Merge branch 'master' of github.com:thegeneralist01/config

flake.lock

@@ -99,6 +99,24 @@
         "type": "github"
       }
     },
+    "flake-utils_2": {
+      "inputs": {
+        "systems": "systems_3"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "ghostty": {
       "inputs": {
         "flake-compat": "flake-compat",
@@ -261,6 +279,38 @@
         "type": "github"
       }
     },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1769789167,
+        "narHash": "sha256-kKB3bqYJU5nzYeIROI82Ef9VtTbu4uA3YydSk/Bioa8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "62c8382960464ceb98ea593cb8321a2cf8f9e3e5",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "readlater-bot": {
+      "inputs": {
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1770458808,
+        "narHash": "sha256-Fs/DwFxitReM7PuN1aee8pcmRzST7wzX7WLeBK/lOAI=",
+        "path": "/home/thegeneralist/infofeeder-bot",
+        "type": "path"
+      },
+      "original": {
+        "path": "/home/thegeneralist/infofeeder-bot",
+        "type": "path"
+      }
+    },
     "root": {
       "inputs": {
         "agenix": "agenix",
@@ -271,7 +321,8 @@
         "homebrew-core": "homebrew-core",
         "nix-darwin": "nix-darwin",
         "nix-homebrew": "nix-homebrew",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs",
+        "readlater-bot": "readlater-bot"
       }
     },
     "rust-analyzer-src": {
@@ -321,6 +372,21 @@
         "type": "github"
       }
     },
+    "systems_3": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "zig": {
       "inputs": {
         "flake-compat": [

flake.nix

@@ -41,6 +41,10 @@
       url = "github:nix-community/fenix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+
+    readlater-bot = {
+      url = "path:/home/thegeneralist/infofeeder-bot";
+    };
   };
 
   outputs =

hosts/thegeneralist-central/configuration.nix

@@ -2,24 +2,57 @@
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
 
-{ config, pkgs, inputs, ... }:
+{
+  config,
+  pkgs,
+  inputs,
+  lib,
+  ...
+}:
 
 {
-  imports = [ ./hardware-configuration.nix ./site.nix ./cache ./archive ./forgejo ];
+  imports = [
+    ./hardware-configuration.nix
+    ./site.nix
+    ./cache
+    ./archive
+    ./forgejo
+  ];
 
   age.secrets.password.file = ./password.age;
+  age.secrets.readlaterBotToken.file = ./readlater-bot-token.age;
+  age.secrets.readlaterBotSyncToken.file = ./readlater-bot-sync-token.age;
+  age.secrets.readlaterBotUserId.file = ./readlater-bot-user-id.age;
+  age.secrets.readlaterBotToken.owner = "thegeneralist";
+  age.secrets.readlaterBotToken.group = "users";
+  age.secrets.readlaterBotToken.mode = "0400";
+  age.secrets.readlaterBotSyncToken.owner = "thegeneralist";
+  age.secrets.readlaterBotSyncToken.group = "users";
+  age.secrets.readlaterBotSyncToken.mode = "0400";
+  age.secrets.readlaterBotUserId.owner = "thegeneralist";
+  age.secrets.readlaterBotUserId.group = "users";
+  age.secrets.readlaterBotUserId.mode = "0400";
   users.users = {
     thegeneralist = {
       isNormalUser = true;
       description = "thegeneralist";
-      extraGroups = [ "wheel" "audio" "video" "input" "scanner" "docker" ];
+      extraGroups = [
+        "wheel"
+        "audio"
+        "video"
+        "input"
+        "scanner"
+        "docker"
+      ];
       shell = pkgs.zsh;
       home = "/home/thegeneralist";
       homeMode = "0750";
       hashedPasswordFile = config.age.secrets.password.path;
-      openssh.authorizedKeys.keys = let
+      openssh.authorizedKeys.keys =
+        let
           inherit (import ../../keys.nix) thegeneralist;
-      in [ thegeneralist ];
+        in
+        [ thegeneralist ];
     };
 
     build = {
@@ -28,9 +61,11 @@
       extraGroups = [ "build" ];
       shell = pkgs.zsh;
       hashedPasswordFile = config.age.secrets.password.path;
-      openssh.authorizedKeys.keys = let
+      openssh.authorizedKeys.keys =
+        let
           inherit (import ../../keys.nix) thegeneralist;
-      in [ thegeneralist ];
+        in
+        [ thegeneralist ];
     };
   };
 
@@ -45,16 +80,49 @@
   };
 
   age.secrets.hostkey.file = ./hostkey.age;
-  services.openssh.hostKeys = [{
+  services.openssh.hostKeys = [
+    {
       type = "ed25519";
       path = config.age.secrets.hostkey.path;
-  }];
+    }
+  ];
 
   # Some programs
   services.libinput.enable = true;
   programs.firefox.enable = true;
   programs.zsh.enable = true;
 
+  services.readlater-bot = {
+    enable = true;
+    user = "thegeneralist";
+    group = "users";
+    tokenFile = config.age.secrets.readlaterBotToken.path;
+    settings = {
+      resources_path = "/home/thegeneralist/obsidian/02 Knowledge/03 Resources";
+      read_later_path = "/home/thegeneralist/obsidian/10 Read Later.md";
+      finished_path = "/home/thegeneralist/obsidian/20 Finished Reading.md";
+      data_dir = "/var/lib/readlater-bot";
+      retry_interval_seconds = 30;
+      sync = {
+        repo_path = "/home/thegeneralist/obsidian";
+        token_file = config.age.secrets.readlaterBotSyncToken.path;
+      };
+    };
+  };
+
+  systemd.services.readlater-bot.preStart = lib.mkAfter ''
+    if [ -f /run/readlater-bot/config.toml ]; then
+      tmp="/run/readlater-bot/config.toml.tmp"
+      {
+        IFS= read -r first_line || true
+        printf '%s\n' "$first_line"
+        printf 'user_id = %s\n' "$(cat ${config.age.secrets.readlaterBotUserId.path})"
+        cat
+      } < /run/readlater-bot/config.toml > "$tmp"
+      mv "$tmp" /run/readlater-bot/config.toml
+    fi
+  '';
+
   # Set your time zone.
   time.timeZone = "Europe/Berlin";
 

hosts/thegeneralist-central/readlater-bot-sync-token.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 pp9qdQ twxKRYACgz/8cYRrOCxMoVg9kFXaYxWVnDC1q7g4m3M
+HICOhz/phNPvmLrO/ILxoMb5Bbs7LAJ3wuPAq1PJXiQ
+--- 0yPpaiiJXMaUBa+kBX/UOTMICRjKXMgjRk2E+WKgj+M
+¡ï6«„£YŸ'Þ\±E<C2B1>T‡cÊP;´Œˆ?œ‘j‚&+íFPÜ<50>*J‡m¦<Ï–~ÉúÐ
Ó˜A
I*¢„lÜØŠ×X'˃

hosts/thegeneralist-central/readlater-bot-token.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 pp9qdQ B8+s7rbKTCk2vfRVUyc8yV2HhkiUjv9petRiBRg9kgE
+9po69JEGIQGXUIyjJj3BOMZGc5qDSbvug1HsO/EgDTE
+--- n+cCCXuJP4oboSm74DRK9oh/OyHuPSdnX1+lH5xgn0E
+
IŽ´‚ó¼„fë­øÎ,(¦Ù†¨äÿ¶S°–d鎕Á^¶QhþˆF{_š<>Ü„§<E2809E>4Õ€Ô
Z™(£Ô
¥ŽümubÝÏø€

hosts/thegeneralist-central/readlater-bot-user-id.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 pp9qdQ JjYS0OmsdzkazhynwiYUWf6svuUu0ivXi7VrFdccez0
+0xelpQamzEYTN/TqbJ3kI1OhfZdBl2DhhgKv29qg8J4
+--- V0a84QEOAyVidy+5KoxJOwsj+XrmlMbg4+oLbHVK0FA
+D»ž'@0ö*aOÙŽHܯŒm‹tú…ï,¢±Ð«<C390>˜<EFBFBD>€õb£ÁI¥¼

secrets.nix

@@ -1,6 +1,7 @@
 let
   inherit (import ./keys.nix) thegeneralist;
-in {
+in
+{
   "hosts/thegeneralist/hostkey.age".publicKeys = [ thegeneralist ];
   "hosts/thegeneralist-central/hostkey.age".publicKeys = [ thegeneralist ];
 
@@ -11,7 +12,12 @@ in {
   "hosts/thegeneralist-central/cache/key.age".publicKeys = [ thegeneralist ];
   "hosts/thegeneralist-central/password.age".publicKeys = [ thegeneralist ];
   "hosts/thegeneralist-central/forgejo/forgejo-runner-token.age".publicKeys = [ thegeneralist ];
-  "hosts/thegeneralist-central/forgejo/forgejo-family-site-deploy-token.age".publicKeys = [ thegeneralist ];
+  "hosts/thegeneralist-central/forgejo/forgejo-family-site-deploy-token.age".publicKeys = [
+    thegeneralist
+  ];
+  "hosts/thegeneralist-central/readlater-bot-token.age".publicKeys = [ thegeneralist ];
+  "hosts/thegeneralist-central/readlater-bot-sync-token.age".publicKeys = [ thegeneralist ];
+  "hosts/thegeneralist-central/readlater-bot-user-id.age".publicKeys = [ thegeneralist ];
 
   "modules/linux/tailscale-marshall.age".publicKeys = [ thegeneralist ];
 }