Add nix-fast-build

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

flake.lock

@@ -235,11 +235,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1755506074,
-        "narHash": "sha256-SztuKbAPppW5grMJLSGO5rBCXEWCOfhb39cPDONEUfo=",
+        "lastModified": 1757531256,
+        "narHash": "sha256-aOqrRvKmHoPKVhEYgV/RbsMXYXy6W9Tt1uhGK3dWMlE=",
         "ref": "refs/heads/main",
-        "rev": "ac85b6f608ed88d424621ec30f3848d621383487",
-        "revCount": 6,
+        "rev": "be7b39f41a1137a68944fc73db5a24544e015eb6",
+        "revCount": 7,
         "type": "git",
         "url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
       },
@@ -495,11 +495,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1755532656,
-        "narHash": "sha256-xYb5dJej3emyr4oWWAhkMP8rPc3kdVOXGZcIbAx1Y/I=",
+        "lastModified": 1757531894,
+        "narHash": "sha256-GwV3ES7n/2mwPeu8FGfViI6QfzbTrvNob3OZOsPQId0=",
         "ref": "refs/heads/main",
-        "rev": "b01f3f8456903cb1bde9637cc23b456b47354138",
-        "revCount": 11,
+        "rev": "3d069983345ea83549c641dd3f8875e54aaf1c2b",
+        "revCount": 12,
         "type": "git",
         "url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
       },
@@ -511,11 +511,11 @@
     "secrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1756900832,
-        "narHash": "sha256-sMne4dvYzcdbDVcMPY6NLVHiZbgjtDrxttKG0Vig8WQ=",
+        "lastModified": 1757519344,
+        "narHash": "sha256-wLwVbKDPkFCPh9UYLDqCPb62hp6mHBAgjn3Dech54YU=",
         "ref": "refs/heads/main",
-        "rev": "adac63f6daffb4e14ce0fb94e93eb987e2460064",
-        "revCount": 38,
+        "rev": "8ae051ad0936cb8fbf10b3ab2130f09a07ca1ce6",
+        "revCount": 39,
         "type": "git",
         "url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
       },

flake.nix

@@ -189,7 +189,28 @@
         devShells.${system} = import ./hosts/common/shells { inherit pkgs; };
         packages.${system} = import ./packages { inherit pkgs; };
         formatter.${system} = treefmt.config.build.wrapper;
-        checks.${system}.formatting = treefmt.config.build.check inputs.self;
+
+        checks.${system} =
+          let
+            nixosConfigurations =
+              pkgs.lib.mapAttrs'
+                (
+                  name: config:
+                  pkgs.lib.nameValuePair "nixosConfiguration-${name}" config.config.system.build.toplevel
+                )
+                ((pkgs.lib.filterAttrs (_: config: config.pkgs.system == system)) inputs.self.nixosConfigurations);
+
+            packages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "package-${n}") inputs.self.packages;
+
+            overlayPackages = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "overlayPackage-${n}") (
+              import ./overlays/packages.nix { inherit pkgs; }
+            );
+
+            devShells = pkgs.lib.mapAttrs' (n: pkgs.lib.nameValuePair "devShell-${n}") inputs.self.devShells;
+
+            formatter.formatting = treefmt.config.build.check inputs.self;
+          in
+          nixosConfigurations // packages // overlayPackages // devShells // formatter;
       }
     );
 }

hosts/common/configs/system/nix/default.nix

@@ -43,7 +43,6 @@
       ];
       download-buffer-size = 524288000;
       substituters = lib.mkBefore [ "https://nix.karaolidis.com/main" ];
-      trusted-substituters = config.nix.settings.substituters;
       trusted-public-keys = lib.mkBefore [ "main:nJVRBnv73MDkwuV5sgm52m4E2ImOhWHvY12qzjPegAk=" ];
       netrc-file = config.sops.templates.nix-netrc.path;
     };

hosts/common/configs/user/console/home-manager/default.nix

@@ -26,7 +26,6 @@
           experimental-features
           download-buffer-size
           substituters
-          trusted-substituters
           trusted-public-keys
           netrc-file
           ;

hosts/common/configs/user/console/nix/default.nix

@@ -4,7 +4,10 @@
   environment.persistence."/persist/cache"."${home}/.cache/nix" = { };
 
   home-manager.users.${user} = {
-    home.packages = with pkgs; [ nurl ];
+    home.packages = with pkgs; [
+      nix-fast-build
+      nurl
+    ];
 
     programs.zsh.shellAliases = {
       nrs = "sudo nixos-rebuild switch --flake .#$(hostname) --show-trace";

hosts/jupiter/users/storm/configs/console/podman/attic/default.nix

@@ -83,10 +83,19 @@ in
               networks.attic.ref
               networks.traefik.ref
             ];
-            volumes = [
-              "/mnt/storage/private/storm/containers/storage/volumes/attic/_data:/var/lib/attic"
-              "${hmConfig.sops.templates.attic-server.path}:/etc/attic/server.toml"
-            ];
+            volumes =
+              let
+                postStart = pkgs.writeTextFile {
+                  name = "post-start.sh";
+                  executable = true;
+                  text = builtins.readFile ./post-start.sh;
+                };
+              in
+              [
+                "/mnt/storage/private/storm/containers/storage/volumes/attic/_data:/var/lib/attic"
+                "${hmConfig.sops.templates.attic-server.path}:/etc/attic/server.toml:ro"
+                "${postStart}:/etc/attic/post-start.sh:ro"
+              ];
             environmentFiles = [ hmConfig.sops.templates.attic-env.path ];
             exec = [
               "--config"

hosts/jupiter/users/storm/configs/console/podman/attic/post-start.sh

@@ -5,8 +5,10 @@ attic login main https://nix.karaolidis.com/ "$ATTIC_TOKEN"
 CACHE_NAME="main"
 
 while true; do
+  set +o errexit
   out=$(attic cache info "$CACHE_NAME" 2>&1)
   status=$?
+  set -o errexit
 
   if [ $status -eq 0 ]; then
     break

hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix

@@ -118,12 +118,6 @@ in
                   client_secret = hmConfig.sops.placeholder."jellyseerr/authelia/digest";
                   redirect_uris = [ "https://request.karaolidis.com/login?provider=authelia&callback=true" ];
                   authorization_policy = "jellyseerr";
-                  scopes = [
-                    "openid"
-                    "email"
-                    "profile"
-                    "groups"
-                  ];
                   token_endpoint_auth_method = "client_secret_post";
                 }
               ];

hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix

@@ -81,6 +81,7 @@ in
               "--entrypoints.https.http.tls.domains[1].sans=*.krlds.com"
               "--entryPoints.https.http3"
               "--entrypoints.https.http.middlewares=compress@docker,security-headers@docker"
+              "--entrypoints.https.transport.respondingTimeouts.readTimeout=0s"
 
               "--certificatesresolvers.letsencrypt.acme.dnschallenge=true"
               "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"

overlays/packages.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+{
+  inherit (pkgs)
+    android-tools
+    attic-client
+    darktable
+    hyprland
+    mpv
+    spicetify-cli
+    tea
+    telepresence
+    ;
+}

packages/docker/jellyseerr/default.nix

@@ -15,7 +15,7 @@ let
         owner = "Fallenbagel";
         repo = "jellyseerr";
         tag = "preview-OIDC";
-        hash = "sha256-iBnO0WjNqvXfuJMoS6z/NmYgtW5FQ9Ptp9uV5rODIf8=";
+        hash = "sha256-EJz1W7ewEczizNRs/X3esjQUwJiTHruo7nkAzyKZbjc=";
       };
     in
     {
@@ -24,7 +24,7 @@ let
         inherit src;
         inherit (oldAttrs) pname version;
         fetcherVersion = 2;
-        hash = "sha256-Ek2z1KIel3egwZ9dGU7rJQEyhukmXw5chsfvI2w8v28=";
+        hash = "sha256-0CwHkxG3SOSd+xozONnAi7Mr0y+lXdxwJk8mRZf8Bhs=";
       };
     }
   );