update README to add host

README.md

@@ -43,7 +43,7 @@ revert the changes on the next nightly rebuild (tends to happen when everybody i
 | [kommode][kom]             | Virtual  | Gitea + Gitea pages                                       |
 | [lupine][lup]              | Physical | Gitea CI/CD runners                                       |
 |  shark                     | Virtual  | Test host for authentication, absolutely horrendous       |
-| [skrot/skrott][skr]        | Physical | Kiosk, snacks and soda                                    |
+| [skrott/skrot][skr]        | Physical | Kiosk, snacks and soda                                    |
 | [wenche][wen]              | Virtual  | Nix-builders, general purpose compute                     |
 
 ## Documentation

flake.lock

@@ -1,20 +1,5 @@
 {
   "nodes": {
-    "crane": {
-      "locked": {
-        "lastModified": 1770419512,
-        "narHash": "sha256-o8Vcdz6B6bkiGUYkZqFwH3Pv1JwZyXht3dMtS7RchIo=",
-        "owner": "ipetkov",
-        "repo": "crane",
-        "rev": "2510f2cbc3ccd237f700bb213756a8f35c32d8d7",
-        "type": "github"
-      },
-      "original": {
-        "owner": "ipetkov",
-        "repo": "crane",
-        "type": "github"
-      }
-    },
     "dibbler": {
       "inputs": {
         "nixpkgs": [
@@ -22,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1771267058,
-        "narHash": "sha256-EEL4SmD1b3BPJPsSJJ4wDTXWMumJqbR+BLzhJJG0skE=",
+        "lastModified": 1770133120,
+        "narHash": "sha256-RuAWONXb+U3omSsuIPCrPcgj0XYqv+2djG0cnPGEyKg=",
         "ref": "main",
-        "rev": "e3962d02c78b9c7b4d18148d931a9a4bf22e7902",
-        "revCount": 254,
+        "rev": "3123b8b474319bc75ee780e0357dcdea69dc85e6",
+        "revCount": 244,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
       },
@@ -62,11 +47,11 @@
         "nixpkgs-lib": "nixpkgs-lib"
       },
       "locked": {
-        "lastModified": 1772408722,
-        "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
+        "lastModified": 1765835352,
+        "narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
+        "rev": "a34fae9c08a15ad73f295041fec82323541400a9",
         "type": "github"
       },
       "original": {
@@ -82,11 +67,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1770617355,
-        "narHash": "sha256-lauV1yKA67WxnlbiJiwhOT9xI8nTiUqqrrRlgA+rMis=",
+        "lastModified": 1767906545,
+        "narHash": "sha256-LOf08pcjEQFLs3dLPuep5d1bAXWOFcdfxuk3YMb5KWw=",
         "ref": "main",
-        "rev": "36af0316a7370d19db05ef7c0a87e826f4a222d5",
-        "revCount": 24,
+        "rev": "e55cbe0ce0b20fc5952ed491fa8a553c8afb1bdd",
+        "revCount": 23,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Grzegorz/gergle.git"
       },
@@ -104,11 +89,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1770617867,
-        "narHash": "sha256-xPLm4C13KUl0zmm1OA+A8UwDSixwtNQ/caRx/WjN+WY=",
+        "lastModified": 1767906494,
+        "narHash": "sha256-Dd6gtdZfRMAD6JhdX0GdJwIHVaBikePSpQXhIdwLlWI=",
         "ref": "main",
-        "rev": "155752914d81a3a3c02fcfc5d840cfdfda07216d",
-        "revCount": 62,
+        "rev": "7258822e2e90fea2ea00b13b5542f63699e33a9e",
+        "revCount": 61,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Grzegorz/greg-ng.git"
       },
@@ -210,11 +195,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1770960722,
-        "narHash": "sha256-IdhPsWFZUKSJh/nLjGLJvGM5d5Uta+k1FlVYPxTZi0E=",
+        "lastModified": 1767906352,
+        "narHash": "sha256-wYsH9MMAPFG3XTL+3DwI39XMG0F2fTmn/5lt265a3Es=",
         "ref": "main",
-        "rev": "c2e4aca7e1ba27cd09eeaeab47010d32a11841b2",
-        "revCount": 15,
+        "rev": "d054c5d064b8ed6d53a0adb0cf6c0a72febe212e",
+        "revCount": 13,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Drift/nix-gitea-themes.git"
       },
@@ -232,11 +217,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774824790,
-        "narHash": "sha256-3R2aoykbutdJ7YQaZiU7uO8w4O8b6RjztTPNo8isLTI=",
+        "lastModified": 1769018862,
+        "narHash": "sha256-x3eMpPQhZwEDunyaUos084Hx41XwYTi2uHY4Yc4YNlk=",
         "owner": "oddlama",
         "repo": "nix-topology",
-        "rev": "5765ce41be8a4fb5471a57671c2b740a350c5da0",
+        "rev": "a15cac71d3399a4c2d1a3482ae62040a3a0aa07f",
         "type": "github"
       },
       "original": {
@@ -248,11 +233,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1775064210,
-        "narHash": "sha256-bEqbUNAnoyNZzd8rrhS8QETdDWr+vYzZeaggBLmFLIA=",
-        "rev": "9d1c3efdc713c1ed9679796c08a1a8a193e4704e",
+        "lastModified": 1769724120,
+        "narHash": "sha256-oQBM04hQk1kotfv4qmIG1tHmuwODd1+hqRJE5TELeCE=",
+        "rev": "8ec59ed5093c2a742d7744e9ecf58f358aa4a87d",
         "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.8497.9d1c3efdc713/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.4961.8ec59ed5093c/nixexprs.tar.xz"
       },
       "original": {
         "type": "tarball",
@@ -261,11 +246,11 @@
     },
     "nixpkgs-lib": {
       "locked": {
-        "lastModified": 1772328832,
-        "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=",
+        "lastModified": 1765674936,
+        "narHash": "sha256-k00uTP4JNfmejrCLJOwdObYC9jHRrr/5M/a/8L2EIdo=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742",
+        "rev": "2075416fcb47225d9b68ac469a5c4801a9c4dd85",
         "type": "github"
       },
       "original": {
@@ -276,11 +261,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1775064351,
-        "narHash": "sha256-KHkwW/A1+H23YBMQGDmPb8cw5LwZFnszVKg5eZ4JWhg=",
-        "rev": "1e6f1bb5bb05d14aea16063ab587c599a68241c2",
+        "lastModified": 1769813739,
+        "narHash": "sha256-RmNWW1DQczvDwBHu11P0hGwJZxbngdoymVu7qkwq/2M=",
+        "rev": "16a3cae5c2487b1afa240e5f2c1811f172419558",
         "type": "tarball",
-        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre973082.1e6f1bb5bb05/nixexprs.tar.xz"
+        "url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre937548.16a3cae5c248/nixexprs.tar.xz"
       },
       "original": {
         "type": "tarball",
@@ -373,18 +358,17 @@
     },
     "roowho2": {
       "inputs": {
-        "crane": "crane",
         "nixpkgs": [
           "nixpkgs"
         ],
         "rust-overlay": "rust-overlay_3"
       },
       "locked": {
-        "lastModified": 1770912859,
-        "narHash": "sha256-wtf7YgthGVDY7dhWe8cO42+CD7Y2Pkngvzirwjwvfzg=",
+        "lastModified": 1769834595,
+        "narHash": "sha256-P1jrO7BxHyIKDuOXHuUb7bi4H2TuYnACW5eqf1gG47g=",
         "ref": "main",
-        "rev": "9361dcf941fabb14e94f472754b0e0a26cc56e13",
-        "revCount": 59,
+        "rev": "def4eec2d59a69b4638b3f25d6d713b703b2fa56",
+        "revCount": 49,
         "type": "git",
         "url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
       },
@@ -402,11 +386,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1770606655,
-        "narHash": "sha256-rpJf+kxvLWv32ivcgu8d+JeJooog3boJCT8J3joJvvM=",
+        "lastModified": 1767840362,
+        "narHash": "sha256-ZtsFqUhilubohNZ1TgpQIFsi4biZTwRH9rjZsDRDik8=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "11a396520bf911e4ed01e78e11633d3fc63b350e",
+        "rev": "d159ea1fc321c60f88a616ac28bab660092a227d",
         "type": "github"
       },
       "original": {
@@ -464,11 +448,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774910634,
-        "narHash": "sha256-B+rZDPyktGEjOMt8PcHKYmgmKoF+GaNAFJhguktXAo0=",
+        "lastModified": 1769469829,
+        "narHash": "sha256-wFcr32ZqspCxk4+FvIxIL0AZktRs6DuF8oOsLt59YBU=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "19bf3d8678fbbfbc173beaa0b5b37d37938db301",
+        "rev": "c5eebd4eb2e3372fe12a8d70a248a6ee9dd02eff",
         "type": "github"
       },
       "original": {

flake.nix

@@ -94,6 +94,7 @@
         }:
         let
           commonPkgsConfig = {
+            inherit localSystem crossSystem;
             config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
               [
                 "nvidia-x11"
@@ -103,11 +104,8 @@
               # Global overlays go here
               inputs.roowho2.overlays.default
             ]) ++ overlays;
-          } // (if localSystem != crossSystem then {
-            inherit localSystem crossSystem;
-          } else {
-            system = crossSystem;
-          });
+          };
+
           pkgs = import nixpkgs commonPkgsConfig;
           unstablePkgs = import nixpkgs-unstable commonPkgsConfig;
         in

hosts/bicep/services/matrix/livekit.nix

@@ -43,7 +43,7 @@ in
     keyFile = config.sops.templates."matrix-livekit-keyfile".path;
   };
 
-  systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = lib.mkIf cfg.enable (builtins.concatStringsSep "," [ "pvv.ntnu.no" "dodsorf.as" ]);
+  systemd.services.lk-jwt-service.environment.LIVEKIT_FULL_ACCESS_HOMESERVERS = lib.mkIf cfg.enable matrixDomain;
 
   services.nginx.virtualHosts.${matrixDomain} = lib.mkIf cfg.enable {
     locations."^~ /livekit/jwt/" = {

hosts/bicep/services/matrix/out-of-your-element.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, lib, values, fp, ... }:
+{ config, pkgs, fp, ... }:
 let
   cfg = config.services.matrix-ooye;
 in
@@ -28,23 +28,6 @@ in
     };
   };
 
-  services.rsync-pull-targets = lib.mkIf cfg.enable {
-    enable = true;
-    locations."/var/lib/private/matrix-ooye" = {
-      user = "root";
-      rrsyncArgs.ro = true;
-      authorizedKeysAttrs = [
-        "restrict"
-        "from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
-        "no-agent-forwarding"
-        "no-port-forwarding"
-        "no-pty"
-        "no-X11-forwarding"
-      ];
-      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5koYfor5+kKB30Dugj3dAWvmj8h/akQQ2XYDvLobFL matrix_ooye rsync backup";
-    };
-  };
-
   services.matrix-ooye = {
     enable = true;
     homeserver = "https://matrix.pvv.ntnu.no";

hosts/kommode/services/gitea/customization/default.nix

@@ -10,59 +10,6 @@ in
     catppuccin = pkgs.gitea-theme-catppuccin;
   };
 
-  services.gitea.settings = {
-    ui = {
-      DEFAULT_THEME = "gitea-auto";
-      REACTIONS = lib.concatStringsSep "," [
-        "+1"
-        "-1"
-        "laugh"
-        "confused"
-        "heart"
-        "hooray"
-        "rocket"
-        "eyes"
-        "100"
-        "anger"
-        "astonished"
-        "no_good"
-        "ok_hand"
-        "pensive"
-        "pizza"
-        "point_up"
-        "sob"
-        "skull"
-        "upside_down_face"
-        "shrug"
-        "huh"
-        "bruh"
-        "okiedokie"
-        "grr"
-      ];
-
-      CUSTOM_EMOJIS = lib.concatStringsSep "," [
-        "bruh"
-        "grr"
-        "huh"
-        "ohyeah"
-      ];
-    };
-    "ui.meta" = {
-      AUTHOR = "Programvareverkstedet";
-      DESCRIPTION = "Bokstavelig talt programvareverkstedet";
-      KEYWORDS = lib.concatStringsSep "," [
-        "git"
-        "hackerspace"
-        "nix"
-        "open source"
-        "foss"
-        "organization"
-        "software"
-        "student"
-      ];
-    };
-  };
-
   systemd.services.gitea-customization = lib.mkIf cfg.enable {
     description = "Install extra customization in gitea's CUSTOM_DIR";
     wantedBy = [ "gitea.service" ];
@@ -110,11 +57,6 @@ in
       install -Dm444 ${extraLinksFooter} ${cfg.customDir}/templates/custom/extra_links_footer.tmpl
       install -Dm444 ${project-labels} ${cfg.customDir}/options/label/project-labels.yaml
 
-      install -Dm644 ${./emotes/bruh.png} ${cfg.customDir}/public/assets/img/emoji/bruh.png
-      install -Dm644 ${./emotes/huh.gif} ${cfg.customDir}/public/assets/img/emoji/huh.png
-      install -Dm644 ${./emotes/grr.png} ${cfg.customDir}/public/assets/img/emoji/grr.png
-      install -Dm644 ${./emotes/okiedokie.jpg} ${cfg.customDir}/public/assets/img/emoji/okiedokie.png
-
       "${lib.getExe pkgs.rsync}" -a "${customTemplates}/" ${cfg.customDir}/templates/
     '';
   };

hosts/kommode/services/gitea/default.nix

@@ -83,24 +83,11 @@ in {
         AUTO_WATCH_NEW_REPOS = false;
       };
       admin.DEFAULT_EMAIL_NOTIFICATIONS = "onmention";
+      session.COOKIE_SECURE = true;
       security = {
         SECRET_KEY = lib.mkForce "";
         SECRET_KEY_URI = "file:${config.sops.secrets."gitea/secret-key".path}";
       };
-      cache = {
-        ADAPTER = "redis";
-        HOST = "redis+socket://${config.services.redis.servers.gitea.unixSocket}?db=0";
-        ITEM_TTL = "72h";
-      };
-      session = {
-        COOKIE_SECURE = true;
-        PROVIDER = "redis";
-        PROVIDER_CONFIG = "redis+socket://${config.services.redis.servers.gitea.unixSocket}?db=1";
-      };
-      queue = {
-        TYPE = "redis";
-        CONN_STR = "redis+socket://${config.services.redis.servers.gitea.unixSocket}?db=2";
-      };
       database.LOG_SQL = false;
       repository = {
         PREFERRED_LICENSES = lib.concatStringsSep "," [
@@ -131,7 +118,6 @@ in {
           "repo.pulls"
           "repo.releases"
         ];
-        ALLOW_FORK_INTO_SAME_OWNER = true;
       };
       picture = {
         DISABLE_GRAVATAR = true;
@@ -142,6 +128,31 @@ in {
         AVATAR_MAX_ORIGIN_SIZE = 1024 * 1024 * 2;
       };
       actions.ENABLED = true;
+      ui = {
+        REACTIONS = lib.concatStringsSep "," [
+          "+1"
+          "-1"
+          "laugh"
+          "confused"
+          "heart"
+          "hooray"
+          "rocket"
+          "eyes"
+          "100"
+          "anger"
+          "astonished"
+          "no_good"
+          "ok_hand"
+          "pensive"
+          "pizza"
+          "point_up"
+          "sob"
+          "skull"
+          "upside_down_face"
+          "shrug"
+        ];
+      };
+      "ui.meta".DESCRIPTION = "Bokstavelig talt programvareverkstedet";
     };
 
     dump = {
@@ -153,26 +164,12 @@ in {
 
   environment.systemPackages = [ cfg.package ];
 
-  systemd.services.gitea = lib.mkIf cfg.enable {
-    wants = [ "redis-gitea.service" ];
-    after = [ "redis-gitea.service" ];
+  systemd.services.gitea.serviceConfig.CPUSchedulingPolicy = "batch";
 
-    serviceConfig = {
-      CPUSchedulingPolicy = "batch";
-      CacheDirectory = "gitea/repo-archive";
-      BindPaths = [
-        "%C/gitea/repo-archive:${cfg.stateDir}/data/repo-archive"
-      ];
-    };
-  };
-
-  services.redis.servers.gitea = lib.mkIf cfg.enable {
-    enable = true;
-    user = config.services.gitea.user;
-    save = [ ];
-    openFirewall = false;
-    port = 5698;
-  };
+  systemd.services.gitea.serviceConfig.CacheDirectory = "gitea/repo-archive";
+  systemd.services.gitea.serviceConfig.BindPaths = [
+    "%C/gitea/repo-archive:${cfg.stateDir}/data/repo-archive"
+  ];
 
   services.nginx.virtualHosts."${domain}" = {
     forceSSL = true;

hosts/lupine/configuration.nix

@@ -1,11 +1,12 @@
-{ fp, values, lib, lupineName, ... }:
+{ fp, values, lupineName, ... }:
 {
   imports = [
     ./hardware-configuration/${lupineName}.nix
 
     (fp /base)
-    # lupine-4 does not have enough ram for running nix flake check
-  ] ++ lib.optionals (lupineName != "lupine-4")  [ ./services/gitea-runner.nix ];
+
+    ./services/gitea-runner.nix
+  ];
 
   sops.defaultSopsFile = fp /secrets/lupine/lupine.yaml;
 

packages/ooye/package.nix

@@ -10,19 +10,22 @@ let
 in
 buildNpmPackage {
   pname = "delete-your-element";
-  version = "3.5.1";
+  version = "3.3-unstable-2026-01-21";
   src = fetchFromGitea {
     domain = "git.pvv.ntnu.no";
     owner = "Drift";
     repo = "delete-your-element";
-    rev = "80ac1d9d79207b6327975a264fcd9747b99a2a5d";
-    hash = "sha256-fcBpUZ+WEMUXyyo/uaArl4D1NJmK95isWqhFSt6HzUU=";
+    rev = "04d7872acb933254c0a4703064b2e08de31cfeb4";
+    hash = "sha256-CkKt+8VYjIhNM76c3mTf7X6d4ob8tB2w8T6xYS7+LuY=";
   };
 
   inherit nodejs;
 
-  npmDepsHash = "sha256-EYxJi6ObJQOLyiJq4C3mV6I62ns9l64ZHcdoQxmN5Ao=";
+  patches = [ ./fix-lockfile.patch ];
+
+  npmDepsHash = "sha256-tiGXr86x9QNAwhZcxSOox6sP9allyz9QSH3XOZOb3z8=";
   dontNpmBuild = true;
+  makeCacheWritable = true;
 
   nativeBuildInputs = [ makeWrapper ];