freshlybakedca.ke
commits
I typoed this command - and unfortunately we can't easily test this
without pushing to main...
We're remote building in CI to get around Tangled's limitations for nix
(and to avoid us having to figure out how to make nixery play nice with
a mounted nix daemon...)
Therefore, we'll need a remoteBuilds key that our Spindle can use
There's a race condition here where teal sometimes looks up midnight
when not connected to tailscale. If it does that, it resolves midnight
on the local network. That would be entirely fine if we weren't just
listening on Tailscale.
Further, that lookup can then get cached, bringing down the spindle even
when tailscale comes up
We trust the local network, let's just allow this route too...
Spindles don't really like it when you delete their state every
time they turn on. It tends to lead to lost logs and repulled nixery
containers. Let's fix that...
We've overloading midnight with our CI - let's stop ourselves from
trying to do more things than midnight supports at once...
On GitHub, we had a workflow which released packetmix when we built
successfully on main - avoiding rebases breaking release builds/etc.
Let's do that again here :)
When we push, josh sometimes seems to pull before it pushes. That causes
our SSH key to be used twice, triggering a double pin entry/etc. with a
security key. That's mildly annoying...
Luckily, we should always be able to pull over http, so we can just use
that for all pulls whether we're nominally using SSH or not!
Tangled has renamed from https://tangled.sh to https://tangled.org
https://bsky.app/profile/tangled.org/post/3lz5dmdtl4s2s
We love that for them - but Josh doesn't properly follow the redirects
for http URLs so we'll have to change them...
Jujutsu's templates for this are for how far ahead/behind the remote
branch is than compared to the local branch vs how far ahead/behind we
are from the remote branch... it makes more sense to have this the other
way around (and clarify in the comment...)
I've attempted to use colors that are fairly close to the original
colors, and use the 8-bit shell colors where possible so these should
change nicely with different terminal themes...
I've not changed colors of anything that looked related to a specific
project (e.g. python logo colors) though I *did* change colors of some
projects that didn't seem to particularly identify with the color picked
(taskwarrior). I'm sure I've done something wrong. Oh well :shrugging: -
maybe we should slim down/split up this p10k file as much as possible...
we don't use most of the things here anyway...
I've not tested this on any theme except latte... perhaps
at://thecoded.prof could take a look at how this looks on dark themes?
It'd be nice to use nix output monitor for builds - there's a project
which automatically uses nix output monitor when nix is called (even
supporting nix-direnv/nixos-rebuild)... this looks probably good for us
to use.
There is [one issue](https://github.com/ners/nix-monitored/issues/3)
of some importance on the nix-monitored tracker which suggests that
nix-monitored incorrectly transforms some 'nix run' invocations...
fortunately, we don't use flakes so this shouldn't be a huge issue
If it is, using
NIX_MONITOR=disable
will temporarily disable nix monitor, allowing you to run whatever you
needed without issue while using nom for everything else
So, we've done some things here...
- We're no longer evaluating homes - which was basically a double-eval
anyway until we get MacOS/etc. up
- We're splitting system evals apart from each other, which will take
longer over all but reduces the peak memory usage from >10GB to ~3GB
- >10GB was unsustainable for midnight ... we were constantly OOMing
when we accidentally triggered CI twice
- ~3GB is very sustainable for midnight :)
ci.nix has different licensing requirements to nilla.nix, namely unfree
packages are not allowed to be built at all in ci.nix. Therefore, it's
good to use it over nilla.nix to avoid accidentally building a package
we cannot distribute
I accidentally merged something in without formatting it locally when
our CI was down - here's that reformat...
We previously didn't use atuin because it was printing garbage
characters in bash... by switching to zsh we seem to have avoided this
problem :)
I've installed zsh, including
- zsh4humans
- powerlevel10k
This is because
- I'm interested installing atuin, and we've had some problems using it
with bash
- I'm interested in adding jujutsu information to my prompt, and zsh
will let me do this much more easily than bash
This isn't an ingredient of its own yet because it doesn't integrate
nicely with, say, catppuccin (or really anything that isn't itself) but
it's a start...
Timestamps currently display only the time, which is... fine, but can
be somewhat annoying to see how long ago something actually was. It's
possible to use timestamp.ago() to show how long ago a thing was as
well. Let's add it to our default timestamp formatter so we can see that
everywhere jujutsu shows us timestamps
We recently reset midnight - and in doing so changed its host key. We
need the new one for remote builds...
- As we've adopted josh, I've needed to type :work (the start of
:workspace) a lot more than I was expecting
- Coded often co-authors stuff with me and I'd like to type his credits
easily
- Speaking of which, I only made ways to add my own co-author credit
but didn't make an easy way to type a blank trailer to credit someone
else...
- And finally, coded also uses the same companies email scheme, and I
occasionally need to type his emails for administrative reasons...
I do Android development - the tools for it aren't in packetmix (see
https://github.com/CollaboraOnline/nix-build-support) but we still need
to persist the data here...
We've been using github CI for a while, let's translate everything to
tangled format so that we can move across!
We need to put our CI in the root of our monorepo as otherwise it won't
run on our tangled spindle...
We've been using https://reuse.software in packetmix for our licensing,
but we haven't made it work in the monorepo and we haven't got sprinkles
under it. Let's change that
We've seen some weird consequences which appear to be from setting the
base=main push option all the time - it's better to use some aliases or
something to set the options only when needed...
Workspaces are not the default filter when you clone a directory,
however we want them so we can have folders such as .tangled shared
between multiple workspaces. Therefore, we should recommend them for our
clone URLs
Sprinkles is widgets for our Niri desktop. Currently we're working on a
notification daemon, and we plan to move our clock out from PacketMix
into sprinkles as well...
Josh doesn't seem to be working correctly with cloning over SSH, but we
know it works for pushing. Therefore, we should mention git's support
for having a different push URL and recommend always cloning over HTTPS
We've exposed teal's SSH to the outside world, so it's now possible to
use the SSH push URL for josh
We don't capitalize our project names, with the exception of at the
start of sentences, so it's nice to make them italic: it makes them
stand out a little bit from the text around them
Additionally, several projects weren't linked/etc.
I've done that now :)
Josh does weird things when creating branches, it's worth documenting
them (particularly as we tend to use jujutsu where push option
specification has to be done via the git config)
Josh wants workspace files to exist before workspaces are cloned to
avoid rewriting commits, so let's add some...
We are moving over to tangled and want to have a spindle so that we can
run long builds like PacketMix needs :sweat_smile:
Midnight is our CI server so it makes sense to host the spindle on it,
proxied to the outside world via teal
We're reinstalling midnight! Previously we had the old hardware config
here, but that one didn't support impermanence and was pretty different
to teal's. As part of our reinstall we've repartitioned our disks to
have a much more similar layout...
We're reinstalling midnight, which means these routes will no longer
exist. They've all been migrated anyway...
When we start up headscale, it tries to connect to OIDC. If our OIDC
server is down, there were previously two options:
- We can fail to start the server altogether
- We can fallback to CLI auth and lose the ability to use OIDC until
headscale is restarted
Neither of these are what I want: I want us to start up anyway but not
allow registration until OIDC successfully connects
I've made a patch to do just that! I made it ontop of main, so I've also
had to upgrade headscale to allow use of this patch.
I had some troubles with nilla, which can't properly interpret the
headscale flake (missing rev/shortRev attributes) - therefore I've taken
the nix package definition from the headscale repo and updated it to use
the patch and the correct source manually
Refs: juanfont/headscale#1873
Officially switching over to builtin niri+xwayland satellite integration!
Yay! The update that brought the integration caused issues when launching
X applications due to ordering conflicts since Niri now sets `DISPLAY=:0`
This fixes a regression from tqywkonpmxyulxkyuyusqntrwomtkkxu
(9d7dfaabeb1b2cf9ddb4219a064e75b270b7926a). I accidentally put the
WantedBy in the Unit section rather than the Install section. This left
the unit starting on graphical-session.target rather than niri.service,
which prevented it starting due to the ordering loop...
...oops
Coded added a stopgap solution for walker starting before elephant. We
were still getting pretty bad startup performance, though, so I looked
into it.
It turned out a variety of things were needed to start walker faster:
- Moving to a systemd service was helpful, but only once walker had
started once, otherwise the socket would never connect and walker
wouldn't open at all
- Disabling file indexing by default was necessary for systems with lots
of files in home (for example LibreOffice clones). If you want to add
file indexing back for yourself, I recommend you figure out where your
large files are and use '.ignore' files (.gitignore syntax) to ignore
them
- Elephant needed to be started properly - after niri so WAYLAND_DISPLAY
was set but not in the ordering cycle on graphical-session.target. I
used the same settings as we have for ssh-agent, say
Because of all of this, I also factored walker out into its own file.
This additionally marks
- The first keybind moved outside of the niri.nix file
- The first keybind to be created with Mod rather than ${mod} (= Super)
While it's a bit of a shame to not have all the keybindings in the same
place, I think it's worth it...
Recent updates to Walker (1.0.0) have broken the application. Walker now
uses elephant as a backend service for finding apps, clipboards, and
other things you may want to search but it does not start that service on
startup, we have to do this manually.
As we're pulling ingredients from homes, it seems like a good time to
also take the *usernames* from our homes as ingredient names. We mostly
all have ingredients named after ourselves (e.g. for keymap, etc.) but
these are trivially inferrable...
...unlike the ingredients themselves, these aren't system-specific so
may-as-well go as strings in the ingredients list
We often have homes that have ingredients which need system components.
Examples are gaming (which needs steam to be installed globally),
nightshift (which needs geoclue2 to be installed globally), niri (which
needs some substitutors, xdg stuff, etc.). It's annoying to keep track
of these ourselves: far better to have any same-named ingredients be
added to attached systems when they are added to homes.
It's worth doing this in a module rather than pulling the ingredients
in to our ingredients list as otherwise we won't get ingredients enabled
as dependencies/etc.
I continually end up installing this one to mess with my laptop
brightness... probably worth just installing it in a misc.nix. I don't
want to use homes/minion/misc.nix since as I don't *use* it on emden, so
best to just give redhead a misc of its own...
I often use computers fairly late - it's nice to have my display turn a
little less blue at night. Here's an ingredient to do that!
I considered having this as some sort of 'nightshift+niri', since as I
am using gammastep which is wayland only, but then I realized that all
supported desktop systems use wayland so it doesn't really matter. If
someone uses an X system later they may want to factor this out...
The fact that nightshift relies on system geoclue2 is yet another nail
in the "we should be determining system ingredients from your homes"
coffin...
Josh is a git proxy for working with monorepos - it lets you filter out
large portions of your repository so you can clone just the project you
are working on
We'd like to try using a monorepo (patisserie) when we move to tangled,
and as part of that we'd like to use Josh with it... let's add it!
I typoed this command - and unfortunately we can't easily test this
without pushing to main...
There's a race condition here where teal sometimes looks up midnight
when not connected to tailscale. If it does that, it resolves midnight
on the local network. That would be entirely fine if we weren't just
listening on Tailscale.
Further, that lookup can then get cached, bringing down the spindle even
when tailscale comes up
We trust the local network, let's just allow this route too...
When we push, josh sometimes seems to pull before it pushes. That causes
our SSH key to be used twice, triggering a double pin entry/etc. with a
security key. That's mildly annoying...
Luckily, we should always be able to pull over http, so we can just use
that for all pulls whether we're nominally using SSH or not!
I've attempted to use colors that are fairly close to the original
colors, and use the 8-bit shell colors where possible so these should
change nicely with different terminal themes...
I've not changed colors of anything that looked related to a specific
project (e.g. python logo colors) though I *did* change colors of some
projects that didn't seem to particularly identify with the color picked
(taskwarrior). I'm sure I've done something wrong. Oh well :shrugging: -
maybe we should slim down/split up this p10k file as much as possible...
we don't use most of the things here anyway...
I've not tested this on any theme except latte... perhaps
at://thecoded.prof could take a look at how this looks on dark themes?
It'd be nice to use nix output monitor for builds - there's a project
which automatically uses nix output monitor when nix is called (even
supporting nix-direnv/nixos-rebuild)... this looks probably good for us
to use.
There is [one issue](https://github.com/ners/nix-monitored/issues/3)
of some importance on the nix-monitored tracker which suggests that
nix-monitored incorrectly transforms some 'nix run' invocations...
fortunately, we don't use flakes so this shouldn't be a huge issue
If it is, using
NIX_MONITOR=disable
will temporarily disable nix monitor, allowing you to run whatever you
needed without issue while using nom for everything else
So, we've done some things here...
- We're no longer evaluating homes - which was basically a double-eval
anyway until we get MacOS/etc. up
- We're splitting system evals apart from each other, which will take
longer over all but reduces the peak memory usage from >10GB to ~3GB
- >10GB was unsustainable for midnight ... we were constantly OOMing
when we accidentally triggered CI twice
- ~3GB is very sustainable for midnight :)
I've installed zsh, including
- zsh4humans
- powerlevel10k
This is because
- I'm interested installing atuin, and we've had some problems using it
with bash
- I'm interested in adding jujutsu information to my prompt, and zsh
will let me do this much more easily than bash
This isn't an ingredient of its own yet because it doesn't integrate
nicely with, say, catppuccin (or really anything that isn't itself) but
it's a start...
Timestamps currently display only the time, which is... fine, but can
be somewhat annoying to see how long ago something actually was. It's
possible to use timestamp.ago() to show how long ago a thing was as
well. Let's add it to our default timestamp formatter so we can see that
everywhere jujutsu shows us timestamps
- As we've adopted josh, I've needed to type :work (the start of
:workspace) a lot more than I was expecting
- Coded often co-authors stuff with me and I'd like to type his credits
easily
- Speaking of which, I only made ways to add my own co-author credit
but didn't make an easy way to type a blank trailer to credit someone
else...
- And finally, coded also uses the same companies email scheme, and I
occasionally need to type his emails for administrative reasons...
When we start up headscale, it tries to connect to OIDC. If our OIDC
server is down, there were previously two options:
- We can fail to start the server altogether
- We can fallback to CLI auth and lose the ability to use OIDC until
headscale is restarted
Neither of these are what I want: I want us to start up anyway but not
allow registration until OIDC successfully connects
I've made a patch to do just that! I made it ontop of main, so I've also
had to upgrade headscale to allow use of this patch.
I had some troubles with nilla, which can't properly interpret the
headscale flake (missing rev/shortRev attributes) - therefore I've taken
the nix package definition from the headscale repo and updated it to use
the patch and the correct source manually
Refs: juanfont/headscale#1873
This fixes a regression from tqywkonpmxyulxkyuyusqntrwomtkkxu
(9d7dfaabeb1b2cf9ddb4219a064e75b270b7926a). I accidentally put the
WantedBy in the Unit section rather than the Install section. This left
the unit starting on graphical-session.target rather than niri.service,
which prevented it starting due to the ordering loop...
...oops
Coded added a stopgap solution for walker starting before elephant. We
were still getting pretty bad startup performance, though, so I looked
into it.
It turned out a variety of things were needed to start walker faster:
- Moving to a systemd service was helpful, but only once walker had
started once, otherwise the socket would never connect and walker
wouldn't open at all
- Disabling file indexing by default was necessary for systems with lots
of files in home (for example LibreOffice clones). If you want to add
file indexing back for yourself, I recommend you figure out where your
large files are and use '.ignore' files (.gitignore syntax) to ignore
them
- Elephant needed to be started properly - after niri so WAYLAND_DISPLAY
was set but not in the ordering cycle on graphical-session.target. I
used the same settings as we have for ssh-agent, say
Because of all of this, I also factored walker out into its own file.
This additionally marks
- The first keybind moved outside of the niri.nix file
- The first keybind to be created with Mod rather than ${mod} (= Super)
While it's a bit of a shame to not have all the keybindings in the same
place, I think it's worth it...
As we're pulling ingredients from homes, it seems like a good time to
also take the *usernames* from our homes as ingredient names. We mostly
all have ingredients named after ourselves (e.g. for keymap, etc.) but
these are trivially inferrable...
...unlike the ingredients themselves, these aren't system-specific so
may-as-well go as strings in the ingredients list
We often have homes that have ingredients which need system components.
Examples are gaming (which needs steam to be installed globally),
nightshift (which needs geoclue2 to be installed globally), niri (which
needs some substitutors, xdg stuff, etc.). It's annoying to keep track
of these ourselves: far better to have any same-named ingredients be
added to attached systems when they are added to homes.
It's worth doing this in a module rather than pulling the ingredients
in to our ingredients list as otherwise we won't get ingredients enabled
as dependencies/etc.
I often use computers fairly late - it's nice to have my display turn a
little less blue at night. Here's an ingredient to do that!
I considered having this as some sort of 'nightshift+niri', since as I
am using gammastep which is wayland only, but then I realized that all
supported desktop systems use wayland so it doesn't really matter. If
someone uses an X system later they may want to factor this out...
The fact that nightshift relies on system geoclue2 is yet another nail
in the "we should be determining system ingredients from your homes"
coffin...