  services.k3s.role = "agent";
+  services.k3s.extraFlags = lib.mkForce ["--node-label nixos-nvidia-cdi=enabled"];
 
   hardware.nvidia = {
-
-    # Modesetting is required.
-    modesetting.enable = true;
-
-    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
     powerManagement.enable = false;
     # Fine-grained power management. Turns off GPU when not in use.
     # Experimental and only works on modern Nvidia GPUs (Turing or newer).
     powerManagement.finegrained = false;
 
-    # Use the NVidia open source kernel module (not to be confused with the
-    # independent third-party "nouveau" open source driver).
-    # Support is limited to the Turing and later architectures. Full list of
-    # supported GPUs is at:
-    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
-    # Only available from driver 515.43.04+
-    # Currently alpha-quality/buggy, so false is currently the recommended setting.
-    open = false;
-
     # Enable the Nvidia settings menu,
 	  # accessible via `nvidia-settings`.
     nvidiaSettings = true;
-
-    # Optionally, you may need to select the appropriate driver version for your specific GPU.
-    package = config.boot.kernelPackages.nvidiaPackages.stable;
   };
 
   features.full.enable = false;
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = false;
-  modules.gnome.enable = true;
-  modules.code.enable = true;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.plasma.enable = false;
-  modules.gitea-runner.enable = true;
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = false;
+  myModules.code.enable = true;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.plasma.enable = true;
+  myModules.nvidia.enable = true;
+  myModules.gitea-runner.enable = true;
+  myModules.railbird-k3s = {
+    enable = false;
+    serverAddr = "https://dev.railbird.ai:6443";
+  };
 
   fileSystems."/" =
     { device = "/dev/disk/by-uuid/a317d456-6f84-41ee-a149-8e466e414aae";
@@ -87,7 +65,7 @@
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
   hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-  
+
   home-manager.users = forEachUser {
      home.stateVersion = "23.11";
   };

nixos/machines/ryzen-shine.nix

@@ -6,14 +6,17 @@
   ];
 
   features.full.enable = true;
+  myModules.kubelet.enable = false;
+  myModules.nvidia.enable = true;
   # Needed for now because monitors have different refresh rates
-  modules.xmonad.picom.vSync.enable = false;
-  modules.cache-server = {
+  myModules.xmonad.picom.vSync.enable = false;
+  myModules.cache-server = {
     enable = true;
     port = 3090;
   };
-  modules.gitea-runner.enable = true;
-  modules.postgres.enable = true;
+  myModules.gitea-runner.enable = true;
+  myModules.postgres.enable = true;
+  myModules.railbird-k3s.enable = true;
 
   boot.loader.systemd-boot.configurationLimit = 5;
 
@@ -45,15 +48,15 @@
   boot.initrd.kernelModules = [ "dm-snapshot" ];
 
   # install nvidia drivers in addition to intel one
-  hardware.opengl.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
-  hardware.opengl.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
+  hardware.graphics.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
+  hardware.graphics.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
   services.xserver = {
     videoDrivers = [ "nvidia" ];
   };
 
   hardware.nvidia.modesetting.enable = true;
 
-  hardware.opengl.driSupport32Bit = true;
+  hardware.graphics.enable32Bit = true;
 
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];

nixos/machines/strixi-minaj-wsl.nix

@@ -4,7 +4,7 @@
     ../configuration.nix
   ];
 
-  modules.wsl.enable = true;
+  myModules.wsl.enable = true;
 
   networking.hostName = "strixi-minaj-wsl";
 

nixos/machines/strixi-minaj.nix

@@ -3,18 +3,20 @@
 {
   imports = [
     ../configuration.nix
+    inputs.nixos-hardware.nixosModules.asus-rog-strix-g834jzr
   ];
 
-  modules.base.enable = true;
-  modules.desktop.enable = true;
-  modules.xmonad.enable = true;
-  modules.extra.enable = false;
-  modules.code.enable = true;
-  modules.games.enable = false;
-  modules.syncthing.enable = true;
-  modules.fonts.enable = true;
-  modules.nixified-ai.enable = false;
-  modules.gitea-runner.enable = false;
+  hardware.nvidia.open = false;
+  myModules.base.enable = true;
+  myModules.desktop.enable = true;
+  myModules.xmonad.enable = true;
+  myModules.extra.enable = false;
+  myModules.code.enable = true;
+  myModules.games.enable = false;
+  myModules.syncthing.enable = true;
+  myModules.fonts.enable = true;
+  myModules.nixified-ai.enable = false;
+  myModules.gitea-runner.enable = false;
 
   hardware.enableRedistributableFirmware = true;
 
@@ -23,21 +25,15 @@
   ];
 
   services.xserver.dpi = 96;
-  boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.kernelPackages = pkgs.linuxPackages_testing;
   boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
-  services.xserver = {
-    videoDrivers = [ "nvidia" ];
-  };
-  hardware.opengl = {
+  hardware.graphics = {
     enable = true;
-    driSupport = true;
-    driSupport32Bit = true;
+    enable32Bit = true;
   };
-  hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.production;
-  hardware.nvidia.modesetting.enable = true;
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 

nixos/nix.nix

@@ -18,6 +18,7 @@
     };
     home-manager.useGlobalPkgs = true;
     home-manager.useUserPackages = true;
+    home-manager.backupFileExtension = "backup";
 
     nix = rec {
       extraOptions = ''

nixos/nixified.ai.nix

@@ -1,5 +1,5 @@
 { inputs, config, specialArgs, ... }:
-specialArgs.makeEnable config "modules.nixified-ai" false {
+specialArgs.makeEnable config "myModules.nixified-ai" false {
   imports = [
     inputs.nixified-ai.nixosModules.invokeai
   ];

nixos/nvidia.nix

@@ -0,0 +1,18 @@
+{ config, pkgs, makeEnable, ... }:
+
+makeEnable config "myModules.nvidia" false {
+  environment.systemPackages = with pkgs; [
+    nvidia-container-toolkit
+  ];
+  hardware.nvidia-container-toolkit = {
+    enable = true;
+    mount-nvidia-executables = true;
+  };
+  hardware.nvidia.open = false;
+  hardware.graphics.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
+  hardware.graphics.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 ];
+  hardware.graphics.enable32Bit = true;
+  services.xserver = {
+    videoDrivers = [ "nvidia" ];
+  };
+}

nixos/options.nix

@@ -1,6 +1,6 @@
 { lib, ... }: {
   options = {
-    modules.xmonad.picom.vSync.enable = lib.mkOption {
+    myModules.xmonad.picom.vSync.enable = lib.mkOption {
       default = true;
       type = lib.types.bool;
     };

nixos/overlay.nix

@@ -17,15 +17,16 @@ final: prev: {
     };
   });
 
-  picom = prev.picom.overrideAttrs (old: {
-    src = prev.fetchFromGitHub {
-      repo = "picom";
-      owner = "dccsillag";
-      rev = "51b21355696add83f39ccdb8dd82ff5009ba0ae5";
-      sha256 = "sha256-crCwRJd859DCIC0pEerpDqdX2j8ZrNAzVaSSB3mTPN8==";
-    };
-    nativeBuildInputs = old.nativeBuildInputs ++ [final.pcre];
-  });
+  # picom = prev.picom.overrideAttrs (old: {
+  #   src = prev.fetchFromGitHub {
+  #     repo = "picom";
+  #     owner = "dccsillag";
+  #     rev = "51b21355696add83f39ccdb8dd82ff5009ba0ae5";
+  #     sha256 = "sha256-crCwRJd859DCIC0pEerpDqdX2j8ZrNAzVaSSB3mTPN8==";
+  #   };
+  #   nativeBuildInputs = old.nativeBuildInputs ++ [final.pcre final.gnugrep.pcre2 final.libpcre];
+  #   buildInputs = old.buildInputs ++ [final.pcre];
+  # });
 
   expressvpn = prev.expressvpn.overrideAttrs (_: {
     src = prev.fetchurl {

nixos/plasma.nix

@@ -1,5 +1,5 @@
 { config, makeEnable, ... }:
-makeEnable config "modules.plasma" true {
+makeEnable config "myModules.plasma" true {
   services.displayManager.sddm.enable = true;
   services.xserver = {
     desktopManager.plasma5.enable = true;

nixos/postgres.nix

@@ -1,5 +1,5 @@
 { pkgs, config, makeEnable, realUsers, ... }:
-makeEnable config "modules.postgres" true {
+makeEnable config "myModules.postgres" true {
   services.postgresql = {
     enable = true;
     package = pkgs.postgresql_15;

nixos/rabbitmq.nix

@@ -1,5 +1,5 @@
 { pkgs, config, makeEnable, realUsers, ... }:
-makeEnable config "modules.rabbitmq" true {
+makeEnable config "myModules.rabbitmq" true {
   services.rabbitmq = {
     enable = true;
   };

nixos/railbird-kubernetes.crt

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIELTCCApWgAwIBAgIRALNxOT7J7N/eK6edp9LbKAIwDQYJKoZIhvcNAQELBQAw
+LzEtMCsGA1UEAxMkM2I2N2M2NzgtNzI5My00YTIzLTg3ZWItY2NiMTZjYWFkMzFm
+MCAXDTIzMTIyOTE5NTQ0MloYDzIwNTMxMjIxMjA1NDQyWjAvMS0wKwYDVQQDEyQz
+YjY3YzY3OC03MjkzLTRhMjMtODdlYi1jY2IxNmNhYWQzMWYwggGiMA0GCSqGSIb3
+DQEBAQUAA4IBjwAwggGKAoIBgQCUYUuTrpDbwUS2B3SYUoa7LI5mi8NNr0lDe1w4
+3yPpVnu6ubvnTNm2j/v88HYwEjlppEg4HjhP7YEJ8gsGdgUCpIaPWTpifVmA7E4o
+2DbJDiePkkUGkNL0whCClOOcO0hyxdk9Pol5wRzci0l6zSalE6DB4rJrmB5Ppl/A
+t2KAVVqpwbynmbijr4yZh7Bp7LfaIrFthlv2ZPEjLfPLz7YthBw9/iUt94mLMyWZ
+BpygA5y/CocQQnnFMnU1o0eUd37YL7zErfIxx/AmL10Sq0qdFXiYOJJqubURbdS8
+DZ6dyHdX+UlxPls2Rlx9nDaiNGFJdzqHJzDdOlzN3kkdDQoO8xUdH9ekFU7rOwkP
+5NpubSwrd1FOGHh+EknugnEQD4Oip/YQ7IUj3Afm5Ag2la9k4WJRgjACbkQ2+k9I
+sFmPmmMVHn9nepCMiYQMjX7ApZw0isDPeVK5EuQeImgu7uNoV8R5VwG0XoBCXz4S
+UqYv11uEsMqFu07Zwlznsxnm0uECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgIEMA8G
+A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI73GznmeECJOdxJAEzmjhYgGVKtMA0G
+CSqGSIb3DQEBCwUAA4IBgQAm19zlm3WVePflA6Zh/FxvE8MirrJF6jmJzRrBCEM5
+DwkSmY3dvONqCYeeNb4+xWXWQ8eVKVlPdkoW3V7H5xnJ63dXRNN2lQ3JpSTG3+yP
+Omp6XGY9mmatdHwyV7N4h10aKEWAuRhy148sdJZLYj0LbR42pCVYhEP4D3Qj7KjN
+PJe+cR8NSpiYmDH5y88Jqubztj5NVcDj/iN9h/7/GajbU6lCgN/SxZgi9cNGjxSb
+JHFHE2Mp3z9sjsieTXMplLqK045TQ2IBqnJyMdKkvSNkRUCbz2yXdiIOKtvU4ly0
+h884z9P5JQ9bxe+6cwYC4ky3G5WYMn++RUsuCk4ScsrbZtM9jpKnz/TygMdVTC5w
+Siq6OHKtAnh8Ax1LEKicg9FLd6ODxR3OVKu+fUPV4XHAWJnmvElGlivjneHiE+OL
+dzgb/CfBEGHYBVc2PDIhwBmUdoEZ/t3UjvmSI46ZblYpWodJvLFwge2HxSivRlLW
+Uh/oPWX5N/CH9I34HTAhI48=
+-----END CERTIFICATE-----

nixos/raspberry-pi.nix

@@ -1,6 +1,6 @@
 { config, pkgs, inputs, makeEnable, ... }:
 
-makeEnable config "modules.raspberry-pi" false {
+makeEnable config "myModules.raspberry-pi" false {
   imports = [
     inputs.nixos-hardware.nixosModules.raspberry-pi-4
   ];
@@ -12,6 +12,7 @@ makeEnable config "modules.raspberry-pi" false {
   # hardware.raspberry-pi."4".audio.enable = true;
 
   boot = {
+    initrd.systemd.tpm2.enable = false;
     initrd.availableKernelModules = [
       "usbhid"
       "usb_storage"

nixos/secrets/1896Folsom-k3s-token.age

@@ -0,0 +1,51 @@
+age-encryption.org/v1
+-> ssh-ed25519 ZgrTqA MGp4jtyXCV3QBrIuy/WQthJGxLUnFNgZlf3HNtZtukY
+jbskLgoJDhl755Qn4ZdW5nYK7Ug2eLm4oQyazff6Uf4
+-> ssh-ed25519 ZaBdSg hjFZhYc4AKvp8585jS4pivMFTxPd0miyQdjJQjQvERQ
+4P8PqJ7gz99nuGyAOh73gECCNTa8U56t/byr0h1plLo
+-> ssh-ed25519 MHZylw iZq2dXCa4gSDpmbQazU4JPCXnbXjrMx2Nh0FCYACCTM
+yVE+tooOjxvD1OBziXHz5yv0k2purR/QouE3SSzinPw
+-> ssh-ed25519 sIUg6g ppAmkq3uj/heZ/RhK6BCz3o6d9l6tw+FeoV+GM4jh2M
+F+Og7e744NSgaUs9zZ28ttPdbl0xkN82KgqGnfv/9sM
+-> ssh-ed25519 TnanwQ GwsA+F4Co/Vxg5I04GxBW6EPPXOT2PtHCdiq6KEFJ0w
+vcJiXNxnh32Q00VodKXhvTmiTglxSCiSPLwOFXrQPxU
+-> ssh-rsa gwJx0Q
+EoF9WbtAgRZyWQPtcwrQTIxXMfNSl6Fpm7DITAwocm04U2aoNEnhvsU/0olrCGpU
+ez4CTnTZuOCVe8yr9KYjy9bU/41L2k89P/yk92i0Fm9412tIvYodSx0Qjju4hpPo
+ptLAp+5wUgeRarEpnPHQBKnyeR4PcaVAeAYyiFHKjFZIaZ6oBEHbJGd8QO02RwAG
+2hnGkVzHhQOxnd6VN4h4xP4BfWXZ8rwTigenVMSwMkrWg0Xx+iXPvGhbLh0P/o5d
+VKtISQGzfL9rr2N4VYJHUT6JgQHNy66qd9YKrcY0bRanlMSeR7p217f/sKOc9SIL
+h9URYNbaxGhdx9JuQVywIA
+-> ssh-ed25519 YFIoHA xsirlZemMNZIOEcc164PM3SO2gJ6DrNM1xU2Phj/TWA
+v0cCi2mVuPMpy17w6q1GLgv/5k6wetFFBUzeAw6YGK8
+-> ssh-ed25519 KQfiow wVCBy3SI6pY/Q1C5Zqq6//KPHma8PR8Qd5DhwO7+SSY
+ODABvuKUzhcuUj/YVwa1tCdgj/WBrhMHpwOmjgMTNDo
+-> ssh-ed25519 kScIxg 9qaWKYi08kVEz5HnFluLfHJz0dNl0gqSj+yTBRmX5U8
+2NBABg/XbcWq4gZp3vtnLZ4yBAZkPdXckDGnHc0rC1U
+-> ssh-ed25519 HzX1zw hMbFcHddfBJ+fU2Ay+J+siEi/rH0kTXTRJS1pFe9rFg
+IBPsFZ2vBc/t0L+anbugwX9A8lj8t6AykZzSovxTCxc
+-> ssh-ed25519 KQfiow 5mUphYz0qwZi78nxpxrQNWeXdum5o1cVj76sSrDgIlA
+KamxIS2NJaI7DTy9SJisGU+KTKTsDx7dXw7TlsSnq9o
+-> ssh-ed25519 1o2X0w zwmrw9msofsTJ9qkqaQWs0CWG2ArWXIb3hX/eFlM/2E
+L8CTuqIKNU1Ff2vWmIWtvLPmI8MOSlUobTLzQGladMg
+-> ssh-ed25519 KQ5iUA 03zopYKa8ki6hqJiiFOoAE0cNEg6uGWk7VF3teDzkws
+FxHYVfs2lCDlWspyv+03yjdJHSIIDUq8PTkhyLyomdM
+-> ssh-ed25519 AKGkDw BBg9+2iPHediKJ0xd/tVcoofbJvws2QIF2yskvE1OBs
+ZM32S8i6ZNG1cPSO3Ojkyy4JYKnJMXv72/RsE1g2o2Y
+-> ssh-ed25519 0eS5+A VedHoAI2jnrcY5E+Db6qyoJJnevOJ4NF1YzSGUAP6R4
+jO9JaT6BiuiriIpWzc6fpJMDxqu3718KMMcHWFtHq14
+-> ssh-ed25519 9/4Prw gcQ7zE+fSceLHLIi26qs348WJH7Jta36N1dPRIp2+2E
+69jtpz9PVWh1KJM5fKUy923ddah7PiwvabFsNST19Ag
+-> ssh-ed25519 gAk3+Q C30KhWJmYd4D3bCuoD7hOZrehDhjMhTpzB1PmqRqph4
+BEpcSaCnz8zLOho7Da7mBtAeLeCJMXbMkyg8CW5OKQI
+-> ssh-ed25519 X6eGtQ EP1F3zxhA6pPsFl638bLkYgsBDn1NHH4xbR3U50ZtSA
+0h8Oe4zZ68GwzHp07LjUmKA69paiGBQGcakpIi8w+VA
+-> ssh-ed25519 0ma8Cw hQ1jQxz3XqtHo3ENzLiX85dmrtD2KpFb+Nx9t95EugM
+1oFklRDdtko9lf9GxJbu0IH7uTD7Iae8nLA6KoVLA1g
+-> ssh-ed25519 Tp0Z1Q VvWo+U0VBidsCCtQKWfEqcgnjzbi7TlSPdrqaZcAGzA
+zRKu1PrurMXm/hQL1DzdgXQLDwebJCtcDzdiceBS00I
+-> ssh-ed25519 qQi7yA kOOIJPZqdp7dRRxPLqwDlNv4OXUI+RYXkA5IlI0YP04
+HnwjK1XmdwIL478UXhRPVPU5YCJYALnpmryF0Kaz5vA
+--- 3MSdvhunDcposjHvMTMOSX6jM4Zj6EndDVgEMMrDpiM
+òEÑ“É4š˜à`|[áØ
]BÌs/€£a1o7ðF'<27>xU§<55>¤qšáðpdäid®,£ìp“bB0ØL‰nÃã~Qm|žK\ŽçiM™G>¿ðx9ÿïÒ€Ù9òwQŒÝ=ýl^YÊÐ+E[J¤É<C2A4>y뀧ûåœDàQÃè1k†Ó
+4‡ñH«Èh!

nixos/secrets/gitea-runner-token.age

@@ -0,0 +1,50 @@
+age-encryption.org/v1
+-> ssh-ed25519 ZgrTqA fUdYNjuALrimf6eo5FoqjGF0Zvzo4HBMW6cr53NO+D4
+YPI8i4LK2Iz0C89Cx91kx0z+oLQmzVp7rTI9r7+TJcc
+-> ssh-ed25519 ZaBdSg 4INz9+Kf25/qCECW0ylv3oZ0j6ouFJigP+gVSvm97Vc
+mmzlvBxYh703ZEzf73FF7ifDjysMEl2GOT5heGEn+Ts
+-> ssh-ed25519 MHZylw I/e6YCpLKOmjfmnkhF9qsG1S690YuCuHkHm10SOTSTo
+3hnodZC9lVNTsigacqP26JibaaRdModVJCsaiugBNCs
+-> ssh-ed25519 sIUg6g VTWz7slnoJSC5bpGw6o5G7n2y439GbjNiZaFMLaN5jI
+lIJgwvZSyv422Nqct3LmB65ga66y4WSp0ok9RVN9G0s
+-> ssh-ed25519 TnanwQ jnix1dT8u58lNCEmn4mMEn/66XNhYkfOmlQzz9ybpXA
+rpJ1RE1aN8ZFvwXdnWMz5WmtIPVYuaoFW+dUxUHSue0
+-> ssh-rsa gwJx0Q
+d3ys74cy6D+bpqZoaWyzcCHlgY+2sxSR4U41KpLTa1CodYQfhf/QzfhMhNRbKNrg
+eoFB4Z9QSIkbqQedkqmR+gjDtklSG/Jz/1QZxkKm3pRulDq0YA+crduA72Xs+ReF
+yRfAotYMZ+fJvJBJ4C604XzX2JyDsZ9pMxvzH3ntWLL2ay9wgY8beVekCfyAEgr6
+EmFE1xPS5/SvEGz/3x0pxn6qtGXR7JAQYIZw7xVgpLvaY+yGjBGgF97RT8NZKmps
+Y+4DpQMVhJpMREpsGa78zN2PNsZoV3uc/rT7GLfhX1NJxjDfQ5whLF4ykrerg4ZB
+Mm3HhALUqeGd8trA+dRZiw
+-> ssh-ed25519 YFIoHA U7m8uc58dgdk3HS920pXyMUwSustTkyHbomhhYvKxhc
+8TRED2gwbj1IeZxFR9EmkTqsVLgl1pLgja7FpRvw8WY
+-> ssh-ed25519 KQfiow et6x8B9B0X0hX695r/tfriEoInXXcHUkAiaQhXK6NGo
+UkJcdPjs1q//FDy+dGY2uaaGbgw6azVB1/zc5wrdQy8
+-> ssh-ed25519 kScIxg 9UbFUlg4SGEY7L8vOummxwHhypcipPtRq/yhw8k6K2g
+vfLB37DdDA7nEXlNSkJUXwDwQ5UoDonkiKIhSjG4N24
+-> ssh-ed25519 HzX1zw 4LkDXxeqKtYI8EhwXccMRlRw88flevLGFgzwt9nbNWY
+EtrL0itCfPvQtrIFWXqnPoje6Cy//KHZ//OwcibLy4s
+-> ssh-ed25519 KQfiow VPlZHErfIKR0NOG8/Rqwu7LQKP13izSQVck8s217LkM
+v8+OEZZTe+pybXqEtUQ1ILNQ2TbB4QSIkHacMQUkYGg
+-> ssh-ed25519 1o2X0w s8Of4YUoOKrBMa2AjcBYFXPEqwmjZEKGpGwf0F5Z9wo
+ifK7DqiArFCFIjxMHxLB1vlzZ+H/60H+a4xdmdvkf0I
+-> ssh-ed25519 KQ5iUA 1Jn+jIAmcJ1QUbC2Yz6XfVoM4XbS3HHEXJHJvDS3mlE
+rsmCtAlqxVzUfJeRT5kmU0FI5cAiCtqA1bpeG0aci+c
+-> ssh-ed25519 AKGkDw uB/GYB86+P5I9EtWJjCyrPYJKxlF8KLwjVacnS3FYg0
+kAsGXL4c1IDU3rklHnyMpY454DLSCibhEy5U9vfoQxE
+-> ssh-ed25519 0eS5+A xe3LGZVaCS6rCrULdfdtHpuwdnib0FizFhseyWjUxBQ
+nKmumufCm1WQj1MdfawMWFHztFJhP/7+4h8f7PD4+z8
+-> ssh-ed25519 9/4Prw vsOHzuM608TC+t+dqQbMHtZnTcfgGHJq/CfVazWeVFk
+I/w6R2t/pmdA+Ktool+1hU21GjjG/hwe0vSq89jtULw
+-> ssh-ed25519 gAk3+Q GMi0sxNOfeqbmMuU25wGnZdLx8D7zTYZ5Nx5OLjOaCA
+eweAPpjwjHYdySCtWbzwpM9RZ+Ohim/0HQiy2bssIFg
+-> ssh-ed25519 X6eGtQ bTbsvZYuHIYj6AUQ8hLvn9OKLhapi3VqU7nUDT2kxRQ
+X0Kh45FK79mdXA1AqySw/rC73maypSP5BpKso0BKHeM
+-> ssh-ed25519 0ma8Cw miWf5St4zNDpl7ydZPm4NDbhN0Pp5jAP28IdIXfoA38
+yH13uHPwUCRyaXqnieNvkDDNkrACPaoIVFQUiVK2ZLk
+-> ssh-ed25519 Tp0Z1Q dvgXe3vQqY9le3KaROdzaP4jnjQ8kljfC+D/sSpwjnw
+/fwCFlvRRwUZ0ebYXJTdlGRxY6H9elCh5ULsyLve6IM
+-> ssh-ed25519 qQi7yA 83iacCsgW3Iw83C753dqBCM6/i8qyKLqJ0AvEIgxsT4
+uI6NwcRcJUJMYR7vMhZvlnmdWRV9J4FUm8KbDutuKTo
+--- o88XKoHrskw3WGcaj1Ie6UzwfWcfKl76oO8zwk2jcNk
+z…ðÆeïYòUêp[ò4ËVëî-þLE%EÚ›­Â¾Ó<C2BE>BSWõ²Õ–½ñ0¼ÿ¯=¢‡-J
t•ÌO<C38C>õšï<C5A1>瀖É9èp_Kd¬

nixos/secrets/secrets.nix

@@ -10,5 +10,11 @@ in
   "gitea-runner-token.jimi-hendnix.age".publicKeys = keys.agenixKeys;
   "gitea-runner-token.adele.age".publicKeys = keys.agenixKeys;
   "gitea-runner-token.railbird-sf.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
+  "gitea-runner-token.mac-demarco-mini.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
+  "gitea-runner-token.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
   "nextcloud-admin.age".publicKeys = keys.agenixKeys;
+  "ryzen-shine-kubernetes-token.age".publicKeys = keys.agenixKeys;
+  "1896Folsom-k3s-token.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
+  "api_service_account_key.json.age".publicKeys = keys.agenixKeys;
+  "k3s-registry.yaml.age".publicKeys = keys.agenixKeys ++ keys.railbird-sf;
 }

nixos/syncthing.nix

@@ -17,10 +17,12 @@ let
     mixos = { id = "7DMMUDT-CO33EMS-LQW65MX-3BVYDBT-ZZWDJC6-SWEF6SW-ICUMWOE-ZC4IBQK"; };
     strixi-minaj-wsl = { id = "DOAEFFI-W6EZY3K-GDUHDLX-6DQPVFC-XU3G65X-5KX6RKK-EMF7ZT7-YKKKOAM"; };
     strixi-minaj = { id = "IF76WOS-WVYFAQG-ZZMIT3R-ZR6EQQH-YQP3FGZ-BJ3LJKO-56FK2XA-UREADQM"; };
+    dean-zephyrus = { id = "UVIQVZQ-WFWVUQT-OTXPK7V-RXFKAVV-RY5DV2Z-XZEH3Q2-JQZIQLW-XMSB6AT"; };
+    bencbox = { id = "FZFDBDG-J56RKLU-JZUHEAB-SAGB6CM-LRR6QFC-ZLNQG22-R2DEXAC-MY4BXQN"; };
   };
   allDevices = builtins.attrNames devices;
 in
-makeEnable config "modules.syncthing" true {
+makeEnable config "myModules.syncthing" true {
   system.activationScripts.syncthingPermissions = {
     text = ''
       chown -R syncthing:syncthing /var/lib/syncthing

nixos/users.nix

@@ -92,7 +92,12 @@ in
     railbird = userDefaults // {
       inherit extraGroups;
       name = "railbird";
-      openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdDevKeys;
+      openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdFullstackDevKeys;
+    };
+    interview = userDefaults // {
+      inherit extraGroups;
+      name = "interview";
+      openssh.authorizedKeys.keys = interviewKeys ++ inputs.railbird-secrets.keys.railbirdFullstackDevKeys;
     };
   };
 

nixos/vscode.nix

@@ -1,5 +1,5 @@
 { inputs, config, makeEnable, forEachUser, ... }:
-makeEnable config "modules.vscode" true {
+makeEnable config "myModules.vscode" true {
   home-manager.users = forEachUser {
     imports = [inputs.vscode-server.homeModules.default];
     services.vscode-server.enable = true;

nixos/wsl.nix

@@ -1,13 +1,13 @@
 { config, inputs, pkgs, makeEnable, ... }:
-makeEnable config "modules.wsl" false {
+makeEnable config "myModules.wsl" false {
   imports = [
     inputs.nixos-wsl.nixosModules.wsl
   ];
 
-  modules.base.enable = false;
-  modules.desktop.enable = false;
-  modules.xmonad.enable = false;
-  modules.plasma.enable = false;
+  myModules.base.enable = false;
+  myModules.desktop.enable = false;
+  myModules.xmonad.enable = false;
+  myModules.plasma.enable = false;
 
   # Update timezone automatically
   services.tzupdate.enable = true;

nixos/xmonad.nix

@@ -1,5 +1,5 @@
 { config, pkgs, inputs, forEachUser, makeEnable, ... }:
-makeEnable config "modules.xmonad" true  {
+makeEnable config "myModules.xmonad" true  {
   nixpkgs.overlays = with inputs; [
     xmonad.overlay
     xmonad-contrib.overlay
@@ -25,7 +25,7 @@ makeEnable config "modules.xmonad" true  {
     # Haskell Desktop
     haskellPackages.xmonad
     haskellPackages.imalison-xmonad
-    haskellPackages.notifications-tray-icon
+    # haskellPackages.notifications-tray-icon
     haskellPackages.gtk-sni-tray
     haskellPackages.status-notifier-item
     haskellPackages.dbus-hslogger
@@ -80,7 +80,7 @@ makeEnable config "modules.xmonad" true  {
 
     services.picom = {
       enable = true;
-      vSync = config.modules.xmonad.picom.vSync.enable;
+      vSync = config.myModules.xmonad.picom.vSync.enable;
       backend = "glx";
       extraArgs = ["--experimental-backends"];
 
@@ -137,21 +137,21 @@ makeEnable config "modules.xmonad" true  {
       };
     };
 
-    systemd.user.services.notifications-tray-icon = {
-      Unit = {
-        Description = "Notifications tray icon";
-        After = [ "graphical-session-pre.target" "tray.target" ];
-        PartOf = [ "graphical-session.target" ];
-      };
+    # systemd.user.services.notifications-tray-icon = {
+    #   Unit = {
+    #     Description = "Notifications tray icon";
+    #     After = [ "graphical-session-pre.target" "tray.target" ];
+    #     PartOf = [ "graphical-session.target" ];
+    #   };
 
-      Install = { WantedBy = [ "graphical-session.target" ]; };
+    #   Install = { WantedBy = [ "graphical-session.target" ]; };
 
-      Service = {
-        ExecStart = "${pkgs.haskellPackages.notifications-tray-icon}/bin/notifications-tray-icon  --github-token-pass dfinity-github-api-token";
-        Restart = "always";
-        RestartSec = 3;
-      };
-    };
+    #   Service = {
+    #     ExecStart = "${pkgs.haskellPackages.notifications-tray-icon}/bin/notifications-tray-icon  --github-token-pass dfinity-github-api-token";
+    #     Restart = "always";
+    #     RestartSec = 3;
+    #   };
+    # };
 
     systemd.user.services.shutter = {
       Unit = {