m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
312 Commits 4 Branches 0 Tags
36b50e174f1f6a987f436b32e5c37aeb7d2f14b9
Commit Graph

166 Commits

Author SHA1 Message Date
m3ta-chiron 36b50e174f fix(m3-hermes): add --insecure flag to dashboard for 0.0.0.0 binding 
The dashboard refuses to bind to non-localhost without --insecure.
Safe here because firewall restricts port 9119 to Netbird mesh (100.64.0.0/16).
 2026-05-11 11:39:37 +02:00
m3tam3re e6f184f24a chore: hermes dashboard over netbird 2026-05-11 11:36:49 +02:00
m3ta-chiron 20bd28d567 feat(m3-hermes): add Hermes Dashboard as systemd service with Netbird-only firewall 
- New hermes-dashboard.service: runs 'hermes dashboard' on 0.0.0.0:9119
- Firewall restricts port 9119 to Netbird mesh VPN range (100.64.0.0/16)
- Runs as hermes user with NoNewPrivileges + ProtectSystem hardening
- Depends on hermes-agent.service (starts after gateway)
- Added placeholder hermes-api-server-key.age (needs real encryption on host)
 2026-05-11 11:19:21 +02:00
m3ta-chiron c6df5d3836 feat(m3-hermes): add Netbird mesh VPN + enable API server for Hermes Desktop 2026-05-10 11:46:21 +02:00
m3tam3re 1544764f37 chore: m3-atlas -coding 2026-05-09 10:46:47 +02:00
m3ta-chiron ee94ebf660 feat(m3-hermes): enable kanban board + update for v0.13.0 
- Add kanban config block with gateway-embedded dispatcher
  (dispatch_in_gateway=true, 60s interval)
- Update venvSitePackages path from python3.11 to python3.12
  (v0.13.0 upgraded Python runtime)
- Update checkpoints section comment for v2
 2026-05-09 10:29:22 +02:00
m3tam3re 6128d0ae61 chore: udate m3-atlas 2026-05-09 10:17:14 +02:00
m3tam3re 22f15abd34 chore: flake update 2026-05-09 09:58:33 +02:00
m3ta-chiron 5cbb975c78 feat: complete host home.nix files + add m3-daedalus, clean up m3tam3re.nix 
- hosts/m3-kratos/home.nix: XDG/MIME defaults + dual DP Hyprland monitors
- hosts/m3-ares/home.nix: XDG/MIME defaults + eDP+HDMI Hyprland monitors
- hosts/m3-daedalus/home.nix: XDG/MIME defaults (no Hyprland)
- hosts/common/users/m3tam3re.nix: refactored hostFlags into let binding,
  added m3-daedalus profile (desktop/coding+media, no gaming/Hyprland)
 2026-05-02 10:41:12 +02:00
m3ta-chiron f2ecd13780 fix: set home-manager.useGlobalPkgs=true for m3ta-nixpkgs overlays 2026-05-02 10:08:50 +02:00
m3ta-chiron ab1bdc9848 feat: integrate m3ta-home for centralized user profiles 2026-05-02 09:53:27 +02:00
m3ta-chiron 2403e54039 feat: enable orchestrator + switch TTS to Edge (Seraphina voice) 
- Enable delegation.orchestrator_enabled with max_spawn_depth=2
- Switch TTS from ElevenLabs (paid) to Edge TTS (free)
- Voice: de-DE-SeraphinaMultilingualNeural — friendly, multilingual German female
- No API key required
 2026-05-01 16:06:49 +02:00
m3ta-chiron a615ab61e8 fix: add uv to hermes-agent service PATH 
Add pkgs.uv to systemd.services.hermes-agent.path so that CronJobs
and terminal sessions can execute PEP 723 scripts via 'uv run'
(e.g. garmin-daily.py for Garmin Connect health data).

Also adds uv to environment.systemPackages for general availability.
 2026-04-29 16:18:41 +02:00
m3tm3re 936eb13794 feat: add global skills to hermes environment 2026-04-26 15:14:54 +02:00
m3tm3re 5b0e6cbd5d feat(hermes-agent): add copy-hermes-skills systemd service 2026-04-26 14:37:43 +02:00
m3tm3re 25ac47a422 feat(hermes-agent): add mkOpencodeSkills integration for skills provisioning 
- Add inputs parameter to module signature for flake input access
- Define hermesSkills via inputs.agents.lib.mkOpencodeSkills
- Includes customSkills from agents flake and external skills:
  - skills-basecamp (basecamp/basecamp-cli)
  - skills-anthropic (anthropics/skills)
  - skills-kestra (kestra-io/agent-skills)
- Verified with nixos-rebuild dry-run --flake .#m3-hermes (no errors)
 2026-04-26 14:35:06 +02:00
m3tm3re eb06533174 Merge feature/home-profile-restructuring: home-manager profile refactoring 
Refactor home-manager configuration structure:
- Reorganize from features/ to base/coding/desktop/server/profiles/
- Add language runtime modules (go, js, python, rust, typescript)
- Add LSP server configuration
- Add gaming and media profiles
- Add shell modules (fish, nushell, starship)
- Consolidate editor and git configuration
 2026-04-26 13:53:00 +02:00
m3tm3re d59a6b82b6 chore: remove features.old archive and format all files 
- Delete home/features.old/ (archived old flat feature modules)
- All content migrated to new profile-based structure
- Run alejandra formatter over 13 changed files
- nix flake check passes cleanly
 2026-04-26 11:29:49 +02:00
m3tm3re 06b430e067 fix: code review fixes 
- Fix hardcoded user path in webapps.nix (use homeDirectory)
- Normalize wallpapers option to use .enable suffix
- Remove duplicate FZF keybind declaration
- Update comments to match actual implementation
 2026-04-26 10:48:52 +02:00
m3tm3re 383f4ef56f feat: tuwunel matrix server + hermes update 2026-04-24 21:38:57 +02:00
m3tm3re 382b4c8c98 chore: hermes update 2026-04-21 19:00:49 +02:00
m3tm3re 7e0d60c95b feat: pi-agent wrapper 2026-04-14 18:36:55 +02:00
m3tm3re 4684c5dc3e chore: include local changes and bump home-manager state to 26.05 2026-04-13 19:23:49 +02:00
m3tam3re fa608ae399 Merge pull request 'fix(hermes): inject matrix-nio via PYTHONPATH in container' (#2) from fix/matrix-nio-pythonpath into master 
Reviewed-on: #2
 2026-04-13 17:00:10 +02:00
m3tm3re 7bf686481c feat: config with agents rework 2026-04-13 16:44:18 +02:00
Chiron Agent 3868f69958 fix(hermes): inject matrix-nio via PYTHONPATH in container 
matrix-nio is installed in the container's writable venv layer
(~/.venv) but the hermes process uses the read-only Nix store Python.
This adds PYTHONPATH and LD_LIBRARY_PATH as container-level env vars
so matrix-nio + libolm (e2e encryption) are importable.
 2026-04-11 05:17:51 +00:00
m3tm3re ab3332e45b feat: hermes agent for m3-ares 2026-04-09 19:56:19 +02:00
m3tm3re 6a58b3656a flake update + hermes workaround for upstream bug 2026-04-08 17:48:27 +02:00
sascha.koenig 6853bb3063 +m3-hermes 2026-04-07 06:19:05 +02:00
m3tm3re 38c27eff1c +basic hermes config 2026-04-06 18:44:07 +02:00
m3tm3re 43523cf2d8 +television, flake-update 2026-03-21 09:39:19 +01:00
m3tm3re 411c67d2c6 add mcps to home-config; +ghostty 2026-03-14 09:26:13 +01:00
m3tm3re 4ae2bb0f48 chore: flake update 2026-03-07 11:44:04 +01:00
m3tm3re e4195230a5 chore: fix netbird ssh 2026-03-02 19:24:28 +01:00
m3tm3re 674ce6957c feat: authentik 2026-02-28 10:06:42 +01:00
m3tm3re a9022a4f55 refactor(netbird): use port registry and named IP variables 2026-02-27 16:03:12 +01:00
m3tm3re fa9747f3e9 refactor(ports): add netbird port definitions 2026-02-27 16:03:08 +01:00
m3tm3re a12958b68f chore: flake update 2026-02-18 16:28:31 +01:00
m3tm3re 8ead26a791 update opencode config, secrets, tailscale, and agents input 
- opencode: remove deprecated google_auth, add git_master config,
  experimental truncation, use glm-4.6v for multimodal-looker,
  upgrade categories to glm-5, remove opencode-memory plugin
- m3-atlas: add ref/exa/outline/basecamp secret declarations
- m3-kratos: enable tailscale with ssh and reset flags
- agents: switch back to remote git input
 2026-02-17 08:54:13 +01:00
m3tm3re 87baf2377f +opencode-memory 2026-02-16 19:57:16 +01:00
m3tm3re 7b9caedaa4 headscale ssh acl 2026-02-16 18:59:34 +01:00
m3tm3re 105e573c53 Switch to local m3ta-nixpkgs and enable services 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-02-15 18:16:11 +01:00
m3tm3re eda9f2a1f9 Enable mem0 and qdrant services on m3-ares 
Ultraworked with [Sisyphus](https://github.com/code-yeongyu/oh-my-opencode)

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-02-15 18:15:37 +01:00
m3tm3re f80e907277 +td +sidecar 2026-02-10 20:08:32 +01:00
m3tm3re 2449532b30 chore: update dependencies, add basecamp secrets, improve desktop environment 
- Update opencode to v1.1.34
- Add new opencode agents (Prometheus, Metis, Momus, Atlas) and categories
- Switch m3ta-nixpkgs back to local path
- Add basecamp client credentials for m3-ares and m3-kratos
- Set NIXOS_OZONE_WL=1 for better Wayland app support in Hyprland
- Remove redundant wrl.enable from flatpak portal config
 2026-01-23 18:14:08 +01:00
m3tm3re 39d2b5a609 chore: optimize gitea runner 2026-01-21 17:59:58 +01:00
m3tm3re 3b2d19f8a6 fix: jq + curl to gitea action runner 2026-01-20 21:17:08 +01:00
m3tm3re 048244f122 fix(m3-ares): use stable tuxedo-drivers module to work around nixpkgs#480391 
The unstable tuxedo-drivers module has a type error where cfg.settings
(a set) is passed directly to lib.any which expects a list. This was
introduced in commit 15d9ec6 and fixed in a77e30e, but the fix hasn't
propagated to our nixpkgs input yet.

Workaround: disable the unstable module and import from nixpkgs-stable.
 2026-01-19 19:24:34 +01:00
m3tm3re 09e93ef6f0 flake update 2026-01-17 10:17:48 +01:00
m3tm3re dd59d2a56d fix: add nodejs to gitea runner hostPackages 
- Enables actions/checkout@v4 to work on self-hosted nixos runner
- Fixes: nixpkgs-5yn (Gitea Actions runner missing Node.js)
 2026-01-15 19:06:42 +01:00