m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

+basic hermes config

Browse Source
This commit is contained in:
m3tm3re
2026-04-06 18:44:07 +02:00
parent d9d4b6cd85
commit 38c27eff1c
28 changed files with 526 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.beads/.gitignore vendored
View File

@@ -1,39 +0,0 @@
# SQLite databases
*.db
*.db?*
*.db-journal
*.db-wal
*.db-shm
# Daemon runtime files
daemon.lock
daemon.log
daemon.pid
bd.sock
sync-state.json
last-touched
# Local version tracking (prevents upgrade notification spam after git ops)
.local_version
# Legacy database files
db.sqlite
bd.db
# Worktree redirect file (contains relative path to main repo's .beads/)
# Must not be committed as paths would be wrong in other clones
redirect
# Merge artifacts (temporary files from 3-way merge)
beads.base.jsonl
beads.base.meta.json
beads.left.jsonl
beads.left.meta.json
beads.right.jsonl
beads.right.meta.json
# NOTE: Do NOT add negation patterns (e.g., !issues.jsonl) here.
# They would override fork protection in .git/info/exclude, allowing
# contributors to accidentally commit upstream issue databases.
# The JSONL files (issues.jsonl, interactions.jsonl) and config files
# are tracked by git by default since no pattern above ignores them.

0
.beads/.sync.lock
View File

81
.beads/README.md
View File

@@ -1,81 +0,0 @@
# Beads - AI-Native Issue Tracking
Welcome to Beads! This repository uses **Beads** for issue tracking - a modern, AI-native tool designed to live directly in your codebase alongside your code.
## What is Beads?
Beads is issue tracking that lives in your repo, making it perfect for AI coding agents and developers who want their issues close to their code. No web UI required - everything works through the CLI and integrates seamlessly with git.
**Learn more:** [github.com/steveyegge/beads](https://github.com/steveyegge/beads)
## Quick Start
### Essential Commands
```bash
# Create new issues
bd create "Add user authentication"
# View all issues
bd list
# View issue details
bd show <issue-id>
# Update issue status
bd update <issue-id> --status in_progress
bd update <issue-id> --status done
# Sync with git remote
bd sync
```
### Working with Issues
Issues in Beads are:
- **Git-native**: Stored in `.beads/issues.jsonl` and synced like code
- **AI-friendly**: CLI-first design works perfectly with AI coding agents
- **Branch-aware**: Issues can follow your branch workflow
- **Always in sync**: Auto-syncs with your commits
## Why Beads?
**AI-Native Design**
- Built specifically for AI-assisted development workflows
- CLI-first interface works seamlessly with AI coding agents
- No context switching to web UIs
🚀 **Developer Focused**
- Issues live in your repo, right next to your code
- Works offline, syncs when you push
- Fast, lightweight, and stays out of your way
🔧 **Git Integration**
- Automatic sync with git commits
- Branch-aware issue tracking
- Intelligent JSONL merge resolution
## Get Started with Beads
Try Beads in your own projects:
```bash
# Install Beads
curl -sSL https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh | bash
# Initialize in your repo
bd init
# Create your first issue
bd create "Try out Beads"
```
## Learn More
- **Documentation**: [github.com/steveyegge/beads/docs](https://github.com/steveyegge/beads/tree/main/docs)
- **Quick Start Guide**: Run `bd quickstart`
- **Examples**: [github.com/steveyegge/beads/examples](https://github.com/steveyegge/beads/tree/main/examples)
---
*Beads: Issue tracking that moves at the speed of thought*

0
.beads/interactions.jsonl
View File

2
.beads/issues.jsonl
View File

@@ -1,2 +0,0 @@
{"id":"nixos-config-gx2","title":"form","status":"tombstone","priority":2,"issue_type":"task","created_at":"2026-01-11T11:49:21.688289476+01:00","created_by":"m3tam3re","updated_at":"2026-01-11T11:51:36.426124223+01:00","deleted_at":"2026-01-11T11:51:36.426124223+01:00","deleted_by":"daemon","delete_reason":"delete","original_type":"task"}
{"id":"nixos-config-n4l","title":"Create Gitea action for nix-update package updates","description":"Create a Gitea action to automatically update packages in this nixos-config repository using nix-update.\n\n**Context:**\n- Gitea instance is already running on m3-atlas at code.m3ta.dev (configured in hosts/m3-atlas/services/gitea.nix)\n- The repository is self-hosted on this Gitea instance\n- nix-update is already referenced in home/features/cli/default.nix\n- Currently no Gitea workflows exist (.gitea/ directory does not exist)\n\n**Goal:**\nAutomate package updates by creating a Gitea Actions workflow that:\n1. Runs nix-update periodically (e.g., weekly or on schedule)\n2. Updates package definitions in pkgs/ directory\n3. Creates pull requests with the updates\n4. Uses appropriate secrets/credentials for the Gitea instance\n\n**Requirements:**\n- Create .gitea/workflows/ directory structure\n- Define workflow file with nix-update command\n- Configure triggers (schedule, manual, or on repository events)\n- Set up proper permissions and secrets\n- Test the workflow execution\n\n**Current Repository State:**\n- pkgs/default.nix exists but is minimal (currently just a comment)\n- Multiple nixpkgs inputs are used (unstable, 25.11, locked, master)\n- Custom m3ta-nixpkgs overlay at code.m3ta.dev/m3tam3re/nixpkgs\n- Uses agenix for secrets management\n\n**Related Files:**\n- hosts/m3-atlas/services/gitea.nix (existing Gitea configuration)\n- hosts/common/ports.nix (port management)\n- home/features/cli/default.nix (nix-update reference)\n\n**Acceptance Criteria:**\n- [ ] Create .gitea/workflows directory\n- [ ] Implement nix-update workflow YAML\n- [ ] Configure appropriate triggers\n- [ ] Test workflow on the repository\n- [ ] Document setup and configuration","status":"closed","priority":2,"issue_type":"feature","owner":"p@m3ta.dev","created_at":"2026-01-13T20:39:49.838916335+01:00","created_by":"m3tm3re","updated_at":"2026-01-13T20:51:43.833041989+01:00","closed_at":"2026-01-13T20:51:43.833041989+01:00","close_reason":"Closed"}

4
.beads/metadata.json
View File

@@ -1,4 +0,0 @@
{
"database": "beads.db",
"jsonl_export": "issues.jsonl"
}

2
.beads/sync_base.jsonl
View File

@@ -1,2 +0,0 @@
{"id":"nixos-config-gx2","title":"form","status":"tombstone","priority":2,"issue_type":"task","created_at":"2026-01-11T11:49:21.688289476+01:00","created_by":"m3tam3re","updated_at":"2026-01-11T11:51:36.426124223+01:00","deleted_at":"2026-01-11T11:51:36.426124223+01:00","deleted_by":"daemon","delete_reason":"delete","original_type":"task"}
{"id":"nixos-config-n4l","title":"Create Gitea action for nix-update package updates","description":"Create a Gitea action to automatically update packages in this nixos-config repository using nix-update.\n\n**Context:**\n- Gitea instance is already running on m3-atlas at code.m3ta.dev (configured in hosts/m3-atlas/services/gitea.nix)\n- The repository is self-hosted on this Gitea instance\n- nix-update is already referenced in home/features/cli/default.nix\n- Currently no Gitea workflows exist (.gitea/ directory does not exist)\n\n**Goal:**\nAutomate package updates by creating a Gitea Actions workflow that:\n1. Runs nix-update periodically (e.g., weekly or on schedule)\n2. Updates package definitions in pkgs/ directory\n3. Creates pull requests with the updates\n4. Uses appropriate secrets/credentials for the Gitea instance\n\n**Requirements:**\n- Create .gitea/workflows/ directory structure\n- Define workflow file with nix-update command\n- Configure triggers (schedule, manual, or on repository events)\n- Set up proper permissions and secrets\n- Test the workflow execution\n\n**Current Repository State:**\n- pkgs/default.nix exists but is minimal (currently just a comment)\n- Multiple nixpkgs inputs are used (unstable, 25.11, locked, master)\n- Custom m3ta-nixpkgs overlay at code.m3ta.dev/m3tam3re/nixpkgs\n- Uses agenix for secrets management\n\n**Related Files:**\n- hosts/m3-atlas/services/gitea.nix (existing Gitea configuration)\n- hosts/common/ports.nix (port management)\n- home/features/cli/default.nix (nix-update reference)\n\n**Acceptance Criteria:**\n- [ ] Create .gitea/workflows directory\n- [ ] Implement nix-update workflow YAML\n- [ ] Configure appropriate triggers\n- [ ] Test workflow on the repository\n- [ ] Document setup and configuration","status":"closed","priority":2,"issue_type":"feature","owner":"p@m3ta.dev","created_at":"2026-01-13T20:39:49.838916335+01:00","created_by":"m3tm3re","updated_at":"2026-01-13T20:51:43.833041989+01:00","closed_at":"2026-01-13T20:51:43.833041989+01:00","close_reason":"Closed"}

249
flake.lock generated
View File

@@ -176,6 +176,27 @@
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"hermes-agent",
"nixpkgs"
]
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"llm-agents",
@@ -196,7 +217,7 @@
"type": "github"
}
},
"flake-parts_2": {
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"nur",
@@ -235,6 +256,28 @@
"type": "github"
}
},
"hermes-agent": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_3",
"pyproject-build-systems": "pyproject-build-systems",
"pyproject-nix": "pyproject-nix_2",
"uv2nix": "uv2nix_2"
},
"locked": {
"lastModified": 1775454213,
"narHash": "sha256-jNv7ux+zH8PDFMlFh2yTBJyzx7GvPkwYPBPcKzn+rhg=",
"owner": "NousResearch",
"repo": "hermes-agent",
"rev": "9ca954a274171c648397fd9e747301edc5b66b03",
"type": "github"
},
"original": {
"owner": "NousResearch",
"repo": "hermes-agent",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -323,7 +366,7 @@
"inputs": {
"flake-utils": "flake-utils",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1774257081,
@@ -358,17 +401,17 @@
"inputs": {
"blueprint": "blueprint",
"bun2nix": "bun2nix",
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_4",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_5",
"systems": "systems_3",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1775212861,
"narHash": "sha256-Sf1nWWEuGuhKPBO2U9ar+YLqkJFa7q06tAnPRUhTIMc=",
"lastModified": 1775446641,
"narHash": "sha256-xzRYQF3iTdnjLnRDqLcud6bsBBth7jHqWXcY2/I13bY=",
"owner": "numtide",
"repo": "llm-agents.nix",
"rev": "86f8dd41031b1aa013cbcb8c16ecfcc71c2c0ea5",
"rev": "cf24ebe96828b5c38fb0dbbbeed89f8d5397915f",
"type": "github"
},
"original": {
@@ -380,14 +423,14 @@
"m3ta-nixpkgs": {
"inputs": {
"basecamp": "basecamp",
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_6",
"nixpkgs-master": "nixpkgs-master",
"opencode": "opencode",
"openspec": "openspec"
},
"locked": {
"lastModified": 1775213101,
"narHash": "sha256-4Yis838PgXUI3H9eTsOCdWLCmhQC4tLhAmLRYFFj9MU=",
"lastModified": 1775355384,
"narHash": "sha256-3XPJvNUjd5JXshjogwUy8T/N5ylHUd7tDBSxcAkEAcY=",
"path": "/home/m3tam3re/p/NIX/nixpkgs",
"type": "path"
},
@@ -433,7 +476,7 @@
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_6"
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1769813415,
@@ -593,6 +636,22 @@
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1751274312,
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1750776420,
"narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=",
@@ -608,13 +667,13 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_5": {
"locked": {
"lastModified": 1775095191,
"narHash": "sha256-CsqRiYbgQyv01LS0NlC7shwzhDhjNDQSrhBX8VuD3nM=",
"lastModified": 1775126147,
"narHash": "sha256-J0dZU4atgcfo4QvM9D92uQ0Oe1eLTxBVXjJzdEMQpD0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "106eb93cbb9d4e4726bf6bc367a3114f7ed6b32f",
"rev": "8d8c1fa5b412c223ffa47410867813290cdedfef",
"type": "github"
},
"original": {
@@ -624,7 +683,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_6": {
"locked": {
"lastModified": 1774709303,
"narHash": "sha256-D3Q07BbIA2KnTcSXIqqu9P586uWxN74zNoCH3h2ESHg=",
@@ -640,7 +699,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_7": {
"locked": {
"lastModified": 1736657626,
"narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=",
@@ -656,7 +715,7 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_8": {
"locked": {
"lastModified": 1774386573,
"narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=",
@@ -672,7 +731,7 @@
"type": "github"
}
},
"nixpkgs_8": {
"nixpkgs_9": {
"locked": {
"lastModified": 1710272261,
"narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=",
@@ -690,7 +749,7 @@
},
"nur": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
]
@@ -717,16 +776,16 @@
]
},
"locked": {
"lastModified": 1774807340,
"narHash": "sha256-OV76SWqiBguUupfbkJMBVrslJoTqSh4epNjEp/HE/cY=",
"lastModified": 1774996501,
"narHash": "sha256-1sEkQDdV/qU4/N9oHR4mptllcRWt503k6HZ8Yp4EooE=",
"owner": "anomalyco",
"repo": "opencode",
"rev": "e7f94f9b9a3bd8742330e4a7ba8573ac21042c01",
"rev": "892bdebaacbed3fc76976431c7aa7b81ab639fb6",
"type": "github"
},
"original": {
"owner": "anomalyco",
"ref": "v1.3.6",
"ref": "v1.3.12",
"repo": "opencode",
"type": "github"
}
@@ -752,18 +811,107 @@
"type": "github"
}
},
"pyproject-build-systems": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"nixpkgs"
],
"pyproject-nix": "pyproject-nix",
"uv2nix": "uv2nix"
},
"locked": {
"lastModified": 1772555609,
"narHash": "sha256-3BA3HnUvJSbHJAlJj6XSy0Jmu7RyP2gyB/0fL7XuEDo=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "c37f66a953535c394244888598947679af231863",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"type": "github"
}
},
"pyproject-nix": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"pyproject-build-systems",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769936401,
"narHash": "sha256-kwCOegKLZJM9v/e/7cqwg1p/YjjTAukKPqmxKnAZRgA=",
"owner": "nix-community",
"repo": "pyproject.nix",
"rev": "b0d513eeeebed6d45b4f2e874f9afba2021f7812",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "pyproject.nix",
"type": "github"
}
},
"pyproject-nix_2": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"nixpkgs"
]
},
"locked": {
"lastModified": 1772865871,
"narHash": "sha256-/ZTSg97aouL0SlPHaokA4r3iuH9QzHVuWPACD2CUCFY=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "e537db02e72d553cea470976b9733581bcf5b3ed",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"pyproject-nix_3": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"uv2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1771518446,
"narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"agents": "agents",
"disko": "disko",
"hermes-agent": "hermes-agent",
"home-manager": "home-manager_2",
"hyprpanel": "hyprpanel",
"llm-agents": "llm-agents",
"m3ta-nixpkgs": "m3ta-nixpkgs",
"nix-colors": "nix-colors",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_8",
"nixpkgs-45570c2": "nixpkgs-45570c2",
"nixpkgs-9e58ed7": "nixpkgs-9e58ed7",
"nixpkgs-locked": "nixpkgs-locked",
@@ -780,7 +928,7 @@
"rose-pine-hyprcursor": {
"inputs": {
"hyprlang": "hyprlang",
"nixpkgs": "nixpkgs_8",
"nixpkgs": "nixpkgs_9",
"utils": "utils"
},
"locked": {
@@ -974,6 +1122,55 @@
"repo": "flake-utils",
"type": "github"
}
},
"uv2nix": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"pyproject-build-systems",
"nixpkgs"
],
"pyproject-nix": [
"hermes-agent",
"pyproject-build-systems",
"pyproject-nix"
]
},
"locked": {
"lastModified": 1770770348,
"narHash": "sha256-A2GzkmzdYvdgmMEu5yxW+xhossP+txrYb7RuzRaqhlg=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "5d1b2cb4fe3158043fbafbbe2e46238abbc954b0",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "uv2nix",
"type": "github"
}
},
"uv2nix_2": {
"inputs": {
"nixpkgs": [
"hermes-agent",
"nixpkgs"
],
"pyproject-nix": "pyproject-nix_3"
},
"locked": {
"lastModified": 1773039484,
"narHash": "sha256-+boo33KYkJDw9KItpeEXXv8+65f7hHv/earxpcyzQ0I=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "b68be7cfeacbed9a3fa38a2b5adc0cfb81d9bb1f",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "uv2nix",
"type": "github"
}
}
},
"root": "root",

6
flake.nix
View File

@@ -65,6 +65,7 @@
url = "github:vercel-labs/skills";
flake = false;
};
hermes-agent.url = "github:NousResearch/hermes-agent";
};
outputs = {
@@ -86,10 +87,12 @@
"x86_64-darwin"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
allOverlays = import ./overlays {inherit inputs outputs;};
in {
packages =
forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
overlays = import ./overlays {inherit inputs outputs;};
overlays = builtins.removeAttrs allOverlays ["mkLlmAgentsOverlay"];
lib.mkLlmAgentsOverlay = allOverlays.mkLlmAgentsOverlay;
homeManagerModules = import ./modules/home-manager;
nixosConfigurations = {
@@ -128,6 +131,7 @@
agenix.nixosModules.default
nur.modules.nixos.default
m3ta-nixpkgs.nixosModules.default
inputs.hermes-agent.nixosModules.default
];
};
m3-helios = nixpkgs.lib.nixosSystem {

2
home/common/default.nix
View File

@@ -25,7 +25,7 @@
inputs.nur.overlays.default
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
(outputs.overlays.mkLlmAgentsOverlay system)
(outputs.lib.mkLlmAgentsOverlay system)
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default

10
home/features/cli/default.nix
View File

@@ -14,16 +14,6 @@
./television.nix
./zellij.nix
];
cli.stt-ptt = {
enable = true;
whisperPackage =
if videoDrivers == ["nvidia"]
then pkgs.whisper-cpp.override {cudaSupport = true;}
else if videoDrivers == ["amdgpu"]
then pkgs.whisper-cpp-vulkan
else pkgs.whisper-cpp;
model = "ggml-large-v3-turbo";
};
programs.carapace = {
enable = true;

10
home/features/coding/default.nix
View File

@@ -27,6 +27,13 @@
command = "sh";
args = ["-c" "exec bunx context-mode@latest"];
};
Honcho = {
command = "sh";
args = [
"-c"
''exec bunx mcp-remote@latest https://mcp.honcho.dev --header "Authorization:Bearer $(cat /run/agenix/honcho-key)" --header "X-Honcho-User-Name:m3tam3re"''
];
};
};
};
@@ -37,6 +44,7 @@
bun
devpod
#devpod-desktop
claude-code
code2prompt
gnumake
cmake
@@ -58,8 +66,8 @@
vulkanSupport = videoDrivers == ["amdgpu"];
cudaSupport = videoDrivers == ["nvidia"];
})
openshell
openspec
openwork
alejandra
sidecar
tailwindcss

4
home/features/desktop/default.nix
View File

@@ -113,6 +113,8 @@
# brightnessctl
# clipman
distrobox
eigent
element-desktop
launch-webapp
# eww
# firefox-devedition
@@ -127,7 +129,7 @@
ksnip
msty-studio
nwg-look
openwork
# opencode-desktop
# pamixer
# pavucontrol
# libsForQt5.qtstyleplugins

2
home/features/desktop/hyprland.nix
View File

@@ -21,6 +21,7 @@ in {
"while ! hyprpaper-random; do sleep 0.5; done"
"wl-paste --type text --watch cliphist store" # Stores only text data
"wl-paste --type image --watch cliphist store" # Stores only image data "wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\""
"vibetyper"
];
env = [
@@ -31,6 +32,7 @@ in {
"XDG_CURRENT_DESKTOP,Hyprland"
"XDG_SESSION_TYPE,wayland"
"XDG_SESSION_DESKTOP,Hyprland"
"XKB_DEFAULT_LAYOUT,de"
"NIXOS_OZONE_WL,1"
];

1
home/m3tam3re/home.nix
View File

@@ -74,6 +74,7 @@
# /etc/profiles/per-user/m3tam3re/etc/profile.d/hm-session-vars.sh
#
home.sessionVariables = {
# EDITOR = "emacs";
};
# Let Home Manager install and manage itself.

2
hosts/common/default.nix
View File

@@ -38,7 +38,7 @@
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
(outputs.overlays.mkLlmAgentsOverlay system)
(outputs.lib.mkLlmAgentsOverlay system)
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default

1
hosts/common/ports.nix
View File

@@ -38,6 +38,7 @@
kestra = 3018;
outline = 3019;
authentik = 3023;
conduit = 3024;
# Home automation
homarr = 7575;

3
hosts/m3-ares/services/udev.nix
View File

@@ -2,7 +2,8 @@
services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666"
SUBSYSTEM=="leds", KERNEL=="rgb:kbd_backlight*", ACTION=="add", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/multi_intensity"
'';
KERNEL=="uinput", MODE="0660", GROUP="input", OPTIONS+="static_node=uinput"
KERNEL=="event*", SUBSYSTEM=="input", MODE="0660", GROUP="input" '';
environment.systemPackages = with pkgs; [
zsa-udev-rules
];

1
hosts/m3-atlas/secrets.nix
View File

@@ -65,6 +65,7 @@
owner = "m3tam3re";
};
authentik-env = {file = ../../secrets/authentik-env.age;};
conduit-env = {file = ../../secrets/conduit-env.age;};
};
};
}

48
hosts/m3-atlas/services/conduit.nix Normal file
View File

@@ -0,0 +1,48 @@
{config, ...}: {
services.matrix-conduit = {
enable = true;
settings.global = {
server_name = "m3ta.dev";
address = "127.0.0.1";
port = config.m3ta.ports.get "conduit";
max_request_size = 20000000;
allow_registration = false;
allow_encryption = true;
allow_federation = true;
trusted_servers = ["matrix.org"];
database_backend = "rocksdb";
};
secretFile = config.age.secrets.conduit-env.path;
};
# Traefik configuration for Conduit
services.traefik.dynamicConfigOptions.http = {
services.conduit.loadBalancer.servers = [
{
url = "http://localhost:${toString (config.m3ta.ports.get "conduit")}/";
}
];
routers.conduit = {
rule = "Host(`matrix.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "conduit";
entrypoints = "websecure";
};
# Federation endpoint on base domain
routers.conduit-federation = {
rule = "Host(`m3ta.dev`) && PathPrefix(`/_matrix`)";
tls = {
certResolver = "godaddy";
};
service = "conduit";
entrypoints = "websecure";
};
};
# Open federation port
networking.firewall.allowedTCPPorts = [8448];
}

2
hosts/m3-atlas/services/default.nix
View File

@@ -1,8 +1,10 @@
{
imports = [
./conduit.nix
./containers
./gitea.nix
./gitea-actions-runner.nix
./hermes-agent.nix
./minio.nix
./mysql.nix
./netbird.nix

191
hosts/m3-atlas/services/hermes-agent.nix Normal file
View File

@@ -0,0 +1,191 @@
{config, ...}: let
# Default ElevenLabs voice: Bella (German-capable female)
elevenlabsVoiceId = "hpp4J3VqNfWAUOO0d1Us";
in {
services.hermes-agent = {
enable = true;
addToSystemPackages = true;
# Secrets via agenix
environmentFiles = [config.age.secrets."hermes-env".path];
# Non-secret environment variables
environment = {
#
};
# ── Container mode (podman) ──────────────────────────────────────────
container = {
enable = true;
backend = "podman";
};
settings = {
# ── Model ──────────────────────────────────────────────────────────
model = {
default = "glm-5.1";
provider = "zai";
base_url = "https://api.z.ai/api/coding/paas/v4/";
};
credential_pool_strategies = {
zai = "fill_first";
};
toolsets = ["all"];
# ── Agent ──────────────────────────────────────────────────────────
agent = {
max_turns = 90;
gateway_timeout = 1800;
tool_use_enforcement = "auto";
};
# ── Terminal ───────────────────────────────────────────────────────
terminal = {
backend = "local";
modal_mode = "auto";
cwd = ".";
timeout = 180;
persistent_shell = true;
};
# ── Browser ────────────────────────────────────────────────────────
browser = {
inactivity_timeout = 120;
command_timeout = 30;
cloud_provider = "local";
};
# ── Checkpoints / Compression ──────────────────────────────────────
checkpoints = {
enabled = true;
max_snapshots = 50;
};
file_read_max_chars = 100000;
compression = {
enabled = true;
threshold = 0.5;
target_ratio = 0.2;
protect_last_n = 20;
};
# ── Display ────────────────────────────────────────────────────────
display = {
compact = false;
personality = "kawaii";
resume_display = "full";
busy_input_mode = "interrupt";
inline_diffs = true;
skin = "default";
tool_progress = "all";
};
# ── TTS / STT / Voice ──────────────────────────────────────────────
tts = {
provider = "elevenlabs";
elevenlabs = {
voice_id = elevenlabsVoiceId;
model_id = "eleven_multilingual_v2";
};
};
stt = {
enabled = true;
provider = "local";
local = {model = "base";};
};
voice = {
record_key = "ctrl+b";
max_recording_seconds = 120;
silence_threshold = 200;
silence_duration = 3.0;
};
# ── Memory ─────────────────────────────────────────────────────────
memory = {
memory_enabled = true;
user_profile_enabled = true;
memory_char_limit = 2200;
user_char_limit = 1375;
};
# ── Delegation ─────────────────────────────────────────────────────
delegation = {
max_iterations = 50;
};
# ── Discord ────────────────────────────────────────────────────────
discord = {
require_mention = true;
auto_thread = true;
reactions = true;
};
# ── Approvals / Security ───────────────────────────────────────────
approvals = {
mode = "manual";
timeout = 60;
};
security = {
redact_secrets = true;
tirith_enabled = true;
tirith_fail_open = true;
};
# ── Cron / Session ─────────────────────────────────────────────────
cron = {wrap_response = true;};
session_reset = {
mode = "both";
idle_minutes = 1440;
at_hour = 4;
};
# ── Web ────────────────────────────────────────────────────────────
web = {backend = "exa";};
# ── Platform Toolsets ──────────────────────────────────────────────
platform_toolsets = {
cli = [
"browser"
"clarify"
"code_execution"
"cronjob"
"delegation"
"file"
"image_gen"
"memory"
"session_search"
"skills"
"terminal"
"todo"
"tts"
"vision"
"web"
];
telegram = [
"browser"
"clarify"
"code_execution"
"cronjob"
"delegation"
"file"
"image_gen"
"memory"
"session_search"
"skills"
"terminal"
"todo"
"tts"
"vision"
"web"
];
};
};
};
}

4
hosts/m3-kratos/secrets.nix
View File

@@ -46,6 +46,10 @@
file = ../../secrets/basecamp-client-secret.age;
owner = "m3tam3re";
};
hermes-env = {
file = ../../secrets/hermes-env.age;
owner = "m3tam3re";
};
};
};
}

3
hosts/m3-kratos/services/udev.nix
View File

@@ -1,7 +1,8 @@
{pkgs, ...}: {
services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666"
'';
KERNEL=="uinput", MODE="0660", GROUP="input", OPTIONS+="static_node=uinput"
KERNEL=="event*", SUBSYSTEM=="input", MODE="0660", GROUP="input" '';
environment.systemPackages = with pkgs; [
zsa-udev-rules
];

8
overlays/default.nix
View File

@@ -12,7 +12,7 @@
# brave = prev.brave.override {
# commandLineArgs = "--password-store=gnome-libsecret";
# };
# };
# hyprpanel = inputs.hyprpanel.packages.${prev.system}.default.overrideAttrs (prev: {
# version = "latest"; # or whatever version you want
@@ -60,9 +60,9 @@
};
};
# Flatten llm-agents packages into top-level pkgs namespace.
# Takes system as parameter to avoid infinite recursion — overlays
# can't safely access final/prev.system when spreading attributes.
# Factory: not a proper overlay itself — takes system to avoid the infinite
# recursion that occurs when accessing final/prev.system while the fixed-point
# is still being computed. Exposed via outputs.lib, not outputs.overlays.
mkLlmAgentsOverlay = system: _final: _prev:
inputs.llm-agents.packages.${system} or {};
}

3
secrets.nix
View File

@@ -15,6 +15,7 @@ in {
"secrets/anytype-key.age".publicKeys = systems ++ users;
"secrets/anytype-key-ares.age".publicKeys = systems ++ users;
"secrets/authentik-env.age".publicKeys = systems ++ users;
"secrets/conduit-env.age".publicKeys = systems ++ users;
"secrets/baserow-env.age".publicKeys = systems ++ users;
"secrets/ghost-env.age".publicKeys = systems ++ users;
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
@@ -46,4 +47,6 @@ in {
"secrets/wg-NO.age".publicKeys = systems ++ users;
"secrets/wg-US.age".publicKeys = systems ++ users;
"secrets/wg-BR.age".publicKeys = systems ++ users;
"secrets/honcho-key.age".publicKeys = systems ++ users;
"secrets/hermes-env.age".publicKeys = systems ++ users;
}

23
secrets/conduit-env.age Normal file
View File

@@ -0,0 +1,23 @@
age-encryption.org/v1
-> ssh-ed25519 4NLKrw /UWZV80Rvp+855kQZK8nP3rxIpRrtUuSukJNfU/H8zY
nyaiOkqivEjvYC18rSufNihi4Pw6gCj/t3ZnLDugL9o
-> ssh-ed25519 5kwcsA GFRK3O5+kWqKofzvL3ZbUhcr9GOQtWl7vMJBf7rSdEs
cBryXigHXXjLg9v+ipvqSabPf1ePISSlYdRI/c9kJhI
-> ssh-ed25519 9d4YIQ VQQb1iDYPCNQPF7/c7yFl2QEwCmJuboO4M2u+0a8IlU
XlHkoPwGtmJ0NEFIpEuSH6+UMWBIFBBTgMZ4vWFiPSM
-> ssh-ed25519 3Bcr1w Lo3jvXVb5Exy4gcyjaBHwxeKUV+zh8dAkyEL2/foijA
rPbbibC8tXps6gBw5W9LwSEf7/RSoCgtu87cWIr2kjw
-> ssh-rsa DQlE7w
tcpC86YXZrK9fX9/bvVrirrwJPMct8WNpY9VQRBgQmq7CZt1AyZcXE4jHeH9r/1K
oitC2wMXW39ebZsThZyK/jK3ZUZQFY/ZhUQr3TVdb4tTbHibEaujpqheQsFOGv4I
9nyN3vtnBpqAfjo2SIXop28m9yepWFthPRUWYSFR2heBQE9uaD+xC/kbRH1+Rcgv
i/mxEQ/k7+A4AiCoEum6oCReEPvT56HeksOceYezZg+NTzjIcuJH2xeMg6Bjnfx1
kJCOlKL50uaUiFca8mmElchvDSjPDrOvk4VI0RHGFkl7bfY+2E9srMn7in4beroe
l6vjlKCD9bPaAj5e3jr4D3ro1oub36fw5VoNoYPK8U/QBF3TG3FiDdouVaIaoYml
4iK57HUj/RpyvMaUI63rmcq5Yiy5yK6IgL3sYF9ptNdpo4ZYompOetrL4FcQ7EY9
qXuXZTmJcoXMmPFXapI2zMzYfbLtJHTASVVat27U/Ojuf0WfOJm9PwWoeA/4Mx9C
-> ssh-ed25519 CSMyhg 4uAftUVdcF8S9K7jypmRHi/PtYm9ThJuvZg3qsdPVyM
8mNE6siFfEPAuUi/gYpqttwdobBDiLBqB6Z7XEvBxQE
--- 21YTrldwMWS13hp+WNLNkFwViGo8kcgxtAFkmOL4FRE
Úýr<Ðo^’ô(0wDO

BIN
secrets/hermes-env.age Normal file
View File

Binary file not shown.