From 15c32a95a411eb4f00c586772b3ffade734eece1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Thu, 14 May 2026 20:56:52 +0200 Subject: [PATCH 01/10] nix flake update --- flake.lock | 74 +++++++++++++++++++++++++++--------------------------- 1 file changed, 37 insertions(+), 37 deletions(-) diff --git a/flake.lock b/flake.lock index a74a893..b0d2c2e 100644 --- a/flake.lock +++ b/flake.lock @@ -232,11 +232,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1775087534, - "narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=", + "lastModified": 1777988971, + "narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b", + "rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff", "type": "github" }, "original": { @@ -330,11 +330,11 @@ ] }, "locked": { - "lastModified": 1775425411, - "narHash": "sha256-KY6HsebJHEe5nHOWP7ur09mb0drGxYSzE3rQxy62rJo=", + "lastModified": 1777851538, + "narHash": "sha256-Gp8qwTEYNoy2yvmErVGlvLOQvrtEECCAKbonW7VJef8=", "owner": "nix-community", "repo": "home-manager", - "rev": "0d02ec1d0a05f88ef9e74b516842900c41f0f2fe", + "rev": "cc09c0f9b7eaa95c2d9827338a5eb03d32505ca5", "type": "github" }, "original": { @@ -378,11 +378,11 @@ ] }, "locked": { - "lastModified": 1777031541, - "narHash": "sha256-KZ4s1kolHXFQrRGlnB503gDcTrVQMhiczO+LvvwKEPg=", + "lastModified": 1778151388, + "narHash": "sha256-lldMJPUeouEjO8/7aLuwhcsIw29vVihm2ZALzjiqfec=", "owner": "nix-community", "repo": "naersk", - "rev": "5e73301621274c44798bf6c6211ed27fc2ced201", + "rev": "efdddff9ff4d8e7d0056d57ec67dac50f75ab8f6", "type": "github" }, "original": { @@ -405,11 +405,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1777472199, - "narHash": "sha256-gJr/OrHv6s8ANqv915sb69LLThow1u5yAO/ouElVGGM=", + "lastModified": 1778224717, + "narHash": "sha256-lzpzFAinsI1YriR+iVDIDZVkps2oQw1LG2QvFcDVYCk=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "323a80f2ce4541c595d491acbd15a8800201cbae", + "rev": "cb2fdda815a0c2c03f8a7fe7075c433d4ef37110", "type": "github" }, "original": { @@ -438,11 +438,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1777468255, - "narHash": "sha256-lBZc1UMy+1P1T/E41j3jQrpS7EFI3qegd+ktHZdamIg=", + "lastModified": 1778221858, + "narHash": "sha256-+nZlx8MKCs973N9Bm0hNzFHjY+2lmBrBOQeTALeCRhI=", "owner": "YaLTeR", "repo": "niri", - "rev": "dd1c3bcb9f1ef416df33ffa22d1d9bcee1398e7d", + "rev": "0200670d9ee8cfbdb154e3e14d92b5ff61aedd59", "type": "github" }, "original": { @@ -473,11 +473,11 @@ ] }, "locked": { - "lastModified": 1777434090, - "narHash": "sha256-i7p7ajtdKF6oVjs3ERyECCg6m1lWEchHNPKQjgRW4h4=", + "lastModified": 1778297753, + "narHash": "sha256-IRgRWBkluHR+JiNmhS/fbTbodr22/P9MuWZSU7x3DGI=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "f32bb01e6a12b74fa67261e9d690ff9d0603d86b", + "rev": "a15c2ddce7f4018f9277c727f6689c56be8b2720", "type": "github" }, "original": { @@ -588,11 +588,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1774748309, - "narHash": "sha256-+U7gF3qxzwD5TZuANzZPeJTZRHS29OFQgkQ2kiTJBIQ=", + "lastModified": 1777168982, + "narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "333c4e0545a6da976206c74db8773a1645b5870a", + "rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14", "type": "github" }, "original": { @@ -603,11 +603,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1777270315, - "narHash": "sha256-yKB4G6cKsQsWN7M6rZGk6gkJPDNPIzT05y4qzRyCDlI=", + "lastModified": 1778124196, + "narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6368eda62c9775c38ef7f714b2555a741c20c72d", + "rev": "68a8af93ff4297686cb68880845e61e5e2e41d92", "type": "github" }, "original": { @@ -619,11 +619,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1777077449, - "narHash": "sha256-AIiMJiqvGrN4HyLEbKAoCSRRYn0rnlW5VbKNIMIYqm4=", + "lastModified": 1778003029, + "narHash": "sha256-q/nkKLDtHIyLjZpKhWk3cSK5IYsFqtMd6UtXF3ddjgA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a4bf06618f0b5ee50f14ed8f0da77d34ecc19160", + "rev": "0c88e1f2bdb93d5999019e99cb0e61e1fe2af4c5", "type": "github" }, "original": { @@ -659,11 +659,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1778180483, - "narHash": "sha256-35cMiZn5DAnYFpKFdWg5dxW7hLO3/ey743ED6yV3pL8=", + "lastModified": 1778182618, + "narHash": "sha256-1KzLskWhgJZu0jL03UZZtmHBgk11HMhLFvO9mCWnCao=", "ref": "refs/heads/main", - "rev": "dfa3840d97186fef3480b49f289acd3ae707ee27", - "revCount": 626, + "rev": "628ae67b7def027553c287cfd71f840570469bce", + "revCount": 627, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/nova-shell" }, @@ -682,11 +682,11 @@ ] }, "locked": { - "lastModified": 1777499139, - "narHash": "sha256-s817mwTTkW0VIReee1z41LJAz13AUw3DOK41jZooFGw=", + "lastModified": 1778311636, + "narHash": "sha256-oYvKqSgs5qxcSynyOwBMGDr0dTYUGu4Lucou9OsbwlU=", "owner": "nix-community", "repo": "NUR", - "rev": "c0295550b00f0d0d4a9f41efd5e6c14d38a671fc", + "rev": "3f8e3217d2da6312a529f62a40c90b7129e2ea47", "type": "github" }, "original": { @@ -903,11 +903,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1776894428, - "narHash": "sha256-wuT915MyCtMTfLj+uo9y8wtCwkEgJXiXvcbSleFrlN0=", + "lastModified": 1778105055, + "narHash": "sha256-SWz0cVHEGFb2rSszCaQ7nmuM9q7Cq3xbsg+DAg0N9jo=", "owner": "nix-community", "repo": "stylix", - "rev": "f34be27ce83efaa1c85ad1e5b1f8b6dea65b147d", + "rev": "68b1ff44196f4f593d0cd837ffb2a088c2870055", "type": "github" }, "original": { From cc3cb4fc720e9511908ab1da82887828e23f06fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Thu, 14 May 2026 21:12:05 +0200 Subject: [PATCH 02/10] add hyperhive --- flake.lock | 117 ++++++++++++++++++- flake.nix | 4 + nixosConfigurations/muede-lpt2/default.nix | 1 + nixosConfigurations/muede-lpt2/hyperhive.nix | 6 + 4 files changed, 124 insertions(+), 4 deletions(-) create mode 100644 nixosConfigurations/muede-lpt2/hyperhive.nix diff --git a/flake.lock b/flake.lock index b0d2c2e..b8c993f 100644 --- a/flake.lock +++ b/flake.lock @@ -161,6 +161,7 @@ "fenix": { "inputs": { "nixpkgs": [ + "hyperhive", "naersk", "nixpkgs" ], @@ -180,6 +181,28 @@ "type": "github" } }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "naersk", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1752475459, + "narHash": "sha256-z6QEu4ZFuHiqdOPbYss4/Q8B0BFhacR8ts6jO/F/aOU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "bf0d6f70f4c9a9cf8845f992105652173f4b617f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "firefox-gnome-theme": { "flake": false, "locked": { @@ -344,6 +367,31 @@ "type": "github" } }, + "hyperhive": { + "inputs": { + "naersk": "naersk", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-unstable": [ + "nixpkgs-unstable" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1778860194, + "narHash": "sha256-WZW44eiWOlQOEUB6hzIraDYhVqvHDHcFvNy34tzoqe0=", + "ref": "refs/heads/main", + "rev": "f33fc3dd50c2b80335da86bff5c3c2ad5ab87287", + "revCount": 133, + "type": "git", + "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" + }, + "original": { + "type": "git", + "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" + } + }, "lanzaboote": { "inputs": { "crane": "crane", @@ -373,6 +421,28 @@ "naersk": { "inputs": { "fenix": "fenix", + "nixpkgs": [ + "hyperhive", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1778151388, + "narHash": "sha256-lldMJPUeouEjO8/7aLuwhcsIw29vVihm2ZALzjiqfec=", + "owner": "nix-community", + "repo": "naersk", + "rev": "efdddff9ff4d8e7d0056d57ec67dac50f75ab8f6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "naersk_2": { + "inputs": { + "fenix": "fenix_2", "nixpkgs": [ "nixpkgs" ] @@ -656,7 +726,7 @@ "nixpkgs-unstable" ], "quickshell": "quickshell", - "treefmt-nix": "treefmt-nix" + "treefmt-nix": "treefmt-nix_2" }, "locked": { "lastModified": 1778182618, @@ -746,8 +816,9 @@ "inputs": { "flake-parts": "flake-parts", "home-manager": "home-manager", + "hyperhive": "hyperhive", "lanzaboote": "lanzaboote", - "naersk": "naersk", + "naersk": "naersk_2", "niri": "niri", "nix-filter": "nix-filter", "nix-vscode-extensions": "nix-vscode-extensions", @@ -761,7 +832,7 @@ "servicepoint-simulator": "servicepoint-simulator", "servicepoint-tanks": "servicepoint-tanks", "stylix": "stylix", - "treefmt-nix": "treefmt-nix_2", + "treefmt-nix": "treefmt-nix_3", "zerforschen-plus": "zerforschen-plus" } }, @@ -782,6 +853,23 @@ "type": "github" } }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1752428706, + "narHash": "sha256-EJcdxw3aXfP8Ex1Nm3s0awyH9egQvB2Gu+QEnJn2Sfg=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "591e3b7624be97e4443ea7b5542c191311aa141d", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "rust-overlay": { "inputs": { "nixpkgs": [ @@ -1016,7 +1104,7 @@ "treefmt-nix": { "inputs": { "nixpkgs": [ - "nova-shell", + "hyperhive", "nixpkgs" ] }, @@ -1035,6 +1123,27 @@ } }, "treefmt-nix_2": { + "inputs": { + "nixpkgs": [ + "nova-shell", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1775636079, + "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_3": { "inputs": { "nixpkgs": [ "nixpkgs" diff --git a/flake.nix b/flake.nix index e95af0e..d8125da 100644 --- a/flake.nix +++ b/flake.nix @@ -13,6 +13,10 @@ url = "github:hercules-ci/flake-parts"; #inputs.nixpkgs.follows = "nixpkgs"; }; + hyperhive = { + url = "git+https://git.berlin.ccc.de/vinzenz/hyperhive.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.3"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/nixosConfigurations/muede-lpt2/default.nix b/nixosConfigurations/muede-lpt2/default.nix index be7927c..367a7df 100644 --- a/nixosConfigurations/muede-lpt2/default.nix +++ b/nixosConfigurations/muede-lpt2/default.nix @@ -3,6 +3,7 @@ imports = [ ./containers.nix ./hardware.nix + ./hyperhive.nix ]; config = { diff --git a/nixosConfigurations/muede-lpt2/hyperhive.nix b/nixosConfigurations/muede-lpt2/hyperhive.nix new file mode 100644 index 0000000..0874c38 --- /dev/null +++ b/nixosConfigurations/muede-lpt2/hyperhive.nix @@ -0,0 +1,6 @@ +{ hyperhive, ... }: +{ + imports = [ hyperhive.nixosModules.hive-c0re ]; + + config.services.hive-c0re.enable = true; +} From a9cd9aa069ea29e0b8bbdc71e92950131877cbfe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Fri, 15 May 2026 17:51:51 +0200 Subject: [PATCH 03/10] remote builds: fallback to local build --- nixosModules/distributed-builds.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixosModules/distributed-builds.nix b/nixosModules/distributed-builds.nix index c08d657..e0f0e12 100644 --- a/nixosModules/distributed-builds.nix +++ b/nixosModules/distributed-builds.nix @@ -82,7 +82,7 @@ in }) (lib.filterAttrs (_: v: (v.distributedBuilds or { }) ? storeSigningPublicKey) allDevices); nix.settings = { - #fallback = true; + fallback = true; connect-timeout = 5; trusted-public-keys = lib.pipe buildServerDevices [ (lib.mapAttrsToList (_: v: v.distributedBuilds.storeSigningPublicKey or null)) From aa77543f14aec98834c64259b800f789fa089e81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Fri, 15 May 2026 17:52:16 +0200 Subject: [PATCH 04/10] misc installs --- homeConfigurations/muede/default.nix | 3 ++- nixosConfigurations/damocles/claude-container.nix | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/homeConfigurations/muede/default.nix b/homeConfigurations/muede/default.nix index c2293ca..0c6f563 100644 --- a/homeConfigurations/muede/default.nix +++ b/homeConfigurations/muede/default.nix @@ -74,10 +74,11 @@ arduino-cli arduino-ide btop - claude-code + unstable.claude-code dconf2nix foliate fractal + file geary gnome-terminal gparted diff --git a/nixosConfigurations/damocles/claude-container.nix b/nixosConfigurations/damocles/claude-container.nix index 8093878..a91c661 100644 --- a/nixosConfigurations/damocles/claude-container.nix +++ b/nixosConfigurations/damocles/claude-container.nix @@ -19,6 +19,7 @@ gnugrep curl bintools + file ]; boot.isContainer = true; From bdd2c2efe109411352c5aa411432cbe60dc3a63a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Fri, 15 May 2026 20:14:56 +0200 Subject: [PATCH 05/10] hyperhive: override unstable, update --- flake.lock | 8 ++++---- flake.nix | 5 ++++- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index b8c993f..6f19da5 100644 --- a/flake.lock +++ b/flake.lock @@ -379,11 +379,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1778860194, - "narHash": "sha256-WZW44eiWOlQOEUB6hzIraDYhVqvHDHcFvNy34tzoqe0=", + "lastModified": 1778868174, + "narHash": "sha256-KvagBF/645AZE6iTY8rVy2uAzSMIrg6DRcK+jX4tCZ4=", "ref": "refs/heads/main", - "rev": "f33fc3dd50c2b80335da86bff5c3c2ad5ab87287", - "revCount": 133, + "rev": "897e7c07ae06e39dd875270d6635aa6ef4914961", + "revCount": 163, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" }, diff --git a/flake.nix b/flake.nix index d8125da..78e118d 100644 --- a/flake.nix +++ b/flake.nix @@ -15,7 +15,10 @@ }; hyperhive = { url = "git+https://git.berlin.ccc.de/vinzenz/hyperhive.git"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs = { + nixpkgs.follows = "nixpkgs"; + nixpkgs-unstable.follows = "nixpkgs-unstable"; + }; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.3"; From 0182c37a0406eca4e4c40156a14579c2d76b91c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Sun, 17 May 2026 22:23:35 +0200 Subject: [PATCH 06/10] nix flake update, enable hyperhive forge --- flake.lock | 74 ++++++++++---------- nixosConfigurations/muede-lpt2/hyperhive.nix | 6 +- 2 files changed, 42 insertions(+), 38 deletions(-) diff --git a/flake.lock b/flake.lock index 6f19da5..65ee104 100644 --- a/flake.lock +++ b/flake.lock @@ -255,11 +255,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1777988971, - "narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=", + "lastModified": 1778716662, + "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff", + "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb", "type": "github" }, "original": { @@ -353,11 +353,11 @@ ] }, "locked": { - "lastModified": 1777851538, - "narHash": "sha256-Gp8qwTEYNoy2yvmErVGlvLOQvrtEECCAKbonW7VJef8=", + "lastModified": 1778905220, + "narHash": "sha256-ox/5IHc8uwy6UTw6N7Shp6uCHIgu/S2PsWeuXsOHSo8=", "owner": "nix-community", "repo": "home-manager", - "rev": "cc09c0f9b7eaa95c2d9827338a5eb03d32505ca5", + "rev": "d1686dc7d36cbd1234cb226ad6ef97e882716acb", "type": "github" }, "original": { @@ -379,11 +379,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1778868174, - "narHash": "sha256-KvagBF/645AZE6iTY8rVy2uAzSMIrg6DRcK+jX4tCZ4=", + "lastModified": 1779048925, + "narHash": "sha256-5hrzr+nmpPau/Wzf69pbn0lO44lsqYZITGP9lWONc9U=", "ref": "refs/heads/main", - "rev": "897e7c07ae06e39dd875270d6635aa6ef4914961", - "revCount": 163, + "rev": "15f141801babd56ac29fe15e697f8256eb14ee1b", + "revCount": 374, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" }, @@ -475,11 +475,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1778224717, - "narHash": "sha256-lzpzFAinsI1YriR+iVDIDZVkps2oQw1LG2QvFcDVYCk=", + "lastModified": 1778942403, + "narHash": "sha256-SPCWvqeVySTNUgX/shARpRl5fi/NnkObUgDGR/Aco4c=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "cb2fdda815a0c2c03f8a7fe7075c433d4ef37110", + "rev": "daefca3370581223fedc24d0101c4915a3689f9e", "type": "github" }, "original": { @@ -508,11 +508,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1778221858, - "narHash": "sha256-+nZlx8MKCs973N9Bm0hNzFHjY+2lmBrBOQeTALeCRhI=", + "lastModified": 1778858756, + "narHash": "sha256-9VvAHNoi2wd0fxLfJOPChZMS7l6rhCtAJmpd59Hv5rw=", "owner": "YaLTeR", "repo": "niri", - "rev": "0200670d9ee8cfbdb154e3e14d92b5ff61aedd59", + "rev": "cd5ac3e5e04bb5a11276d3c755fa25242818e05f", "type": "github" }, "original": { @@ -543,11 +543,11 @@ ] }, "locked": { - "lastModified": 1778297753, - "narHash": "sha256-IRgRWBkluHR+JiNmhS/fbTbodr22/P9MuWZSU7x3DGI=", + "lastModified": 1778990260, + "narHash": "sha256-IE5biNRhbQdrziKZbbS47ELDyv38mI4hdFf9zMq6meU=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "a15c2ddce7f4018f9277c727f6689c56be8b2720", + "rev": "357e5e238302b5908f033b828c5f1d8b3d73b4e0", "type": "github" }, "original": { @@ -626,11 +626,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1775857096, - "narHash": "sha256-+eSij7C0oMqz76rGnB99RuWptBuEkJBm9vgb5fIwRrg=", + "lastModified": 1779023229, + "narHash": "sha256-MInilg7B/06c34SwOuGSBho4l0H1EZcmvxTkSWCs5pE=", "owner": "nvmd", "repo": "nixos-raspberrypi", - "rev": "1dc4ca5f93587932383c0b61e1753f5eed1c3bba", + "rev": "06c6e3513e1ee64b651913193fc6ac38aa4963f5", "type": "github" }, "original": { @@ -642,11 +642,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1775595990, - "narHash": "sha256-OEf7YqhF9IjJFYZJyuhAypgU+VsRB5lD4DuiMws5Ltc=", + "lastModified": 1778737229, + "narHash": "sha256-6xWoytx8jFW4PF1GjRm/i/53trbpKGfz6zjzQGBr4cI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4e92bbcdb030f3b4782be4751dc08e6b6cb6ccf2", + "rev": "d7a713c0b7e47c908258e71cba7a2d77cc8d71d5", "type": "github" }, "original": { @@ -673,11 +673,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1778124196, - "narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=", + "lastModified": 1778869304, + "narHash": "sha256-30sZNZoA1cqF5JNO9fVX+wgiQYjB7HJqqJ4ztCDeBZE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "68a8af93ff4297686cb68880845e61e5e2e41d92", + "rev": "d233902339c02a9c334e7e593de68855ad26c4cb", "type": "github" }, "original": { @@ -689,11 +689,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1778003029, - "narHash": "sha256-q/nkKLDtHIyLjZpKhWk3cSK5IYsFqtMd6UtXF3ddjgA=", + "lastModified": 1778737229, + "narHash": "sha256-6xWoytx8jFW4PF1GjRm/i/53trbpKGfz6zjzQGBr4cI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0c88e1f2bdb93d5999019e99cb0e61e1fe2af4c5", + "rev": "d7a713c0b7e47c908258e71cba7a2d77cc8d71d5", "type": "github" }, "original": { @@ -752,11 +752,11 @@ ] }, "locked": { - "lastModified": 1778311636, - "narHash": "sha256-oYvKqSgs5qxcSynyOwBMGDr0dTYUGu4Lucou9OsbwlU=", + "lastModified": 1779047312, + "narHash": "sha256-Q4CSXZehRX3CKnXXaHc2nCMjK9lgZR2Leu5DTwe1Vnw=", "owner": "nix-community", "repo": "NUR", - "rev": "3f8e3217d2da6312a529f62a40c90b7129e2ea47", + "rev": "8070eab81003118a0d3cde9c316aca3b2c21533e", "type": "github" }, "original": { @@ -991,11 +991,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1778105055, - "narHash": "sha256-SWz0cVHEGFb2rSszCaQ7nmuM9q7Cq3xbsg+DAg0N9jo=", + "lastModified": 1778680496, + "narHash": "sha256-tUq1WASV0dHLv3j18log8V6Esq0NYkXuzNH2EHsstcg=", "owner": "nix-community", "repo": "stylix", - "rev": "68b1ff44196f4f593d0cd837ffb2a088c2870055", + "rev": "fc5bec2e44678eeaa221d566d447a0257a884737", "type": "github" }, "original": { diff --git a/nixosConfigurations/muede-lpt2/hyperhive.nix b/nixosConfigurations/muede-lpt2/hyperhive.nix index 0874c38..003accc 100644 --- a/nixosConfigurations/muede-lpt2/hyperhive.nix +++ b/nixosConfigurations/muede-lpt2/hyperhive.nix @@ -1,6 +1,10 @@ { hyperhive, ... }: { - imports = [ hyperhive.nixosModules.hive-c0re ]; + imports = [ + hyperhive.nixosModules.hive-c0re + hyperhive.nixosModules.hive-forge + ]; config.services.hive-c0re.enable = true; + config.services.hive-forge.enable = true; } From dad447aee038d25e670f15763c23b72726620b47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Wed, 20 May 2026 19:29:36 +0200 Subject: [PATCH 07/10] hyperhive update --- flake.lock | 8 ++++---- nixosConfigurations/muede-lpt2/hyperhive.nix | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/flake.lock b/flake.lock index 65ee104..72ec8df 100644 --- a/flake.lock +++ b/flake.lock @@ -379,11 +379,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1779048925, - "narHash": "sha256-5hrzr+nmpPau/Wzf69pbn0lO44lsqYZITGP9lWONc9U=", + "lastModified": 1779297160, + "narHash": "sha256-5siEd/rpH3tVdBNFRBCFxUXtLPYs8OLQNkffhZZR9vQ=", "ref": "refs/heads/main", - "rev": "15f141801babd56ac29fe15e697f8256eb14ee1b", - "revCount": 374, + "rev": "3224178d2d38aafeb123daeefbcc6904fc922e22", + "revCount": 494, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" }, diff --git a/nixosConfigurations/muede-lpt2/hyperhive.nix b/nixosConfigurations/muede-lpt2/hyperhive.nix index 003accc..cb41f90 100644 --- a/nixosConfigurations/muede-lpt2/hyperhive.nix +++ b/nixosConfigurations/muede-lpt2/hyperhive.nix @@ -6,5 +6,4 @@ ]; config.services.hive-c0re.enable = true; - config.services.hive-forge.enable = true; } From 340d51b45ad2d0d82f8e2e77293b0a7188b09ff7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Thu, 21 May 2026 21:09:29 +0200 Subject: [PATCH 08/10] hyperhive: update --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index 72ec8df..b21cb3e 100644 --- a/flake.lock +++ b/flake.lock @@ -379,11 +379,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1779297160, - "narHash": "sha256-5siEd/rpH3tVdBNFRBCFxUXtLPYs8OLQNkffhZZR9vQ=", + "lastModified": 1779389374, + "narHash": "sha256-u/ygppXPZc3VshRDhU9MY3Zc2pJn9QlWvmZiEEefJvA=", "ref": "refs/heads/main", - "rev": "3224178d2d38aafeb123daeefbcc6904fc922e22", - "revCount": 494, + "rev": "0884a5496015472afad97972a7c12fc1cd06a59e", + "revCount": 547, "type": "git", "url": "https://git.berlin.ccc.de/vinzenz/hyperhive.git" }, From bda4fbe2c03cdb6bfab58e30bfecc8007b124834 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Wed, 27 May 2026 17:44:03 +0200 Subject: [PATCH 09/10] extract hetzner vm module, add device hyperforge --- devices.nix | 3 + .../forgejo-runner-1/default.nix | 3 - .../forgejo-runner-1/hardware.nix | 54 ++---------- nixosConfigurations/hetzner-vpn2/default.nix | 4 - nixosConfigurations/hetzner-vpn2/hardware.nix | 54 ++---------- nixosConfigurations/hyperforge/default.nix | 16 ++++ nixosConfigurations/hyperforge/hardware.nix | 14 +++ nixosModules/hetzner-vm.nix | 86 +++++++++++++++++++ 8 files changed, 129 insertions(+), 105 deletions(-) create mode 100644 nixosConfigurations/hyperforge/default.nix create mode 100644 nixosConfigurations/hyperforge/hardware.nix create mode 100644 nixosModules/hetzner-vm.nix diff --git a/devices.nix b/devices.nix index a4fbeb4..26a274d 100644 --- a/devices.nix +++ b/devices.nix @@ -38,6 +38,9 @@ in hetzner-vpn2 = { system = "aarch64-linux"; }; + hyperforge = { + system = "aarch64-linux"; + }; muede-lpt2 = { system = "x86_64-linux"; isDesktop = true; diff --git a/nixosConfigurations/forgejo-runner-1/default.nix b/nixosConfigurations/forgejo-runner-1/default.nix index 41c7717..88cc281 100644 --- a/nixosConfigurations/forgejo-runner-1/default.nix +++ b/nixosConfigurations/forgejo-runner-1/default.nix @@ -10,9 +10,6 @@ # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; - services.tailscale.useRoutingFeatures = "both"; - system.autoUpgrade.allowReboot = true; - users.users = { root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" diff --git a/nixosConfigurations/forgejo-runner-1/hardware.nix b/nixosConfigurations/forgejo-runner-1/hardware.nix index e8fbc56..9786ed6 100644 --- a/nixosConfigurations/forgejo-runner-1/hardware.nix +++ b/nixosConfigurations/forgejo-runner-1/hardware.nix @@ -3,56 +3,12 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { - boot = { - tmp.cleanOnBoot = true; - kernelParams = [ "console=tty" ]; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - initrd = { - availableKernelModules = [ - "xhci_pci" - "virtio_scsi" - "sr_mod" - "virtio_gpu" - ]; - kernelModules = [ ]; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/47bc77ff-12e1-4d39-bb5c-fb100ccd3aab"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/05F2-8F9A"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; } - ]; - - networking.useNetworkd = true; - systemd.network = { + my.hetznerVm = { enable = true; - networks."10-wan" = { - matchConfig.Name = "enp1s0"; - networkConfig.DHCP = "ipv4"; - address = [ - "2a01:4f8:c013:a524::1/64" - ]; - routes = [ - { Gateway = "fe80::1"; } - ]; - }; + rootUuid = "47bc77ff-12e1-4d39-bb5c-fb100ccd3aab"; + bootUuid = "05F2-8F9A"; + swapUuid = "bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; + ipv6Address = "2a01:4f8:c013:a524::1/64"; }; }; } diff --git a/nixosConfigurations/hetzner-vpn2/default.nix b/nixosConfigurations/hetzner-vpn2/default.nix index 5974763..b12cecd 100644 --- a/nixosConfigurations/hetzner-vpn2/default.nix +++ b/nixosConfigurations/hetzner-vpn2/default.nix @@ -8,15 +8,11 @@ # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; - services.tailscale.useRoutingFeatures = "both"; - users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming" ]; - - system.autoUpgrade.allowReboot = true; }; } diff --git a/nixosConfigurations/hetzner-vpn2/hardware.nix b/nixosConfigurations/hetzner-vpn2/hardware.nix index d7c96f0..6c9f315 100644 --- a/nixosConfigurations/hetzner-vpn2/hardware.nix +++ b/nixosConfigurations/hetzner-vpn2/hardware.nix @@ -3,56 +3,12 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { - boot = { - tmp.cleanOnBoot = true; - kernelParams = [ "console=tty" ]; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - initrd = { - availableKernelModules = [ - "xhci_pci" - "virtio_scsi" - "sr_mod" - "virtio_gpu" - ]; - kernelModules = [ ]; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/6C25-6BDC"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } - ]; - - networking.useNetworkd = true; - systemd.network = { + my.hetznerVm = { enable = true; - networks."10-wan" = { - matchConfig.Name = "enp1s0"; - networkConfig.DHCP = "ipv4"; - address = [ - "2a01:4f8:c013:65dd::1/64" - ]; - routes = [ - { Gateway = "fe80::1"; } - ]; - }; + rootUuid = "3263489d-9819-433c-b198-9d2e732a94e4"; + bootUuid = "6C25-6BDC"; + swapUuid = "e147721d-86b5-40d7-a231-c6ea391c563d"; + ipv6Address = "2a01:4f8:c013:65dd::1/64"; }; }; } diff --git a/nixosConfigurations/hyperforge/default.nix b/nixosConfigurations/hyperforge/default.nix new file mode 100644 index 0000000..2c64351 --- /dev/null +++ b/nixosConfigurations/hyperforge/default.nix @@ -0,0 +1,16 @@ +{ + imports = [ + ./hardware.nix + ]; + + config = { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming" + ]; + }; +} diff --git a/nixosConfigurations/hyperforge/hardware.nix b/nixosConfigurations/hyperforge/hardware.nix new file mode 100644 index 0000000..a196adb --- /dev/null +++ b/nixosConfigurations/hyperforge/hardware.nix @@ -0,0 +1,14 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + config = { + my.hetznerVm = { + enable = true; + rootUuid = "73dfcfd2-3a61-4b05-8440-d57072b89eda"; + bootUuid = "E9C2-D85B"; + swapUuid = "737140f2-c2fd-4af9-9974-f05642f8d90e"; + ipv6Address = "2a01:4f8:c013:cbdd::1/64"; + }; + }; +} diff --git a/nixosModules/hetzner-vm.nix b/nixosModules/hetzner-vm.nix new file mode 100644 index 0000000..d59b4ad --- /dev/null +++ b/nixosModules/hetzner-vm.nix @@ -0,0 +1,86 @@ +{ + lib, + config, + ... +}: +let + cfg = config.my.hetznerVm; +in +{ + options.my.hetznerVm = { + enable = lib.mkEnableOption "Hetzner Cloud aarch64 qemu-guest defaults"; + + rootUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the root ext4 filesystem."; + }; + bootUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the FAT /boot partition."; + }; + swapUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the swap device."; + }; + ipv6Address = lib.mkOption { + type = lib.types.str; + description = "Static IPv6 address (with /prefix) assigned to enp1s0."; + example = "2a01:4f8:c013:cbdd::1/64"; + }; + }; + + config = lib.mkIf cfg.enable { + boot = { + tmp.cleanOnBoot = true; + kernelParams = [ "console=tty" ]; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + initrd = { + availableKernelModules = [ + "xhci_pci" + "virtio_scsi" + "sr_mod" + "virtio_gpu" + ]; + kernelModules = [ ]; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/${cfg.rootUuid}"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/${cfg.bootUuid}"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/${cfg.swapUuid}"; } + ]; + + networking.useNetworkd = true; + systemd.network = { + enable = true; + networks."10-wan" = { + matchConfig.Name = "enp1s0"; + networkConfig.DHCP = "ipv4"; + address = [ cfg.ipv6Address ]; + routes = [ + { Gateway = "fe80::1"; } + ]; + }; + }; + + services.tailscale.useRoutingFeatures = "both"; + system.autoUpgrade.allowReboot = true; + }; +} From b1adbd1033c45ebca8a9d83f4b0856f1ef834ae2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?m=C3=BCde?= Date: Wed, 27 May 2026 17:58:24 +0200 Subject: [PATCH 10/10] hyperforge: add forge --- nixosConfigurations/hyperforge/default.nix | 2 ++ nixosConfigurations/hyperforge/forgejo.nix | 24 ++++++++++++++++ nixosConfigurations/hyperforge/nginx.nix | 32 ++++++++++++++++++++++ 3 files changed, 58 insertions(+) create mode 100644 nixosConfigurations/hyperforge/forgejo.nix create mode 100644 nixosConfigurations/hyperforge/nginx.nix diff --git a/nixosConfigurations/hyperforge/default.nix b/nixosConfigurations/hyperforge/default.nix index 2c64351..693a7a8 100644 --- a/nixosConfigurations/hyperforge/default.nix +++ b/nixosConfigurations/hyperforge/default.nix @@ -1,6 +1,8 @@ { imports = [ ./hardware.nix + ./forgejo.nix + ./nginx.nix ]; config = { diff --git a/nixosConfigurations/hyperforge/forgejo.nix b/nixosConfigurations/hyperforge/forgejo.nix new file mode 100644 index 0000000..51b86b3 --- /dev/null +++ b/nixosConfigurations/hyperforge/forgejo.nix @@ -0,0 +1,24 @@ +{ config, lib, ... }: +let + srv = config.services.forgejo.settings.server; +in +{ + services.forgejo = { + enable = true; + database.type = "sqlite3"; + lfs.enable = true; + + settings = { + server = { + DOMAIN = "forge.darkest.space"; + ROOT_URL = "https://${srv.DOMAIN}/"; + HTTP_PORT = 3000; + SSH_PORT = lib.head config.services.openssh.ports; + }; + service.DISABLE_REGISTRATION = true; + session.COOKIE_SECURE = true; + }; + }; + + services.openssh.enable = true; +} diff --git a/nixosConfigurations/hyperforge/nginx.nix b/nixosConfigurations/hyperforge/nginx.nix new file mode 100644 index 0000000..2faf8d9 --- /dev/null +++ b/nixosConfigurations/hyperforge/nginx.nix @@ -0,0 +1,32 @@ +{ config, ... }: +let + srv = config.services.forgejo.settings.server; +in +{ + security.acme = { + acceptTerms = true; + defaults.email = "acme@darkest.space"; + }; + + services.nginx = { + enable = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts.${srv.DOMAIN} = { + enableACME = true; + forceSSL = true; + extraConfig = '' + client_max_body_size 512M; + ''; + locations."/".proxyPass = "http://127.0.0.1:${toString srv.HTTP_PORT}"; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; +}