From 8c99efee795f98512bff2740dfc95fa2b0a9fb68 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 09:51:10 -0800 Subject: [PATCH 01/30] Polish ringtail NixOS config and add documentation Sway keybinding for wezterm, fish as default shell, remove initialPassword, add 1Password/chezmoi/dev tool packages. Add ringtail reference card and update host inventory. Co-Authored-By: Claude Opus 4.6 --- .../feature-ringtail-nixos.infra.md | 1 + docs/reference/infrastructure/hosts.md | 3 +- docs/reference/infrastructure/ringtail.md | 48 +++++++++++++++++++ docs/reference/reference.md | 1 + nixos/ringtail/configuration.nix | 21 +++++++- 5 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 docs/changelog.d/feature-ringtail-nixos.infra.md create mode 100644 docs/reference/infrastructure/ringtail.md diff --git a/docs/changelog.d/feature-ringtail-nixos.infra.md b/docs/changelog.d/feature-ringtail-nixos.infra.md new file mode 100644 index 0000000..92c89a1 --- /dev/null +++ b/docs/changelog.d/feature-ringtail-nixos.infra.md @@ -0,0 +1 @@ +Polish ringtail NixOS config: sway keybinding, fish shell, 1Password, chezmoi, and dev tools. Add ringtail reference documentation. diff --git a/docs/reference/infrastructure/hosts.md b/docs/reference/infrastructure/hosts.md index 08950b7..f8b07ff 100644 --- a/docs/reference/infrastructure/hosts.md +++ b/docs/reference/infrastructure/hosts.md @@ -1,6 +1,6 @@ --- title: Hosts -modified: 2026-02-10 +modified: 2026-02-18 tags: - infrastructure --- @@ -16,6 +16,7 @@ All devices connected via [Tailscale](https://login.tailscale.com/) tailnet `tai | **Indri** | Mac Mini M1, 2020 - Primary server | [[indri|Details]] | | **Gilbert** | MacBook Air M4, 2025 - Workstation | [[gilbert|Details]] | | **[[sifaka|Sifaka]]** | Synology NAS - Storage & backups | [[sifaka|Details]] | +| **[[ringtail|Ringtail]]** | Custom PC, NixOS - Service host & gaming | [[ringtail|Details]] | | **Mouse** | MacBook Air M2 - Allison's laptop | - | | **UniFi** | UniFi Express 7 - Home WiFi | [[unifi|Details]] | | **Dwarf** | iPad Air - Employer-provided, off tailnet | - | diff --git a/docs/reference/infrastructure/ringtail.md b/docs/reference/infrastructure/ringtail.md new file mode 100644 index 0000000..c91518b --- /dev/null +++ b/docs/reference/infrastructure/ringtail.md @@ -0,0 +1,48 @@ +--- +title: Ringtail +modified: 2026-02-18 +tags: + - infrastructure + - host +--- + +# Ringtail + +Service host and gaming PC. Custom-built PC running NixOS. + +## Specifications + +| Property | Value | +|----------|-------| +| **CPU** | AMD (desktop) | +| **GPU** | NVIDIA RTX 4080 (16GB VRAM) | +| **Storage** | NVMe (boot) + 3x SATA drives | +| **OS** | NixOS 25.11 (Sway/Wayland) | +| **Tailscale hostname** | `ringtail.tail8d86e.ts.net` | + +## Software + +Managed declaratively via `nixos/ringtail/configuration.nix`. + +- **Desktop:** Sway (Wayland compositor) with wezterm terminal +- **Shell:** Fish (default login shell) +- **Gaming:** Steam +- **Dotfiles:** chezmoi (requires `.chezmoiignore` updates in dotfiles repo for Linux) +- **Secrets:** 1Password CLI + GUI (CLI integration via desktop app biometric unlock) + +## Maintenance Notes + +**NixOS rebuild:** From the blumeops repo, run `mise run provision-ringtail` or on ringtail directly: + +```bash +sudo nixos-rebuild switch --flake /etc/nixos#ringtail +``` + +**NVIDIA drivers:** Uses proprietary (closed-source) drivers. The `--unsupported-gpu` flag is passed to sway via greetd since sway officially only supports open-source drivers. + +**Chezmoi:** The dotfiles repo (`github.com/eblume/dotfiles`) is macOS-centric. A `.chezmoiignore` needs to be added to skip macOS-only files on Linux (Brewfile, macOS-specific PATH/SSH_AUTH_SOCK). This is tracked as a separate task outside blumeops. + +## Related + +- [[hosts]] - Device inventory +- [[tailscale]] - Network configuration diff --git a/docs/reference/reference.md b/docs/reference/reference.md index 13a773c..e1cacc0 100644 --- a/docs/reference/reference.md +++ b/docs/reference/reference.md @@ -47,6 +47,7 @@ Host inventory and network configuration. - [[hosts|Hosts]] - Device inventory - [[indri]] - Primary server +- [[ringtail]] - Service host & gaming PC - [[gilbert]] - Development workstation - [[tailscale]] - ACLs, groups, tags - [[gandi]] - DNS hosting for `eblu.me` diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index dd97cf5..afeda8b 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -44,6 +44,10 @@ grim # screenshots slurp # region selection ]; + extraConfig = '' + set $term wezterm + bindsym $mod+Return exec $term + ''; }; security.polkit.enable = true; security.sudo.wheelNeedsPassword = false; @@ -66,6 +70,9 @@ pulse.enable = true; }; + # Fish shell + programs.fish.enable = true; + # Steam programs.steam = { enable = true; @@ -90,7 +97,7 @@ # User account users.users.eblume = { isNormalUser = true; - initialPassword = "changeme"; + shell = pkgs.fish; extraGroups = [ "wheel" "networkmanager" "video" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmh1SSCdDAyu3vkSQH7kAXEPDi8APyjo9JXDTjtha2j" @@ -105,6 +112,18 @@ htop curl wget + _1password-cli + _1password-gui + chezmoi + neovim + eza + fd + fzf + zoxide + starship + atuin + bat + ripgrep ]; # Enable nix flakes -- 2.50.1 (Apple Git-155) From 8daf990aa5ac111d61364a32459b3cf8726d9b3e Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 09:57:24 -0800 Subject: [PATCH 02/30] Add detailed hardware specs to ringtail reference card Queried ringtail directly for CPU, RAM, GPU, storage, monitor, and peripheral details via dmidecode, edid-decode, and lsusb. Co-Authored-By: Claude Opus 4.6 --- docs/reference/infrastructure/ringtail.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/reference/infrastructure/ringtail.md b/docs/reference/infrastructure/ringtail.md index c91518b..c4880fa 100644 --- a/docs/reference/infrastructure/ringtail.md +++ b/docs/reference/infrastructure/ringtail.md @@ -14,9 +14,14 @@ Service host and gaming PC. Custom-built PC running NixOS. | Property | Value | |----------|-------| -| **CPU** | AMD (desktop) | -| **GPU** | NVIDIA RTX 4080 (16GB VRAM) | -| **Storage** | NVMe (boot) + 3x SATA drives | +| **Motherboard** | ASUS ROG Crosshair VI Hero (Wi-Fi AC) | +| **CPU** | AMD Ryzen 7 1700X (8-core/16-thread, 3.4 GHz) | +| **RAM** | 32 GB DDR4 (4x8 GB Corsair Vengeance CMK16GX4M2B3200C16, running at 2133 MT/s) | +| **GPU** | NVIDIA GeForce RTX 4080 (AD103, 16 GB VRAM) | +| **Monitor** | HP OMEN 27i IPS (2560x1440, 165 Hz, DisplayPort) | +| **Storage (boot)** | Samsung 970 PRO 1TB NVMe | +| **Storage (SATA)** | Samsung 850 EVO 1TB, 850 EVO 500GB, 840 PRO 120GB | +| **Peripherals** | Das Keyboard 4, Logitech MX Master 3, 8BitDo Ultimate 2 controller | | **OS** | NixOS 25.11 (Sway/Wayland) | | **Tailscale hostname** | `ringtail.tail8d86e.ts.net` | -- 2.50.1 (Apple Git-155) From 1f97c5498eeab42a58a389423d5e04328917356d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:03:55 -0800 Subject: [PATCH 03/30] Add home-manager for sway keybinding, fix extraConfig error The NixOS programs.sway module doesn't have extraConfig. Use home-manager's wayland.windowManager.sway instead to set the terminal to wezterm (which gives us $mod+Return automatically). Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 19 +++++++++++++++---- nixos/ringtail/flake.nix | 9 +++++++-- 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index afeda8b..470b843 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -44,10 +44,6 @@ grim # screenshots slurp # region selection ]; - extraConfig = '' - set $term wezterm - bindsym $mod+Return exec $term - ''; }; security.polkit.enable = true; security.sudo.wheelNeedsPassword = false; @@ -126,6 +122,21 @@ ripgrep ]; + # Home Manager (minimal — chezmoi owns dotfiles, this is ringtail-specific) + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.eblume = { + home.stateVersion = "25.11"; + + wayland.windowManager.sway = { + enable = true; + config = { + terminal = "wezterm"; + modifier = "Mod4"; + }; + }; + }; + # Enable nix flakes nix.settings.experimental-features = [ "nix-command" "flakes" ]; diff --git a/nixos/ringtail/flake.nix b/nixos/ringtail/flake.nix index 8bfac2f..70a1d73 100644 --- a/nixos/ringtail/flake.nix +++ b/nixos/ringtail/flake.nix @@ -1,5 +1,5 @@ { - description = "NixOS configuration for ringtail (gaming/compute workstation)"; + description = "NixOS configuration for ringtail (service host & gaming PC)"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; @@ -7,13 +7,18 @@ url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; + home-manager = { + url = "github:nix-community/home-manager/release-25.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { nixpkgs, disko, ... }: { + outputs = { nixpkgs, disko, home-manager, ... }: { nixosConfigurations.ringtail = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ disko.nixosModules.disko + home-manager.nixosModules.home-manager ./disk-config.nix ./hardware-configuration.nix ./configuration.nix -- 2.50.1 (Apple Git-155) From df5d1bae4debba859dc37f2448e1ad346451c147 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:21:29 -0800 Subject: [PATCH 04/30] Add Dagger flake-lock function and improve provision-ringtail - New `flake-lock` Dagger function: runs `nix flake lock` in a nixos/nix container, returns the updated flake.lock file. - provision-ringtail now: updates flake.lock via Dagger before deploy, verifies current commit is pushed to forge, and passes the exact commit SHA to the ansible playbook. - Playbook accepts `ringtail_commit` var to deploy a specific ref. Co-Authored-By: Claude Opus 4.6 --- .dagger/src/blumeops_ci/main.py | 16 ++++++++++++++++ ansible/playbooks/ringtail.yml | 2 +- mise-tasks/provision-ringtail | 24 +++++++++++++++++++++++- 3 files changed, 40 insertions(+), 2 deletions(-) diff --git a/.dagger/src/blumeops_ci/main.py b/.dagger/src/blumeops_ci/main.py index 5cd70e4..4410f30 100644 --- a/.dagger/src/blumeops_ci/main.py +++ b/.dagger/src/blumeops_ci/main.py @@ -1,6 +1,8 @@ import dagger from dagger import dag, function, object_type +NIX_IMAGE = "nixos/nix:2.33.3" + @object_type class BlumeopsCi: @@ -67,3 +69,17 @@ class BlumeopsCi: ) .file(f"/docs-{version}.tar.gz") ) + + @function + async def flake_lock( + self, src: dagger.Directory, flake_path: str = "nixos/ringtail" + ) -> dagger.File: + """Resolve flake inputs and return updated flake.lock.""" + return await ( + dag.container() + .from_(NIX_IMAGE) + .with_directory("/workspace", src) + .with_workdir(f"/workspace/{flake_path}") + .with_exec(["nix", "flake", "lock", "--accept-flake-config"]) + .file(f"/workspace/{flake_path}/flake.lock") + ) diff --git a/ansible/playbooks/ringtail.yml b/ansible/playbooks/ringtail.yml index 61911a1..ad36511 100644 --- a/ansible/playbooks/ringtail.yml +++ b/ansible/playbooks/ringtail.yml @@ -8,7 +8,7 @@ ansible.builtin.git: repo: "https://forge.ops.eblu.me/eblume/blumeops.git" dest: /etc/blumeops - version: main + version: "{{ ringtail_commit | default('main') }}" force: true register: _repo diff --git a/mise-tasks/provision-ringtail b/mise-tasks/provision-ringtail index cb5effe..a2a84cb 100755 --- a/mise-tasks/provision-ringtail +++ b/mise-tasks/provision-ringtail @@ -5,5 +5,27 @@ set -euo pipefail export MISE_TASK_OUTPUT=interleave +# Update flake.lock via Dagger before deploying +echo "Updating nixos/ringtail/flake.lock..." +dagger call flake-lock --src=. --flake-path=nixos/ringtail \ + export --path=nixos/ringtail/flake.lock + +if ! git diff --quiet nixos/ringtail/flake.lock; then + git add nixos/ringtail/flake.lock + echo "flake.lock changed and staged. Commit, push, and re-run." + exit 1 +fi + +COMMIT=$(git rev-parse HEAD) +REMOTE_REF=$(git ls-remote origin "$(git rev-parse --abbrev-ref HEAD)" 2>/dev/null | awk '{print $1}') + +if [[ "$REMOTE_REF" != "$COMMIT" ]]; then + echo "ERROR: Current commit $COMMIT is not pushed to forge." + echo "Push your changes first: git push" + exit 1 +fi + +echo "Deploying commit $COMMIT to ringtail..." + cd ansible -ansible-playbook playbooks/ringtail.yml "$@" +ansible-playbook playbooks/ringtail.yml -e "ringtail_commit=$COMMIT" "$@" -- 2.50.1 (Apple Git-155) From c56bc1d596762f01da1d2ae4e9bb24db9f100493 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:25:18 -0800 Subject: [PATCH 05/30] Fix flake-lock: enable experimental features, update lockfile The nixos/nix container doesn't have flakes enabled by default. Pass --extra-experimental-features flag. Also commit the updated flake.lock with home-manager input resolved via Dagger. Co-Authored-By: Claude Opus 4.6 --- .dagger/src/blumeops_ci/main.py | 11 ++++++++++- nixos/ringtail/flake.lock | 22 ++++++++++++++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/.dagger/src/blumeops_ci/main.py b/.dagger/src/blumeops_ci/main.py index 4410f30..b14057a 100644 --- a/.dagger/src/blumeops_ci/main.py +++ b/.dagger/src/blumeops_ci/main.py @@ -80,6 +80,15 @@ class BlumeopsCi: .from_(NIX_IMAGE) .with_directory("/workspace", src) .with_workdir(f"/workspace/{flake_path}") - .with_exec(["nix", "flake", "lock", "--accept-flake-config"]) + .with_exec( + [ + "nix", + "--extra-experimental-features", + "nix-command flakes", + "flake", + "lock", + "--accept-flake-config", + ] + ) .file(f"/workspace/{flake_path}/flake.lock") ) diff --git a/nixos/ringtail/flake.lock b/nixos/ringtail/flake.lock index d5ba048..2cd5e75 100644 --- a/nixos/ringtail/flake.lock +++ b/nixos/ringtail/flake.lock @@ -20,6 +20,27 @@ "type": "github" } }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1771208521, @@ -39,6 +60,7 @@ "root": { "inputs": { "disko": "disko", + "home-manager": "home-manager", "nixpkgs": "nixpkgs" } } -- 2.50.1 (Apple Git-155) From 91ed79578f90997c2c306ab9c5fb53ff5344788c Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:31:59 -0800 Subject: [PATCH 06/30] Add ringtail to services-check (SSH + Tailscale) Co-Authored-By: Claude Opus 4.6 --- mise-tasks/services-check | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/mise-tasks/services-check b/mise-tasks/services-check index 020e177..77804f4 100755 --- a/mise-tasks/services-check +++ b/mise-tasks/services-check @@ -83,6 +83,11 @@ check_http "CV" "https://cv.ops.eblu.me/" check_http "Ntfy" "https://ntfy.ops.eblu.me/v1/health" check_http "Frigate" "https://nvr.ops.eblu.me/api/version" +echo "" +echo "Ringtail (NixOS):" +check_service "ssh" "ssh -o ConnectTimeout=5 ringtail true" +check_service "tailscale" "ssh ringtail 'tailscale status --self --json' | grep -q '\"Online\":true'" + echo "" echo "Public services (via Fly.io):" check_http "Docs (public)" "https://docs.eblu.me/" -- 2.50.1 (Apple Git-155) From 74352603ccc6d6d6b19d6a86366b21fef6e8768d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:36:08 -0800 Subject: [PATCH 07/30] Fix ringtail tailscale check: use jq instead of grep Co-Authored-By: Claude Opus 4.6 --- mise-tasks/services-check | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mise-tasks/services-check b/mise-tasks/services-check index 77804f4..31c8cc5 100755 --- a/mise-tasks/services-check +++ b/mise-tasks/services-check @@ -86,7 +86,7 @@ check_http "Frigate" "https://nvr.ops.eblu.me/api/version" echo "" echo "Ringtail (NixOS):" check_service "ssh" "ssh -o ConnectTimeout=5 ringtail true" -check_service "tailscale" "ssh ringtail 'tailscale status --self --json' | grep -q '\"Online\":true'" +check_service "tailscale" "ssh ringtail 'tailscale status --self --json' | jq -e '.Self.Online' > /dev/null" echo "" echo "Public services (via Fly.io):" -- 2.50.1 (Apple Git-155) From 25feb2fb1e95406199db551718d5a37b008c1cc3 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:38:07 -0800 Subject: [PATCH 08/30] Fix /mnt/* ownership so eblume can use Steam library on /mnt/games Drives mounted by disko default to root ownership. Use tmpfiles rules to set eblume:users ownership at boot. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 470b843..d6bd665 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -137,6 +137,13 @@ }; }; + # Ensure mounted drives are owned by eblume + systemd.tmpfiles.rules = [ + "d /mnt/games 0755 eblume users -" + "d /mnt/storage1 0755 eblume users -" + "d /mnt/storage2 0755 eblume users -" + ]; + # Enable nix flakes nix.settings.experimental-features = [ "nix-command" "flakes" ]; -- 2.50.1 (Apple Git-155) From 7548fda5d7a170597f2c3485b06b80be497dc14e Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 10:44:20 -0800 Subject: [PATCH 09/30] Disable TPM2 to fix 90s boot delay Crosshair VI Hero has no TPM module. systemd waits 90s for /dev/tpm0 and /dev/tpmrm0 before timing out on every boot. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index d6bd665..d28f5d2 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -8,6 +8,9 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; + # No TPM module on this board + systemd.tpm2.enable = false; + # Networking networking.hostName = "ringtail"; networking.networkmanager.enable = true; -- 2.50.1 (Apple Git-155) From c1ec4851d52e7ea0e599a2e6500d82fc3e9efa13 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:00:36 -0800 Subject: [PATCH 10/30] Use NixOS 1Password modules for proper CLI-GUI integration Raw _1password-cli and _1password-gui packages don't set up the onepassword-cli group, setgid bit, or polkit policy needed for CLI-to-desktop-app communication. The NixOS modules handle this. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index d28f5d2..235dae4 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -72,6 +72,13 @@ # Fish shell programs.fish.enable = true; + # 1Password (modules handle CLI group/setgid and polkit for GUI integration) + programs._1password.enable = true; + programs._1password-gui = { + enable = true; + polkitPolicyOwners = [ "eblume" ]; + }; + # Steam programs.steam = { enable = true; @@ -111,8 +118,6 @@ htop curl wget - _1password-cli - _1password-gui chezmoi neovim eza -- 2.50.1 (Apple Git-155) From 421311ff75b27034fa138d7d571e3f1d9d07335d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:05:03 -0800 Subject: [PATCH 11/30] Add waybar with system tray for sway Configured via home-manager with workspaces, window title, audio, network, clock, and tray modules. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 235dae4..b4ab6fd 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -141,8 +141,31 @@ config = { terminal = "wezterm"; modifier = "Mod4"; + bars = [{ command = "waybar"; }]; }; }; + + programs.waybar = { + enable = true; + settings = [{ + layer = "top"; + position = "top"; + modules-left = [ "sway/workspaces" "sway/mode" ]; + modules-center = [ "sway/window" ]; + modules-right = [ "pulseaudio" "network" "clock" "tray" ]; + tray = { spacing = 8; }; + clock = { format = "{:%a %b %d %H:%M}"; }; + network = { + format-wifi = "{essid} ({signalStrength}%)"; + format-ethernet = "{ifname}"; + format-disconnected = "disconnected"; + }; + pulseaudio = { + format = "{volume}% {icon}"; + format-icons = { default = [ "" ]; }; + }; + }]; + }; }; # Ensure mounted drives are owned by eblume -- 2.50.1 (Apple Git-155) From 5ad47ef42cc02aa33274c3d8d801b37fe43818d3 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:09:13 -0800 Subject: [PATCH 12/30] Add VictorMono Nerd Font for wezterm Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index b4ab6fd..d2f8f08 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -130,6 +130,11 @@ ripgrep ]; + # Fonts + fonts.packages = with pkgs; [ + nerd-fonts.victor-mono + ]; + # Home Manager (minimal — chezmoi owns dotfiles, this is ringtail-specific) home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; -- 2.50.1 (Apple Git-155) From 4668bf99788a640c56ca01d47eec579d33172499 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:13:00 -0800 Subject: [PATCH 13/30] Add mise to ringtail for managing node/npm Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index d2f8f08..8ffac24 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -128,6 +128,7 @@ atuin bat ripgrep + mise ]; # Fonts -- 2.50.1 (Apple Git-155) From dbd389cd64383472b911d0632272fed5e9024249 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:14:48 -0800 Subject: [PATCH 14/30] Map Caps Lock to Control in sway Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 8ffac24..39fc459 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -148,6 +148,11 @@ terminal = "wezterm"; modifier = "Mod4"; bars = [{ command = "waybar"; }]; + input = { + "*" = { + xkb_options = "ctrl:nocaps"; + }; + }; }; }; -- 2.50.1 (Apple Git-155) From a42e73009fca2de2262918fafab4240bc614c338 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:16:37 -0800 Subject: [PATCH 15/30] Add build toolchain for mise-managed language runtimes gcc, gnumake, pkg-config, and openssl needed to compile Python, Rust, Node, etc. via mise. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 39fc459..29827da 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -129,6 +129,10 @@ bat ripgrep mise + gcc + gnumake + pkg-config + openssl ]; # Fonts -- 2.50.1 (Apple Git-155) From 24fc5df7ec281625cb68853b668d509f9763f13a Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:21:39 -0800 Subject: [PATCH 16/30] Add gnupg and nix-ld for mise-installed runtimes gnupg fixes GPG verification warnings. nix-ld provides a dynamic linker shim so generic Linux binaries (dotnet, rustup, etc.) downloaded by mise can run on NixOS. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 29827da..dfca1c3 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -133,8 +133,12 @@ gnumake pkg-config openssl + gnupg ]; + # Allow running dynamically linked binaries (mise-installed runtimes, etc.) + programs.nix-ld.enable = true; + # Fonts fonts.packages = with pkgs; [ nerd-fonts.victor-mono -- 2.50.1 (Apple Git-155) From 505799448d9b747bd20332ff1f1c768623b13794 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 11:39:35 -0800 Subject: [PATCH 17/30] Update ringtail docs and changelog for PR Co-Authored-By: Claude Opus 4.6 --- .../feature-ringtail-nixos.infra.md | 2 +- docs/reference/infrastructure/ringtail.md | 32 +++++++++++-------- 2 files changed, 20 insertions(+), 14 deletions(-) diff --git a/docs/changelog.d/feature-ringtail-nixos.infra.md b/docs/changelog.d/feature-ringtail-nixos.infra.md index 92c89a1..c683ffe 100644 --- a/docs/changelog.d/feature-ringtail-nixos.infra.md +++ b/docs/changelog.d/feature-ringtail-nixos.infra.md @@ -1 +1 @@ -Polish ringtail NixOS config: sway keybinding, fish shell, 1Password, chezmoi, and dev tools. Add ringtail reference documentation. +Ringtail post-install: NixOS config (sway, fish, 1Password, Steam, chezmoi, dev tools, nix-ld), Dagger flake-lock pipeline, improved provision-ringtail workflow, services-check integration, and reference documentation. diff --git a/docs/reference/infrastructure/ringtail.md b/docs/reference/infrastructure/ringtail.md index c4880fa..f6dea3e 100644 --- a/docs/reference/infrastructure/ringtail.md +++ b/docs/reference/infrastructure/ringtail.md @@ -20,32 +20,38 @@ Service host and gaming PC. Custom-built PC running NixOS. | **GPU** | NVIDIA GeForce RTX 4080 (AD103, 16 GB VRAM) | | **Monitor** | HP OMEN 27i IPS (2560x1440, 165 Hz, DisplayPort) | | **Storage (boot)** | Samsung 970 PRO 1TB NVMe | -| **Storage (SATA)** | Samsung 850 EVO 1TB, 850 EVO 500GB, 840 PRO 120GB | +| **Storage (SATA)** | Samsung 850 EVO 1TB (`/mnt/games`), 850 EVO 500GB (`/mnt/storage1`), 840 PRO 120GB (`/mnt/storage2`) | | **Peripherals** | Das Keyboard 4, Logitech MX Master 3, 8BitDo Ultimate 2 controller | | **OS** | NixOS 25.11 (Sway/Wayland) | | **Tailscale hostname** | `ringtail.tail8d86e.ts.net` | ## Software -Managed declaratively via `nixos/ringtail/configuration.nix`. +Managed declaratively via `nixos/ringtail/configuration.nix`. Home-manager handles ringtail-specific sway/waybar config; chezmoi manages cross-platform dotfiles. -- **Desktop:** Sway (Wayland compositor) with wezterm terminal -- **Shell:** Fish (default login shell) -- **Gaming:** Steam -- **Dotfiles:** chezmoi (requires `.chezmoiignore` updates in dotfiles repo for Linux) -- **Secrets:** 1Password CLI + GUI (CLI integration via desktop app biometric unlock) +- **Desktop:** Sway (Wayland) with waybar and wezterm +- **Gaming:** Steam (library on `/mnt/games`), 8BitDo controller via Steam Input +- **Secrets:** 1Password CLI + GUI (NixOS modules for polkit/setgid integration) +- **Runtimes:** mise manages Node, Python, Rust, .NET; nix-ld enables dynamically linked binaries +- **Dotfiles:** `chezmoi init eblume && chezmoi apply` + +## Deployment + +```fish +mise run provision-ringtail +``` + +This updates `flake.lock` via Dagger, verifies the current commit is pushed to forge, then deploys the exact commit via ansible. If the lockfile changed, it stages the file and exits so you can commit and re-run. ## Maintenance Notes -**NixOS rebuild:** From the blumeops repo, run `mise run provision-ringtail` or on ringtail directly: +**1Password:** Desktop app must be running for `op` CLI. Use `$mod+Shift+minus` to send to scratchpad. -```bash -sudo nixos-rebuild switch --flake /etc/nixos#ringtail -``` +**NVIDIA:** Proprietary drivers. Sway launched with `--unsupported-gpu` via greetd. -**NVIDIA drivers:** Uses proprietary (closed-source) drivers. The `--unsupported-gpu` flag is passed to sway via greetd since sway officially only supports open-source drivers. +**No TPM:** `systemd.tpm2.enable = false` prevents 90s boot delay. -**Chezmoi:** The dotfiles repo (`github.com/eblume/dotfiles`) is macOS-centric. A `.chezmoiignore` needs to be added to skip macOS-only files on Linux (Brewfile, macOS-specific PATH/SSH_AUTH_SOCK). This is tracked as a separate task outside blumeops. +**RAM speed:** Running at 2133 MT/s (rated 3200). XMP may need enabling in BIOS. ## Related -- 2.50.1 (Apple Git-155) From a1e308a43c86f34ef7ee8676d486dd346983dfc9 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 12:39:53 -0800 Subject: [PATCH 18/30] Launch 1Password and Steam on sway startup Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index dfca1c3..1934bd9 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -161,6 +161,10 @@ xkb_options = "ctrl:nocaps"; }; }; + startup = [ + { command = "1password"; } + { command = "steam"; } + ]; }; }; -- 2.50.1 (Apple Git-155) From 8f7b7ea11aea0f430e59f2be37f6c13cbe2a1da8 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 15:18:11 -0800 Subject: [PATCH 19/30] Add ICU and python build deps for mise runtimes dotnet needs libicu for globalization support. python-build needs zlib, readline, bzip2, xz, libffi, ncurses, and sqlite. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 1934bd9..8c6b7f5 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -134,6 +134,14 @@ pkg-config openssl gnupg + icu + zlib + readline + bzip2 + xz + libffi + ncurses + sqlite ]; # Allow running dynamically linked binaries (mise-installed runtimes, etc.) -- 2.50.1 (Apple Git-155) From 6b946349c31d245aef6947af1ec063329703492b Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 15:29:00 -0800 Subject: [PATCH 20/30] Move runtime libs to nix-ld.libraries for mise binaries Dynamically linked binaries (dotnet, python) need libraries in NIX_LD_LIBRARY_PATH, not just on PATH via systemPackages. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 8c6b7f5..aa9c49b 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -134,7 +134,13 @@ pkg-config openssl gnupg + ]; + + # Allow running dynamically linked binaries (mise-installed runtimes, etc.) + programs.nix-ld.enable = true; + programs.nix-ld.libraries = with pkgs; [ icu + openssl zlib readline bzip2 @@ -144,9 +150,6 @@ sqlite ]; - # Allow running dynamically linked binaries (mise-installed runtimes, etc.) - programs.nix-ld.enable = true; - # Fonts fonts.packages = with pkgs; [ nerd-fonts.victor-mono -- 2.50.1 (Apple Git-155) From a870b2c2787f71b351d36c247ce48a7409a7ef2d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 15:33:30 -0800 Subject: [PATCH 21/30] Fix changed_when check for nixos-rebuild (stderr not stdout) Co-Authored-By: Claude Opus 4.6 --- ansible/playbooks/ringtail.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/playbooks/ringtail.yml b/ansible/playbooks/ringtail.yml index ad36511..f7e085a 100644 --- a/ansible/playbooks/ringtail.yml +++ b/ansible/playbooks/ringtail.yml @@ -16,7 +16,7 @@ ansible.builtin.command: cmd: nixos-rebuild switch --flake /etc/blumeops/nixos/ringtail#ringtail register: _rebuild - changed_when: "'activating the configuration' in _rebuild.stdout" + changed_when: "'activating the configuration' in _rebuild.stderr" when: _repo.changed - name: Verify tailscale is connected -- 2.50.1 (Apple Git-155) From a295298366199eb212ed1834fe8ef34db090871e Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 15:46:24 -0800 Subject: [PATCH 22/30] Add compile-time flags for mise python-build on NixOS python-build compiles from source and needs headers/library paths. nix-ld only handles runtime linking for prebuilt binaries. Set CFLAGS, LDFLAGS, and PKG_CONFIG_PATH via sessionVariables so configure scripts find zlib, openssl, readline, etc. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index aa9c49b..163b8ce 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -1,5 +1,9 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: +let + # Libraries needed by mise-compiled runtimes (python-build, etc.) + buildDeps = with pkgs; [ zlib readline bzip2 xz libffi ncurses sqlite openssl ]; +in { # Allow unfree packages (NVIDIA drivers, Steam) nixpkgs.config.allowUnfree = true; @@ -138,17 +142,14 @@ # Allow running dynamically linked binaries (mise-installed runtimes, etc.) programs.nix-ld.enable = true; - programs.nix-ld.libraries = with pkgs; [ - icu - openssl - zlib - readline - bzip2 - xz - libffi - ncurses - sqlite - ]; + programs.nix-ld.libraries = buildDeps ++ [ pkgs.icu ]; + + # Compile-time flags for mise python-build and similar source builds + environment.sessionVariables = { + PKG_CONFIG_PATH = lib.makeSearchPath "lib/pkgconfig" (map lib.getDev buildDeps); + CFLAGS = lib.concatMapStringsSep " " (p: "-I${lib.getDev p}/include") buildDeps; + LDFLAGS = lib.concatMapStringsSep " " (p: "-L${lib.getLib p}/lib") buildDeps; + }; # Fonts fonts.packages = with pkgs; [ -- 2.50.1 (Apple Git-155) From 36fb711ee3958c448f0b297dfe32d299c801a24a Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 16:29:56 -0800 Subject: [PATCH 23/30] Add librewolf and Catppuccin Macchiato theme for sway/waybar - librewolf browser - Sway: gaps (8 inner, 4 outer), 2px borders, catppuccin macchiato window colors, VictorMono Nerd Font, solid base color background - Waybar: catppuccin macchiato styling with accent colors per module Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 94 ++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 163b8ce..806ca55 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -138,6 +138,7 @@ in pkg-config openssl gnupg + librewolf ]; # Allow running dynamically linked binaries (mise-installed runtimes, etc.) @@ -167,12 +168,59 @@ in config = { terminal = "wezterm"; modifier = "Mod4"; + fonts = { + names = [ "VictorMono Nerd Font" ]; + size = 10.0; + }; bars = [{ command = "waybar"; }]; + gaps = { + inner = 8; + outer = 4; + }; + window = { + border = 2; + titlebar = false; + }; + colors = { + focused = { + border = "#8aadf4"; + background = "#24273a"; + text = "#cad3f5"; + indicator = "#c6a0f6"; + childBorder = "#8aadf4"; + }; + focusedInactive = { + border = "#494d64"; + background = "#1e2030"; + text = "#a5adcb"; + indicator = "#494d64"; + childBorder = "#494d64"; + }; + unfocused = { + border = "#363a4f"; + background = "#1e2030"; + text = "#6e738d"; + indicator = "#363a4f"; + childBorder = "#363a4f"; + }; + urgent = { + border = "#ed8796"; + background = "#24273a"; + text = "#cad3f5"; + indicator = "#ed8796"; + childBorder = "#ed8796"; + }; + }; input = { "*" = { xkb_options = "ctrl:nocaps"; }; }; + output = { + "*" = { + bg = "#24273a solid_color"; + }; + }; startup = [ { command = "1password"; } { command = "steam"; } @@ -185,6 +233,7 @@ in settings = [{ layer = "top"; position = "top"; + height = 30; modules-left = [ "sway/workspaces" "sway/mode" ]; modules-center = [ "sway/window" ]; modules-right = [ "pulseaudio" "network" "clock" "tray" ]; @@ -200,6 +249,51 @@ in format-icons = { default = [ "" ]; }; }; }]; + style = '' + * { + font-family: "VictorMono Nerd Font"; + font-size: 13px; + border: none; + border-radius: 0; + min-height: 0; + } + window#waybar { + background-color: #1e2030; + color: #cad3f5; + } + #workspaces button { + padding: 0 8px; + color: #6e738d; + background: transparent; + } + #workspaces button.focused { + color: #8aadf4; + background: #363a4f; + border-bottom: 2px solid #8aadf4; + } + #workspaces button.urgent { + color: #ed8796; + } + #window { + color: #a5adcb; + } + #clock, #network, #pulseaudio, #tray { + padding: 0 10px; + color: #cad3f5; + } + #clock { + color: #8aadf4; + } + #pulseaudio { + color: #f5a97f; + } + #network { + color: #a6da95; + } + #network.disconnected { + color: #ed8796; + } + ''; }; }; -- 2.50.1 (Apple Git-155) From 354d745ec6125636b728413edd6fe63131ff9474 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 16:30:31 -0800 Subject: [PATCH 24/30] Add unzip for Mason LSP installs Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 806ca55..f5df967 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -138,6 +138,7 @@ in pkg-config openssl gnupg + unzip librewolf ]; -- 2.50.1 (Apple Git-155) From ee21f80d3532da259efef91a8de952f88707b3f7 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 16:44:28 -0800 Subject: [PATCH 25/30] Add wallpaper and waybar module pill styling - Wallpaper from ~/.config/sway/wallpaper.jpg - Waybar modules styled as rounded pills with gaps - Semi-transparent waybar background Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index f5df967..a5bbdfb 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -219,7 +219,7 @@ in }; output = { "*" = { - bg = "#24273a solid_color"; + bg = "~/.config/sway/wallpaper.jpg fill"; }; }; startup = [ @@ -259,13 +259,16 @@ in min-height: 0; } window#waybar { - background-color: #1e2030; + background-color: rgba(30, 32, 48, 0.9); color: #cad3f5; + margin: 4px 4px 0 4px; } #workspaces button { padding: 0 8px; + margin: 0 2px; color: #6e738d; background: transparent; + border-radius: 4px; } #workspaces button.focused { color: #8aadf4; @@ -279,8 +282,11 @@ in color: #a5adcb; } #clock, #network, #pulseaudio, #tray { - padding: 0 10px; + padding: 0 12px; + margin: 4px 2px; color: #cad3f5; + background: #363a4f; + border-radius: 4px; } #clock { color: #8aadf4; -- 2.50.1 (Apple Git-155) From 62fb1744d07ded15301aee4506fd313cbca4de90 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 16:47:51 -0800 Subject: [PATCH 26/30] Add bluetooth, improve waybar audio/network modules - Enable bluetooth with blueman for speaker pairing - Pulseaudio: headphone icon, mute indicator - Network: show bandwidth up/down instead of interface name - Bluetooth waybar module with catppuccin styling Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index a5bbdfb..18fd789 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -73,6 +73,13 @@ in pulse.enable = true; }; + # Bluetooth + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + }; + services.blueman.enable = true; + # Fish shell programs.fish.enable = true; @@ -237,17 +244,22 @@ in height = 30; modules-left = [ "sway/workspaces" "sway/mode" ]; modules-center = [ "sway/window" ]; - modules-right = [ "pulseaudio" "network" "clock" "tray" ]; + modules-right = [ "pulseaudio" "bluetooth" "network" "clock" "tray" ]; tray = { spacing = 8; }; clock = { format = "{:%a %b %d %H:%M}"; }; network = { - format-wifi = "{essid} ({signalStrength}%)"; - format-ethernet = "{ifname}"; + interval = 2; + format-ethernet = "{bandwidthDownBits} down {bandwidthUpBits} up"; + format-wifi = "{essid} {bandwidthDownBits} down {bandwidthUpBits} up"; format-disconnected = "disconnected"; }; pulseaudio = { - format = "{volume}% {icon}"; - format-icons = { default = [ "" ]; }; + format = "{icon} {volume}%"; + format-muted = " muted"; + format-icons = { + headphone = ""; + default = [ "" "" "" ]; + }; }; }]; style = '' @@ -281,7 +293,13 @@ in #window { color: #a5adcb; } - #clock, #network, #pulseaudio, #tray { + #bluetooth { + color: #8aadf4; + } + #bluetooth.off, #bluetooth.disabled { + color: #6e738d; + } + #clock, #network, #pulseaudio, #bluetooth, #tray { padding: 0 12px; margin: 4px 2px; color: #cad3f5; -- 2.50.1 (Apple Git-155) From 391dd2dd1072c69118ca8081ea74bf666f190e4e Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 16:48:48 -0800 Subject: [PATCH 27/30] Disable sway config check for runtime wallpaper path The Nix build sandbox can't access ~/.config/sway/wallpaper.jpg, so the config check fails. The config is valid at runtime. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 18fd789..43b0eb0 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -173,6 +173,7 @@ in wayland.windowManager.sway = { enable = true; + checkConfig = false; config = { terminal = "wezterm"; modifier = "Mod4"; -- 2.50.1 (Apple Git-155) From 4cd6009b529d778ad91722513ee81147f019f6ce Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 17:42:41 -0800 Subject: [PATCH 28/30] Add volume keys, fuzzel launcher, bluetooth speakers, update docs - Volume key bindings for Das Keyboard knob (XF86Audio keys) - Fuzzel app launcher on $mod+Space (Catppuccin Macchiato themed) - Bluetooth enabled for Edifier R1280DBs speakers - LibreWolf browser - Docs updated: RAM at 3200 MT/s, audio, browser, theme Co-Authored-By: Claude Opus 4.6 --- .../feature-ringtail-nixos.infra.md | 2 +- docs/reference/infrastructure/ringtail.md | 8 +++-- nixos/ringtail/configuration.nix | 36 +++++++++++++++++++ 3 files changed, 42 insertions(+), 4 deletions(-) diff --git a/docs/changelog.d/feature-ringtail-nixos.infra.md b/docs/changelog.d/feature-ringtail-nixos.infra.md index c683ffe..8c5ddf0 100644 --- a/docs/changelog.d/feature-ringtail-nixos.infra.md +++ b/docs/changelog.d/feature-ringtail-nixos.infra.md @@ -1 +1 @@ -Ringtail post-install: NixOS config (sway, fish, 1Password, Steam, chezmoi, dev tools, nix-ld), Dagger flake-lock pipeline, improved provision-ringtail workflow, services-check integration, and reference documentation. +Ringtail post-install: NixOS config (sway with Catppuccin Macchiato theme, fish, 1Password, Steam, LibreWolf, Bluetooth audio, chezmoi, dev tools, nix-ld), Dagger flake-lock pipeline, improved provision-ringtail workflow, services-check integration, and reference documentation. diff --git a/docs/reference/infrastructure/ringtail.md b/docs/reference/infrastructure/ringtail.md index f6dea3e..7906979 100644 --- a/docs/reference/infrastructure/ringtail.md +++ b/docs/reference/infrastructure/ringtail.md @@ -16,7 +16,7 @@ Service host and gaming PC. Custom-built PC running NixOS. |----------|-------| | **Motherboard** | ASUS ROG Crosshair VI Hero (Wi-Fi AC) | | **CPU** | AMD Ryzen 7 1700X (8-core/16-thread, 3.4 GHz) | -| **RAM** | 32 GB DDR4 (4x8 GB Corsair Vengeance CMK16GX4M2B3200C16, running at 2133 MT/s) | +| **RAM** | 32 GB DDR4 (4x8 GB Corsair Vengeance CMK16GX4M2B3200C16, 3200 MT/s DOCP) | | **GPU** | NVIDIA GeForce RTX 4080 (AD103, 16 GB VRAM) | | **Monitor** | HP OMEN 27i IPS (2560x1440, 165 Hz, DisplayPort) | | **Storage (boot)** | Samsung 970 PRO 1TB NVMe | @@ -29,8 +29,10 @@ Service host and gaming PC. Custom-built PC running NixOS. Managed declaratively via `nixos/ringtail/configuration.nix`. Home-manager handles ringtail-specific sway/waybar config; chezmoi manages cross-platform dotfiles. -- **Desktop:** Sway (Wayland) with waybar and wezterm +- **Desktop:** Sway (Wayland, Catppuccin Macchiato theme) with waybar and wezterm +- **Browser:** LibreWolf - **Gaming:** Steam (library on `/mnt/games`), 8BitDo controller via Steam Input +- **Audio:** Edifier R1280DBs (Bluetooth), PipeWire - **Secrets:** 1Password CLI + GUI (NixOS modules for polkit/setgid integration) - **Runtimes:** mise manages Node, Python, Rust, .NET; nix-ld enables dynamically linked binaries - **Dotfiles:** `chezmoi init eblume && chezmoi apply` @@ -51,7 +53,7 @@ This updates `flake.lock` via Dagger, verifies the current commit is pushed to f **No TPM:** `systemd.tpm2.enable = false` prevents 90s boot delay. -**RAM speed:** Running at 2133 MT/s (rated 3200). XMP may need enabling in BIOS. +**RAM speed:** Running at 3200 MT/s via DOCP 1 (BIOS 8902+). ## Related diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 43b0eb0..6f1ae68 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -146,6 +146,7 @@ in openssl gnupg unzip + fuzzel librewolf ]; @@ -230,6 +231,17 @@ in bg = "~/.config/sway/wallpaper.jpg fill"; }; }; + keybindings = let mod = "Mod4"; in { + "${mod}+Return" = "exec wezterm"; + "${mod}+Shift+q" = "kill"; + "${mod}+d" = "exec wmenu-run"; + "${mod}+space" = "exec fuzzel"; + "${mod}+Shift+c" = "reload"; + "--locked XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle"; + "--locked XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%"; + "--locked XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%"; + "--locked XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle"; + }; startup = [ { command = "1password"; } { command = "steam"; } @@ -237,6 +249,30 @@ in }; }; + programs.fuzzel = { + enable = true; + settings = { + main = { + font = "VictorMono Nerd Font:size=14"; + terminal = "wezterm"; + width = 40; + horizontal-pad = 16; + vertical-pad = 8; + border-radius = 8; + border-width = 2; + }; + colors = { + background = "24273add"; + text = "cad3f5ff"; + match = "8aadf4ff"; + selection = "363a4fff"; + selection-text = "cad3f5ff"; + selection-match = "8aadf4ff"; + border = "8aadf4ff"; + }; + }; + }; + programs.waybar = { enable = true; settings = [{ -- 2.50.1 (Apple Git-155) From a2c3ddd9a2b26e5b2f40a4c4479d33e55d9f6d39 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 17:46:23 -0800 Subject: [PATCH 29/30] Add pulseaudio package for pactl volume control Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 6f1ae68..27048df 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -147,6 +147,7 @@ in gnupg unzip fuzzel + pulseaudio librewolf ]; -- 2.50.1 (Apple Git-155) From 4f460cf8976df4875ee0e2c01f988ca51306b839 Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Wed, 18 Feb 2026 17:53:11 -0800 Subject: [PATCH 30/30] Set monitor to 165Hz with adaptive sync, add pactl Running at 60Hz caused significant input lag. Enable full 165Hz refresh rate on the OMEN 27i and adaptive sync for VRR. Co-Authored-By: Claude Opus 4.6 --- nixos/ringtail/configuration.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 27048df..9e5ecec 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -228,7 +228,9 @@ in }; }; output = { - "*" = { + "DP-1" = { + mode = "2560x1440@165Hz"; + adaptive_sync = "on"; bg = "~/.config/sway/wallpaper.jpg fill"; }; }; -- 2.50.1 (Apple Git-155)