jaspermayone.com / dots
@jaspermayone.com's dotfiles
fork atom
dots / hosts / dippet / default.nix
at main 165 lines 4.3 kB view raw
jaspermayone.com Fix duplicate homebrew.casks definition in dippet config
c1dd2f58
1# Dippet - Mac Mini (server + desktop) 2{ 3 config, 4 pkgs, 5 lib, 6 inputs, 7 hostname, 8 ... 9}: 10 11let 12 forks-sync = pkgs.writeShellScript "forks-sync" '' 13 set -euo pipefail 14 15 FORKS_DIR="/Users/jsp/forks" 16 ORG="jaspermayone-forks" 17 18 mkdir -p "$FORKS_DIR" 19 cd "$FORKS_DIR" 20 21 # Get list of repos from GitHub 22 repos=$(${pkgs.gh}/bin/gh repo list "$ORG" --limit 1000 --json name -q '.[].name') 23 24 for repo in $repos; do 25 if [ -d "$repo" ]; then 26 echo "Updating $repo..." 27 ${pkgs.git}/bin/git -C "$repo" pull --ff-only || true 28 else 29 echo "Cloning $repo..." 30 ${pkgs.git}/bin/git clone "https://github.com/$ORG/$repo.git" || true 31 sleep 1 32 fi 33 done 34 35 echo "Sync complete: $(date)" 36 ''; 37 38 spindle-run = pkgs.writeShellScript "spindle-run" '' 39 set -euo pipefail 40 41 export SPINDLE_SERVER_HOSTNAME="1.dippet.spindle.hogwarts.dev" 42 export SPINDLE_SERVER_OWNER="did:plc:abgthiqrd7tczkafjm4ennbo" 43 export SPINDLE_SERVER_LISTEN_ADDR="127.0.0.1:6556" 44 export SPINDLE_SERVER_DB_PATH="/Users/jsp/Library/Application Support/spindle/spindle.db" 45 export SPINDLE_PIPELINES_LOG_DIR="/Users/jsp/Library/Logs/spindle" 46 47 # Create necessary directories 48 mkdir -p "/Users/jsp/Library/Application Support/spindle" 49 mkdir -p "/Users/jsp/Library/Logs/spindle" 50 51 # Run spindle 52 exec ${inputs.tangled.packages.${pkgs.stdenv.hostPlatform.system}.spindle}/bin/spindle 53 ''; 54in 55{ 56 # Disable nix-darwin's Nix management (using Determinate Nix installer) 57 nix.enable = false; 58 59 # Auto-update from GitHub daily at 4am 60 launchd.daemons.nix-darwin-upgrade = { 61 script = '' 62 /run/current-system/sw/bin/darwin-rebuild switch --flake github:jaspermayone/dots#dippet 63 ''; 64 serviceConfig = { 65 StartCalendarInterval = [ 66 { 67 Hour = 4; 68 Minute = 0; 69 } 70 ]; 71 StandardOutPath = "/var/log/nix-darwin-upgrade.log"; 72 StandardErrorPath = "/var/log/nix-darwin-upgrade.log"; 73 }; 74 }; 75 76 # Sync forks from jaspermayone-forks org hourly 77 launchd.daemons.forks-sync = { 78 script = '' 79 ${forks-sync} 80 ''; 81 serviceConfig = { 82 StartInterval = 3600; # Every hour 83 StandardOutPath = "/Users/jsp/Library/Logs/forks-sync.log"; 84 StandardErrorPath = "/Users/jsp/Library/Logs/forks-sync.log"; 85 UserName = "jsp"; 86 GroupName = "staff"; 87 EnvironmentVariables = { 88 HOME = "/Users/jsp"; 89 PATH = "${pkgs.git}/bin:${pkgs.gh}/bin:/usr/bin:/bin"; 90 }; 91 }; 92 }; 93 94 # Tangled Spindle CI/CD runner 95 launchd.daemons.tangled-spindle = { 96 script = '' 97 ${spindle-run} 98 ''; 99 serviceConfig = { 100 KeepAlive = true; 101 RunAtLoad = true; 102 StandardOutPath = "/Users/jsp/Library/Logs/spindle.log"; 103 StandardErrorPath = "/Users/jsp/Library/Logs/spindle.log"; 104 UserName = "jsp"; 105 GroupName = "staff"; 106 EnvironmentVariables = { 107 HOME = "/Users/jsp"; 108 PATH = "${pkgs.docker}/bin:/usr/bin:/bin"; 109 }; 110 }; 111 }; 112 113 # Cloudflare tunnel for Spindle 114 # Add this route to your existing cloudflared tunnel config: 115 # - hostname: 1.dippet.spindle.hogwarts.dev 116 # service: http://localhost:6556 117 118 # Agenix identity path (use user SSH key on macOS) 119 age.identityPaths = [ "/Users/jsp/.ssh/id_ed25519" ]; 120 121 # Agenix secrets for bore client 122 age.secrets.bore-token = { 123 file = ../../secrets/bore-token.age; 124 path = "/Users/jsp/.config/bore/token"; 125 owner = "jsp"; 126 mode = "400"; 127 }; 128 129 # Atuin encryption key for auto-login 130 age.secrets.atuin-key = { 131 file = ../../secrets/atuin-key.age; 132 path = "/Users/jsp/.local/share/atuin/key"; 133 owner = "jsp"; 134 mode = "400"; 135 }; 136 137 138 # Server packages (dippet-specific) 139 homebrew.brews = [ 140 # Web/networking 141 "nginx" 142 "cloudflared" 143 "certbot" 144 "unbound" 145 146 # Libraries/tools currently installed 147 "augeas" 148 "poppler" 149 "python@3.14" 150 ]; 151 152 # Dippet-specific homebrew casks 153 homebrew.casks = [ 154 # Docker Desktop for macOS (required for Spindle) 155 "docker" 156 # Desktop apps are inherited from shared config (espanso, raycast, bitwarden) 157 ]; 158 159 # Any dippet-specific system defaults 160 # system.defaults = { }; 161 162 # Set the hostname 163 networking.hostName = "dippet"; 164 networking.computerName = "Dippet"; 165}