aef99e7365152e2715f5d69c5fe38a57a9c01972
- modules/server-deploy-guard.nix: extendable aggregator registered via
services.deployGuard.checks.<name>.{description,command}. Installs
deploy-guard-check with per-check timeout, pass/block reporting, JSON
output, DEPLOY_GUARD_BYPASS / /run/deploy-guard-bypass (single-shot).
- services/jellyfin/jellyfin-deploy-guard.nix: curl+jq on /Sessions,
blocks when any session carries NowPlayingItem; soft-fails when unreachable.
- services/minecraft-deploy-guard.nix: mcstatus SLP query on 25565, blocks
when players.online > 0; soft-fails when unreachable.
- flake.nix: wrap deploy.nodes.muffin activation with activate.custom so
deploy-guard-check runs before switch-to-configuration. Auto-rollback
catches the failure. dryActivate/boot branches preserved.
- deploy.sh: SSH preflight for ./deploy.sh muffin with --force /
DEPLOY_GUARD_FORCE=1 (touches remote bypass marker). Connectivity
failure is soft; activation still enforces.
- tests/deploy-guard.nix: aggregator contract, bypass mechanics, timeout,
JSON output.
My NixOS configs ✨
Hosts
- mreow: My personal Framework 13 laptop
- yarn: Machine I usually just play games on. Boots into SteamOS-like interface.
- muffin: Homeserver, runs various services.
Desktop/Laptop
What do I use?
Browser: Firefox 🦊 (actually Zen Browser :p)
Text Editor: Doom Emacs
Terminal: alacritty
Shell: fish with the pure prompt
WM: niri (KDE on my desktop)
Background
- Got my background from here and used the command
magick input.png -filter Point -resize 2880x1920! output.pngto upscale it bilinearly
Description
Languages
Nix
84.6%
Python
10.7%
Emacs Lisp
2.6%
Shell
2.1%