pinned python 3.12

ad-nix.code-workspace

@@ -14,12 +14,65 @@
 		},
 	],
 	"settings": {
-        "python.defaultInterpreterPath": "/home/appdaemon/ad-lola/.devenv/state/venv/bin/python3",
+		// Python
+		"[python]": {
+			"editor.autoClosingDelete": "always",
+			"editor.autoClosingBrackets": "always",
+			"editor.defaultFormatter": "charliermarsh.ruff",
+			// "editor.formatOnSave": true,
+			"editor.codeActionsOnSave": {
+				"source.organizeImports.ruff": "explicit",
+				// "source.fixAll": "explicit"
+			}
+		},
+		"python.defaultInterpreterPath": "${workspaceFolder}/.devenv/state/venv/bin/python3",
+		"python.autoComplete.extraPaths": ["~/ad-lola", "${fileWorkspaceFolder}/apps/room_control/src"],
 		"python.analysis.extraPaths": [
-			"~/ad-lola"
+			"~/ad-lola",
+			"${workspaceFolder:conf}/lola/apps/room_control/src",
+			"${workspaceFolder:conf}/lola/apps/lola-parking/src"
 		],
-		"ruff.interpreter": [
-			"/home/appdaemon/ad-lola/.devenv/state/venv/bin/python3"
+		"python.analysis.autoFormatStrings": true,
+		"python.analysis.completeFunctionParens": true,
+		"python.analysis.autoImportCompletions": true,
+		"python.analysis.importFormat": "relative",
+		"python.analysis.autoIndent": true,
+		"python.analysis.useLibraryCodeForTypes": true,
+		"python.analysis.languageServerMode": "full",
+		"python.analysis.typeEvaluation.enableReachabilityAnalysis": true,
+		"python.languageServer": "Pylance",
+		"python.terminal.shellIntegration.enabled": true,
+
+		// Ruff settings
+		"ruff.enable": true,
+		"ruff.organizeImports": true,
+		"ruff.importStrategy": "fromEnvironment",
+		"ruff.nativeServer": true,
+		"ruff.configurationPreference": "filesystemFirst",
+		"ruff.configuration": "${workspaceFolder}/pyproject.toml",
+		"ruff.fixAll": true,
+		"ruff.lint.enable": true,
+		// https://docs.astral.sh/ruff/rules/
+		"ruff.lint.extendSelect": [
+			"F", "W", "I",
+			"E1", "E2", "E3", "E4", "E5", "E7", "E9"
 		],
+
+	 
+		// Notebooks
+		// "jupyter.askForKernelRestart": false,
+		"notebook.defaultFormatter": "charliermarsh.ruff",
+		"notebook.formatOnSave.enabled": true,
+		"notebook.codeActionsOnSave": {
+			"notebook.source.fixAll": "explicit",
+			"notebook.source.organizeImports": "explicit"
+		},
+
+		"editor.rulers": [120],
+		"editor.wordWrap": "on",
+		"editor.wordWrapColumn": 120,
+		// https://docs.astral.sh/ruff/rules/#pycodestyle-e-w
+		// https://pycodestyle.pycqa.org/en/latest/intro.html#error-codes
+		
     }
 }

configuration.nix

@@ -1,7 +1,7 @@
 { pkgs, lib, userSettings, systemSettings, ... }:
 {
   imports = [
-    (import ./home-manager/home.nix {inherit systemSettings userSettings lib;})
+    # (import ./home-manager {inherit systemSettings userSettings lib pkgs;})
      ./nixos
      ./scripts
   ];
@@ -10,6 +10,7 @@
 
   nix.settings.trusted-users = [ "root" "@wheel" ];
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  nix.settings.download-buffer-size = 524288000; # 500MB
   
   programs.nix-ld.enable = true;
 
@@ -22,10 +23,6 @@
   # sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";
 
   environment.systemPackages = with pkgs; [
-    bash
-    git
-    eza
-    gh
     sops
     gdbm
   ];
@@ -37,10 +34,42 @@
   services.openssh.enable = true;
   services.tailscale.enable = true;
 
-  services.cron = {
-    enable = true;
-    systemCronJobs = [
-      "30 2 * * * /run/current-system/sw/bin/nfs > /etc/nixos/auto_update.log 2>&1"
-    ];
+  # services.cron = {
+  #   enable = true;
+  #   systemCronJobs = [
+  #     "30 2 * * * /run/current-system/sw/bin/nfsu > /etc/nixos/auto_update.log 2>&1"
+  #   ];
+  # };
+
+  # systemd.timers."auto-update" = {
+  #   wantedBy = [ "timers.target" ];
+  #     timerConfig = {
+  #       OnCalendar="*-*-* 4:00:00";
+  #       Unit = "auto-update.service";
+  #     };
+  # };
+
+  # systemd.services."auto-update" = {
+  #   script = ''
+  #     ${pkgs.coreutils}/bin/echo "Running auto-update"
+  #     FLAKE=$(${pkgs.coreutils}/bin/readlink -f /etc/nixos)
+  #     ${pkgs.coreutils}/bin/echo "FLAKE: $FLAKE"
+  #     ${pkgs.nix}/bin/nix flake update --flake $FLAKE --impure
+  #     ${pkgs.git}/bin/git -C $FLAKE add "$FLAKE/flake.lock" > /dev/null 2>&1
+  #     ${pkgs.sudo}/bin/sudo ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake $FLAKE#${systemSettings.hostName} --impure
+  #   '';
+  #   serviceConfig = {
+  #     Type = "oneshot";
+  #     User = "${userSettings.userName}";
+  #   };
+  # };
+
+  # https://nixos.wiki/wiki/Storage_optimization
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 30d";
   };
+  nix.optimise.automatic = true;
+  nix.optimise.dates = [ "Mon *-*-* 05:00:00" ];
 }

flake.lock

@@ -9,16 +9,20 @@
           "devenv"
         ],
         "git-hooks": [
-          "devenv"
+          "devenv",
+          "git-hooks"
         ],
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": [
+          "devenv",
+          "nixpkgs"
+        ]
       },
       "locked": {
-        "lastModified": 1737621947,
-        "narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=",
+        "lastModified": 1748883665,
+        "narHash": "sha256-R0W7uAg+BLoHjMRMQ8+oiSbTq8nkGz5RDpQ+ZfxxP3A=",
         "owner": "cachix",
         "repo": "cachix",
-        "rev": "f65a3cd5e339c223471e64c051434616e18cc4f5",
+        "rev": "f707778d902af4d62d8dd92c269f8e70de09acbe",
         "type": "github"
       },
       "original": {
@@ -39,11 +43,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739444039,
-        "narHash": "sha256-J7PLowc4pCdEkXEWtm72bC6gNNlT7sgNAq5YMZmvvkg=",
+        "lastModified": 1756048064,
+        "narHash": "sha256-mVgB6qWhLrCW6AciLyFXosDKKZFtBgqvixcA8a07s+g=",
         "owner": "cachix",
         "repo": "devenv",
-        "rev": "1235cd13f47df6ad19c8a183c6eabc1facb7c399",
+        "rev": "3fb20c149d329b01a2b519fbb2a9ca3e6e6e1b05",
         "type": "github"
       },
       "original": {
@@ -55,11 +59,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1733328505,
-        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
         "type": "github"
       },
       "original": {
@@ -71,11 +75,11 @@
     "flake-compat_2": {
       "flake": false,
       "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
         "type": "github"
       },
       "original": {
@@ -93,11 +97,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1712014858,
-        "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
+        "lastModified": 1733312601,
+        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
+        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
         "type": "github"
       },
       "original": {
@@ -127,7 +131,8 @@
     "git-hooks": {
       "inputs": {
         "flake-compat": [
-          "devenv"
+          "devenv",
+          "flake-compat"
         ],
         "gitignore": "gitignore",
         "nixpkgs": [
@@ -136,11 +141,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1737465171,
-        "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=",
+        "lastModified": 1750779888,
+        "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17",
+        "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
         "type": "github"
       },
       "original": {
@@ -178,11 +183,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739756364,
-        "narHash": "sha256-r8RxE0W3uhJ6unzbIddWTAzrpP9tMnmbj0F+DF+CTSM=",
+        "lastModified": 1756022458,
+        "narHash": "sha256-J1i35r4HfNDdPpwL0vOBaZopQudAUVtartEerc1Jryc=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "662fa98bf488daa82ce8dc2bc443872952065ab9",
+        "rev": "9e3a33c0bcbc25619e540b9dfea372282f8a9740",
         "type": "github"
       },
       "original": {
@@ -191,62 +196,92 @@
         "type": "github"
       }
     },
-    "libgit2": {
-      "flake": false,
+    "home-manager_2": {
+      "inputs": {
+        "nixpkgs": [
+          "nix-home",
+          "nixpkgs"
+        ]
+      },
       "locked": {
-        "lastModified": 1697646580,
-        "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
-        "owner": "libgit2",
-        "repo": "libgit2",
-        "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
+        "lastModified": 1750033262,
+        "narHash": "sha256-TcFN78w6kPspxpbPsxW/8vQ1GAtY8Y3mjBaC+oB8jo4=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "66523b0efe93ce5b0ba96dcddcda15d36673c1f0",
         "type": "github"
       },
       "original": {
-        "owner": "libgit2",
-        "repo": "libgit2",
+        "owner": "nix-community",
+        "repo": "home-manager",
         "type": "github"
       }
     },
     "nix": {
       "inputs": {
         "flake-compat": [
-          "devenv"
+          "devenv",
+          "flake-compat"
         ],
         "flake-parts": "flake-parts",
-        "libgit2": "libgit2",
-        "nixpkgs": "nixpkgs_2",
+        "git-hooks-nix": [
+          "devenv",
+          "git-hooks"
+        ],
+        "nixpkgs": [
+          "devenv",
+          "nixpkgs"
+        ],
         "nixpkgs-23-11": [
           "devenv"
         ],
         "nixpkgs-regression": [
           "devenv"
-        ],
-        "pre-commit-hooks": [
-          "devenv"
         ]
       },
       "locked": {
-        "lastModified": 1734114420,
-        "narHash": "sha256-n52PUzub5jZWc8nI/sR7UICOheU8rNA+YZ73YaHeCBg=",
-        "owner": "domenkozar",
+        "lastModified": 1755029779,
+        "narHash": "sha256-3+GHIYGg4U9XKUN4rg473frIVNn8YD06bjwxKS1IPrU=",
+        "owner": "cachix",
         "repo": "nix",
-        "rev": "bde6a1a0d1f2af86caa4d20d23eca019f3d57eee",
+        "rev": "b0972b0eee6726081d10b1199f54de6d2917f861",
         "type": "github"
       },
       "original": {
-        "owner": "domenkozar",
-        "ref": "devenv-2.24",
+        "owner": "cachix",
+        "ref": "devenv-2.30",
         "repo": "nix",
         "type": "github"
       }
     },
+    "nix-home": {
+      "inputs": {
+        "home-manager": "home-manager_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1750825763,
+        "narHash": "sha256-gUtcO/8Bcw4YerJpSIRu+Q2MYKxWrtT+8Bp3Mh1Qfmw=",
+        "ref": "refs/heads/main",
+        "rev": "1ab1e4b9e610dcd40a3d728f377b6ac8a302d977",
+        "revCount": 26,
+        "type": "git",
+        "url": "https://gitea.john-stream.com/john/nix-home"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://gitea.john-stream.com/john/nix-home"
+      }
+    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1733212471,
-        "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
+        "lastModified": 1755615617,
+        "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
+        "rev": "20075955deac2583bb12f07151c2df830ef346b4",
         "type": "github"
       },
       "original": {
@@ -264,11 +299,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1733319315,
-        "narHash": "sha256-cFQBdRmtIZFVjr2P6NkaCOp7dddF93BC0CXBwFZFaN0=",
+        "lastModified": 1755249745,
+        "narHash": "sha256-lDIbUfJ8xK62ekG+qojTlA1raHpKdScBTx8IFlQYx9U=",
         "owner": "cachix",
         "repo": "nixpkgs-python",
-        "rev": "01263eeb28c09f143d59cd6b0b7c4cc8478efd48",
+        "rev": "b6632af2db9f47c79dac8f4466388c7b1b6c3071",
         "type": "github"
       },
       "original": {
@@ -278,38 +313,6 @@
       }
     },
     "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1717432640,
-        "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "release-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_3": {
-      "locked": {
-        "lastModified": 1739580444,
-        "narHash": "sha256-+/bSz4EAVbqz8/HsIGLroF8aNaO8bLRL7WfACN+24g4=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "8bb37161a0488b89830168b81c48aed11569cb93",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs_4": {
       "locked": {
         "lastModified": 1682134069,
         "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
@@ -327,7 +330,8 @@
       "inputs": {
         "devenv": "devenv",
         "home-manager": "home-manager",
-        "nixpkgs": "nixpkgs_3",
+        "nix-home": "nix-home",
+        "nixpkgs": "nixpkgs",
         "nixpkgs-python": "nixpkgs-python",
         "sops-nix": "sops-nix",
         "vscode-server": "vscode-server"
@@ -340,11 +344,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739262228,
-        "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
+        "lastModified": 1754988908,
+        "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
+        "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
         "type": "github"
       },
       "original": {
@@ -371,14 +375,14 @@
     "vscode-server": {
       "inputs": {
         "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs_4"
+        "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1729422940,
-        "narHash": "sha256-DlvJv33ml5UTKgu4b0HauOfFIoDx6QXtbqUF3vWeRCY=",
+        "lastModified": 1753541826,
+        "narHash": "sha256-foGgZu8+bCNIGeuDqQ84jNbmKZpd+JvnrL2WlyU4tuU=",
         "owner": "nix-community",
         "repo": "nixos-vscode-server",
-        "rev": "8b6db451de46ecf9b4ab3d01ef76e59957ff549f",
+        "rev": "6d5f074e4811d143d44169ba4af09b20ddb6937d",
         "type": "github"
       },
       "original": {

flake.nix

@@ -18,6 +18,10 @@
       url = "github:cachix/devenv";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    nix-home = {
+      url = "git+https://gitea.john-stream.com/john/nix-home";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   nixConfig = {
@@ -25,14 +29,12 @@
     extra-substituters = "https://devenv.cachix.org";
   };
 
-  outputs = { self, ... }@args:
+  outputs = { self, ... }@inputs:
   let
     inherit (self) outputs;
-    nixosSystem = args.nixpkgs.lib.nixosSystem;
+    nixosSystem = inputs.nixpkgs.lib.nixosSystem;
 
     userSettings = {
-      gitUserName = "John Lancaster";
-      gitUserEmail = "32917998+jsl12@users.noreply.github.com";
       userName = "appdaemon";
       adHome = "/home/appdaemon";
     };
@@ -43,29 +45,26 @@
       system = "x86_64-linux";
       timeZone = "America/Chicago";
       locale = "en_US.UTF-8";
-      # pythonVersion = "3.11.10"; # This is largely irrelevant because uv will handle it
+      pythonVersion = "3.12"; # This is largely irrelevant because uv will handle it
     };
 
-    pkgs = args.nixpkgs.legacyPackages.${systemSettings.system};
+    pkgs = inputs.nixpkgs.legacyPackages.${systemSettings.system};
 
   in
   {
     nixosConfigurations.${systemSettings.hostName} = nixosSystem {
       system = systemSettings.system;
-      specialArgs =
-      let
-        inputs = args;
-      in
-      {
+      specialArgs = {
         inherit inputs;
         inherit systemSettings;
         inherit userSettings;
       };
       modules = [
-        (args.nixpkgs + "/nixos/modules/virtualisation/proxmox-lxc.nix")
-        args.home-manager.nixosModules.default
-        args.vscode-server.nixosModules.default
-        args.sops-nix.nixosModules.sops
+        (inputs.nixpkgs + "/nixos/modules/virtualisation/proxmox-lxc.nix")
+        inputs.home-manager.nixosModules.default
+        inputs.nix-home.nixosModules.default { user = "${userSettings.userName}"; }
+        inputs.vscode-server.nixosModules.default
+        inputs.sops-nix.nixosModules.sops
         ./configuration.nix
       ];
     };
@@ -76,18 +75,14 @@
       devenv-test = self.devShells.${systemSettings.system}.default.config.test;
     };
 
-    devShells.${systemSettings.system}.default =
-      let
-        inputs = args;
-      in
-      args.devenv.lib.mkShell {
+    devShells.${systemSettings.system}.default = inputs.devenv.lib.mkShell {
       inherit inputs pkgs;
       modules = [
         ({ pkgs, config, ... }: {
           # This is your devenv configuration
 
           # https://devenv.sh/reference/options/#pre-commithooks
-            pre-commit.hooks = {
+          git-hooks.hooks = {
             end-of-file-fixer.enable = true;
             trim-trailing-whitespace.enable = true;
           };
@@ -95,7 +90,7 @@
           # https://devenv.sh/supported-languages/python/
           languages.python = {
             enable = true;
-              # version = systemSettings.pythonVersion;
+            version = systemSettings.pythonVersion;
             uv = {
               enable = true;
               package = pkgs.uv;
@@ -110,19 +105,25 @@
           packages = with pkgs; [
             git
             gdbm
+            # (python312.withPackages (python-pkgs: with python-pkgs; [ gdbm ]))
             (python312.withPackages (python-pkgs: with python-pkgs; [
-                notebook # kinda hacky, but needed so that jupyter notebook has some shared library it needs
+              gdbm
+              notebook # kinda hacky, but needed so that jupyter notebook has some shared library it needs?
             ]))
-              (writeShellScriptBin "ad-nb" "cd $(readlink -f /etc/nixos) && devenv up")
+            (writeShellScriptBin "docs" "${pkgs.uv}/bin/uv run sphinx-autobuild -E ./docs/ ./docs_build --port 9999")
+            (writeShellScriptBin "ab" "${pkgs.uv}/bin/uv build --wheel --refresh")
+            (writeShellScriptBin "adb" "ab && ${pkgs.docker}/bin/docker build -t acockburn/appdaemon:local-dev .")
+            # (writeShellScriptBin "ad-nb" "cd $(readlink -f /etc/nixos) && devenv up")
           ];
 
-            processes = {
-              my-jup.exec = "uv run jupyter notebook";
-            };
+          # processes = {
+          #   my-jup.exec = "uv run jupyter notebook";
+          # };
 
           enterShell = ''
-              alias appdaemon="${pkgs.uv}/bin/uv run --frozen python -m appdaemon"
-              alias ad="appdaemon"
+            alias fix="${pkgs.uv}/bin/uv run ruff check --fix"
+            alias appdaemon="${pkgs.uv}/bin/uv run --frozen appdaemon"
+            # alias ad="appdaemon"
 
             export PS1="\[\e[0;34m\](AppDaemon)\[\e[0m\] \[\033[1;32m\][\[\e]0;\u@\h: \w\a\]\u@\h:\w]\$\[\033[0m\] "
 

home-manager/git.nix

@@ -1,9 +0,0 @@
-{ userSettings, ... }:
-{
-  programs.git = {
-    enable = true;
-    extraConfig.credential.helper = "store --file ~/.git-credentials";
-    userName = "${userSettings.gitUserName}";
-    userEmail = "${userSettings.gitUserEmail}";
-  };
-}

nixos/default.nix

@@ -1,6 +1,7 @@
 { ... }:
 {
   imports = [
+    ./home-manager.nix
     ./docker
     ./services
   ];

nixos/home-manager.nix

@@ -1,4 +1,4 @@
-{ lib, systemSettings, userSettings, ... }:
+{ lib, pkgs, systemSettings, userSettings, ... }:
 {
   security.sudo-rs = {
     enable = true;
@@ -9,20 +9,19 @@
   users.users.${userSettings.userName} = {
     isNormalUser = true;
     extraGroups = [ "wheel" "docker" ];
-    openssh.authorizedKeys.keyFiles = [ ../secrets/authorized_keys ];
   };
 
   home-manager = {
     useGlobalPkgs = true;
-    users.${userSettings.userName} = { ... }: {
+    users.${userSettings.userName} = {
       home.stateVersion = systemSettings.stateVersion;
       home.homeDirectory = lib.mkForce "${userSettings.adHome}";
       systemd.user.startServices = "sd-switch"; # helps with handling systemd services when switching
-      imports = [ (import ./git.nix {inherit userSettings;}) ];
-      programs = {
-        ssh.enable = true;
-        bash.enable = true;
-      };
+      programs.gh.enable = true;
+      programs.git.extraConfig.safe.directory = "/home/appdaemon/ad-nix";
+      home.packages = with pkgs; [
+        lazydocker
+      ];
     };
   };
 }

nixos/services/promtail.nix

@@ -1,6 +1,6 @@
 { config, pkgs, ... }:
 let
-  lokiHost = "loki.john-stream.com";
+  lokiHost = "https://loki.john-stream.com";
 in
 {
   systemd.services.promtail.serviceConfig = {
@@ -22,7 +22,7 @@ in
       positions = {
         filename = "/tmp/positions.yaml";
       };
-      clients = [{url = "https://${lokiHost}/loki/api/v1/push";}];
+      clients = [{url = "${lokiHost}/loki/api/v1/push";}];
       scrape_configs = [
         {
           job_name = "journal";

nixos/services/restic.nix

@@ -1,6 +1,10 @@
-{ config, pkgs, ... }:
+{ config, pkgs, userSettings, ... }:
 {
-  sops.secrets."restic_password" = { };
+
+  sops.secrets.restic_password = {
+    owner = config.users.users.${userSettings.userName}.name;
+    mode = "0440";
+  };
 
   environment.systemPackages = with pkgs; [
     restic
@@ -27,6 +31,7 @@
         "/home"
         "/conf"
         "/etc/nixos"
+        "/etc/ssh"  # necessary for SOPS nix to have the same keys
       ];
       exclude = [
         ".cache"
@@ -37,6 +42,7 @@
         "dist"
         "__pycache__"
         "*.egg-info"
+        "namespaces"
       ];
     };
   };

nixos/services/telegraf.nix

@@ -1,6 +1,6 @@
 { config, pkgs, ... }:
 let
-  influxURL = "http://panoptes.john-stream.com:8086";
+  influxURL = "https://influxdb.john-stream.com";
   organization = "homelab";
   bucket = "docker";
   token = "${builtins.readFile config.sops.secrets."telegraf_influx_token".path}";
@@ -41,7 +41,6 @@ in
           container_name_include = [];
           timeout = "5s";
           perdevice_include = ["cpu" "blkio" "network"];
-          total = false;
           docker_label_include = [];
         };
       };

scripts/default.nix

@@ -1,13 +1,9 @@
 { pkgs, systemSettings, ... }:
 {
   environment.systemPackages = with pkgs; [
-    (pkgs.writeShellScriptBin "nrbs" "sudo nixos-rebuild switch")
-    (pkgs.writeShellScriptBin "nrbsu" "sudo nix-channel --update && sudo nixos-rebuild switch")
-    (pkgs.writeShellScriptBin "nfs" ''
-      sudo nixos-rebuild switch --flake $(readlink -f /etc/nixos)#${systemSettings.hostName} --impure
-    '')
     (pkgs.writeShellScriptBin "ads" "nix develop --no-pure-eval $(readlink -f /etc/nixos)")
     (pkgs.writeShellScriptBin "link-nix" "${builtins.readFile ./link-nix.sh}")
-    (pkgs.writeShellScriptBin "sops-ad" "sops $(readlink -f /etc/nixos)/secrets/secrets.yaml")
+    (pkgs.writeShellScriptBin "sops-ad" "sops $(readlink -f /etc/nixos)/secrets/encrypted_secrets.yaml")
+    (pkgs.writeShellScriptBin "lola-up" "docker compose -f /conf/lola/docker-compose.yml up -d")
   ];
 }