shells: remove neovim

Some users may be using self-contained Neovim executables.
agenix: import initial user dns keys
2026-05-03 22:18:49 -04:00 · 2026-05-03 22:18:49 -04:00 · 2026-05-03 22:18:49 -04:00 · 2026-05-03 22:18:49 -04:00 · 2026-05-03 22:18:48 -04:00
15 changed files with 262 additions and 64 deletions
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 Wl2fDA 3CWPYLgoTMGb9gBbDzZIQxYJ9Gfm49g6lqQyqlegUDQ
+ryhsPP5+Byus2e5GSXDJlKYX1o3HfQ87CLRv2htU4n4
+-> ssh-ed25519 EiAAKw B2uGdkeC3OZISN2iH2DR1J7L3/mbuFvebzqaTdAURCw
+ze0X/MmHP78rRqAn0O3VBtnMJsiOXPk8RIe82tdQMeg
+--- kLBxPuJdbPmJ1Lz3iBu8EPItdZtpNHIyV6pz1QzhcUY
+ä3ÛÿÉèŸP>gòh@ö•AZ’üz-í6R€¸zèÚ¢[ÇÝÍPÂòã†¿y?•ÉŽU�SNÝ©&ú#}ÝR+o?.B¶&´5]ÇW€OÎ‰Puh‹½ŽÞ=t¶5|¿×“s×€ú&!‰Î-�æTÝSÆfÕ™-j"#žiÂwzºš›ãjö¯“HŒí�
@@ -1,17 +1,25 @@
 let
-  users = import ../lib/ssh/keys.nix;
+  inherit (import ../lib)
+    users
+    adminSSHKeys
+    attrsToList
+    getSSHKeys
+    ;

  tuxcord-ca = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPxiko5Csyq9UODglYzLBvRfxkhQu9GXP7SH2BpC8G/7";
 in
 {
-  "ntfy.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
+  "ntfy.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;

  # tsig-keygen etc.sub.domain.tld.
-  "dns/tuxcord.net/tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ [ users.error users.javalsai ];
-  # "dns/tuxcord.net/XXX.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ [ users.XXX ];
-
-  "dns/tuxcord.test/tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
-  "dns/tuxcord.test/sub.tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
-
-  "dns/nix.tuxcord.net/nix.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ builtins.attrValues users;
+  "dns/tuxcord.net/tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
+  "dns/nix.tuxcord.net/nix.tuxcord.net.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
+  "dns/tuxcord.test/tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
+  "dns/tuxcord.test/sub.tuxcord.test.key.age".publicKeys = [ tuxcord-ca ] ++ adminSSHKeys;
 }
+// builtins.listToAttrs (
+  map (user: {
+    name = "dns/tuxcord.net/${user.name}.tuxcord.net.key.age";
+    value.publicKeys = [ tuxcord-ca ] ++ getSSHKeys user.name;
+  }) (builtins.filter (user: user.value.options.ddns or false) (attrsToList users))
+)
@@ -16,13 +16,19 @@ To test the environment, you can launch a virtualized NixOS system derived from
 nix run '.#nixosConfigurations.<system>.config.system.build.vm'
 ```

-Here, `<system>` refers to the hostname of the system you want to test (e.g., tuxcord-ca).
+Here, `<system>` refers to the hostname of the system you want to test (e.g., tuxcord-test).

 Note that this will create a `qcow2` image file in the current directory. Nix will automatically manage changes to the configuration and update the image file accordingly while keeping part of its mutable state (e.g., root bash history).

 > [!WARNING]
 > Not all changes are applied automatically. Updates such as user passwords changes or modifications to the filesystem layout will require deleting the image file so that Nix can re-create it from scratch.

+# Access
+
+The initial password for the `root` account is `tuxcord`.
+
+SSH login is enabled for the configured user keys, if using the VM test configuration, yo will have to use the bridged IP.
+
 # Tooling

 Tooling used to aid in development.
@@ -42,7 +42,7 @@ Host specific configuration can be found at `nixos/hosts/tuxcord-XX`. This is us

 To learn how to get started, refer to the [Getting Started guide](./GETTING_STARTED.md).

-The guide contains basic instructions as to how to use Nix for this repository, as well as tools to help in certain tasks, some of this tools might be assumed accross document resources.
+The guide contains basic instructions as to how to use Nix for this repository, as well as tools to help in certain tasks, some of this tools might be assumed across document resources.

 It might also be useful to read the [installation section](#installation) to learn how to configure your testing environment.

@@ -6,14 +6,20 @@ Secrets are managed with `agenix` in the `agenix/` directory. This allows to dec

 The `agenix` help menu is already very helpful, but here you have a survival guide:

- `agenix` commands should run relative to the `agenix/` direcotry.
+- `agenix` commands should run relative to the `agenix/` directory.
 - `agenix -d` allows you to descrypt such file if you possess any of the decryption keys.
 - `agenix -e` decrypts (if present) and opens the file in your editor to re-encrypt when exited.
 - `agenix -r` re-encypts `*.age` files in the case you ever change its decryption keys.

 # Secrets

-<!-- TODO: missing ntfy.sh secret docs -->
+There is a `ntfy.age` secret file which contents look like:
+
+```sh
+NTFY_TOPIC=readable-name_XXXXXXXXXX
+```
+
+This secret file is meant to be sources by shells before using [ntfy.sh](<https://ntfy.sh/>) to push important notifications. This topic could contain sensitive information and must be kept secret amongst administrators.

 ## DNS TSIG Keys

@@ -24,5 +30,5 @@ These keys can be generated using `tsig-keygen <key-name>` (historically they we
 When DNS is enabled for a host, it will look for `dns/${fqdn}/${zone}.key` secrets.

 - The key whose zone matches the `${fqdn}` will be allowed to tramit updates for all the domain.
- Keys restrained to a specific `${subdomain}` will only be allowed to edit records of such subdomain.
+- Keys restrained to a specific `${zone}` will only be allowed to edit records of such zone.
 - All keys must be named with the zone they affect, final dot included, so that (e.g. `tuxcord.net/javalsai.tuxcord.net.key` must be generated by `tsig-keygen javalsai.tuxcord.net.`).
@@ -2,7 +2,13 @@

 The first configuration of the server needs some configuration of its mutable state:

-Setup also heavily relies on the secrets configured, make sure you [undestand agenix](./SECRETS.md) good enough.
+Setup also heavily relies on the secrets configured, make sure you [understand agenix](./SECRETS.md) good enough.
+
+# Root Password
+
+The `root` password is `tuxcord` by default on all system configurations. For security, it's important to remember to change it as soon as an installation is done.
+
+The root account is intended to be kept active in case there ever is the need to perform a TTY login. But this will be rare so do keep a security complex password saved somewhere and don't share it beyond the necessary amount.

 # SSH Keys

@@ -52,6 +52,11 @@
          formatter = pkgs.nixfmt;
        };

+      flake = {
+        lib = import ./lib;
+        pins = import ./npins;
+      };
+
      systems = [
        "x86_64-linux"
        "aarch64-linux"
@@ -0,0 +1,21 @@
+rec {
+  users = import ./users.nix;
+
+  adminSSHKeys = builtins.concatLists (
+    map (user: getSSHKeys user.name) (
+      builtins.filter (user: user.value.options.admin or false) (attrsToList users)
+    )
+  );
+
+  attrsToList = mapAttrsToList nameValuePair;
+  mapAttrsToList = f: attrs: builtins.attrValues (builtins.mapAttrs f attrs);
+  nameValuePair = name: value: { inherit name value; };
+  toList = x: if builtins.isList x then x else [ x ];
+
+  getSSHKeys =
+    username:
+    if (builtins.hasAttr "ssh" users.${username}) then
+      toList users.${username}.ssh
+    else
+      builtins.warn "user ${username} declared without ssh key" [ ];
+}
@@ -1,8 +0,0 @@
-{
-  error = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDzdpxex2GlFVf5G2qsh3Ixa/XCMjnbq4JSTmAev7WYJ error.nointernet@gmail.com";
-  javalsai = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFjavnLqxIzFLIUpUWDOwhlYeoII4Qk1/9e0yWWxD/P";
-  max = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDxVfJhzPDZ108UjB3Vj/akzlzYn27kyAw29AuYAr7gvG5vrqhLUYYmK8t+ZVWVpc1g6cK7OF1oUn2E5Qfmy6wqyZQXftAZ4OcRS0MB71W1bAcRq3rGe6KQDm8RSEeygX+zO+2Z6zQmVWgPr/I+JFQZ8wiWdP8X8djqTRdhqUD+SR3ZgTcnY3aLmeB/I56rcZQ3lKIeg/pEsyQ8weptlV0rTWamna6Z7Nw48VwWNSI+6EqfW2/4/edm0Ue8jMNqNZ0yx+kHJbudPgZgSR1SiR2rqlEEUaiQJQQV3VdY4DhGm7143ZSKUxyKlfTuQ7qR1zSIg6f5V71A37ik9YiSbBlOZO86swR4qHESoMNf608IuqRt2NdALHwozFPUCu16qnhu5JTk8twSAzrAhOk5zWQj1LYMoQEBhcFSmwir/1gE71NSjYtqXGVAdfkVmZ4uqG5+a1D7H3VXWOqu/j839M045O1ZBY6X3lKDsEJ1Z1+LCl/NojWnvPtJUHYI6+SdQ6k=";
-
-  vectorum = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwfPaylCSN7ZqB6Trz8CmQlyzf0NUIy06uschdIOkdzjUNe/dPGbyEFZy/4SDBhg585x8hwfhfYjLGrneYq+O42DBDTDKxduWnIdl5zgPRqt7jB59jkukf9WUdpUdZsKCM5K97HCnizNEKGRnYllVPVQSapPhOm5dZlUD9YVv1UqbDuxtWOLvArkL52e9T+yL6FagRg6NPqA70MXPMk+S2H7lotFVxP2Eg//BCaQ0/H1vhNy6P4N6LLq3sVK1DSJyd2v8zHkdb2Zo0/Ygukol10KizSsEcihm8+bXp699uSgWIsaIQgDZlE1yx2iabmzQST1kL9+USnZZBZ+KxwtLCCI8mpCv6sxlhq2Zzim5HvsyMYM+zdHWIn1s2c6mEl4ntBAB4s5wAggS5Gjh/BfJLSvGsTFMC/XYX4gWFXynY5NlcopeENL2Afg4gbQvKkxYkWB/TMZWuqj5c5kCy+7F0881DpYxapq6kQ6IE4gkGiEQdhVFGWEFoV/k9iHrl6aanqvFtvuBHHgkXAGPpHAZDVZdp9lU0tqNQIM/eGINq4Or6wd9XDYyj5ezDEBxx1pPgweUDZrNe9+vKR+3AwbzB/XQPxTCcjd4d7Yx58jPLflFP1dDYT+3bvp+vA7UpHcJnISbVNu0SiSaIqLYhwDj1od5l6JDfRCqnMF1T59nRCQ==";
-  pickzelle = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUYQUWoL8iGc+PSrRrHyNwcOcmgGwPvJAM9HRJkPqcW pixel@DOOM-Machine";
-}
@@ -0,0 +1,30 @@
+{
+  error = {
+    ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDzdpxex2GlFVf5G2qsh3Ixa/XCMjnbq4JSTmAev7WYJ error.nointernet@gmail.com";
+    options = {
+      admin = true;
+      ddns = true;
+    };
+  };
+
+  javalsai = {
+    ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDFjavnLqxIzFLIUpUWDOwhlYeoII4Qk1/9e0yWWxD/P";
+    options = {
+      admin = true;
+      ddns = true;
+    };
+  };
+
+  max = {
+    ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDxVfJhzPDZ108UjB3Vj/akzlzYn27kyAw29AuYAr7gvG5vrqhLUYYmK8t+ZVWVpc1g6cK7OF1oUn2E5Qfmy6wqyZQXftAZ4OcRS0MB71W1bAcRq3rGe6KQDm8RSEeygX+zO+2Z6zQmVWgPr/I+JFQZ8wiWdP8X8djqTRdhqUD+SR3ZgTcnY3aLmeB/I56rcZQ3lKIeg/pEsyQ8weptlV0rTWamna6Z7Nw48VwWNSI+6EqfW2/4/edm0Ue8jMNqNZ0yx+kHJbudPgZgSR1SiR2rqlEEUaiQJQQV3VdY4DhGm7143ZSKUxyKlfTuQ7qR1zSIg6f5V71A37ik9YiSbBlOZO86swR4qHESoMNf608IuqRt2NdALHwozFPUCu16qnhu5JTk8twSAzrAhOk5zWQj1LYMoQEBhcFSmwir/1gE71NSjYtqXGVAdfkVmZ4uqG5+a1D7H3VXWOqu/j839M045O1ZBY6X3lKDsEJ1Z1+LCl/NojWnvPtJUHYI6+SdQ6k=";
+    options.admin = true;
+  };
+
+  vectorum = {
+    ssh = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwfPaylCSN7ZqB6Trz8CmQlyzf0NUIy06uschdIOkdzjUNe/dPGbyEFZy/4SDBhg585x8hwfhfYjLGrneYq+O42DBDTDKxduWnIdl5zgPRqt7jB59jkukf9WUdpUdZsKCM5K97HCnizNEKGRnYllVPVQSapPhOm5dZlUD9YVv1UqbDuxtWOLvArkL52e9T+yL6FagRg6NPqA70MXPMk+S2H7lotFVxP2Eg//BCaQ0/H1vhNy6P4N6LLq3sVK1DSJyd2v8zHkdb2Zo0/Ygukol10KizSsEcihm8+bXp699uSgWIsaIQgDZlE1yx2iabmzQST1kL9+USnZZBZ+KxwtLCCI8mpCv6sxlhq2Zzim5HvsyMYM+zdHWIn1s2c6mEl4ntBAB4s5wAggS5Gjh/BfJLSvGsTFMC/XYX4gWFXynY5NlcopeENL2Afg4gbQvKkxYkWB/TMZWuqj5c5kCy+7F0881DpYxapq6kQ6IE4gkGiEQdhVFGWEFoV/k9iHrl6aanqvFtvuBHHgkXAGPpHAZDVZdp9lU0tqNQIM/eGINq4Or6wd9XDYyj5ezDEBxx1pPgweUDZrNe9+vKR+3AwbzB/XQPxTCcjd4d7Yx58jPLflFP1dDYT+3bvp+vA7UpHcJnISbVNu0SiSaIqLYhwDj1od5l6JDfRCqnMF1T59nRCQ==";
+  };
+
+  pickzelle = {
+    ssh = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUYQUWoL8iGc+PSrRrHyNwcOcmgGwPvJAM9HRJkPqcW pixel@DOOM-Machine";
+  };
+}
@@ -1,25 +1,6 @@
 { lib, self, ... }:
 let
-  users = [
-    {
-      name = "error";
-      options.admin = true;
-    }
-    {
-      name = "javalsai";
-      options.admin = true;
-    }
-    {
-      name = "max";
-      options.admin = true;
-    }
-    {
-      name = "vectorum";
-    }
-    {
-      name = "pickzelle";
-    }
-  ];
+  inherit (self.lib) users;

  adminGroups = [
    "adm"
@@ -30,29 +11,17 @@ let
    "wheel"
  ];

-  getSSHKeys =
-    username:
-    let
-      sshKeys = import "${self}/lib/ssh/keys.nix";
-    in
-    if (builtins.hasAttr username sshKeys) then
-      lib.lists.toList sshKeys.${username}
-    else
-      lib.warn "user ${username} declared without ssh key" [ ];
-
  mkUser =
    name: uid: options:
    let
      admin = options.admin or false;
-
    in
    {
      users.users.${name} = {
+        inherit uid;
        isNormalUser = true;
        extraGroups = lib.optionals admin adminGroups;
-        inherit uid;
-
-        openssh.authorizedKeys.keys = getSSHKeys name;
+        openssh.authorizedKeys.keys = self.lib.getSSHKeys name;
      };

      systemd.slices."user-${builtins.toString uid}".sliceConfig = {
@@ -69,21 +38,20 @@ in
 lib.recursiveUpdate
  (builtins.foldl'
    (attrs: user: {
-      options = lib.recursiveUpdate attrs.options (mkUser user.name attrs.uid (user.options or { }));
+      options = lib.recursiveUpdate attrs.options (
+        mkUser user.name attrs.uid (user.value.options or { })
+      );
      uid = attrs.uid + 1;
    })
    {
      options = { };
      uid = 1000;
    }
-    users
+    (lib.attrsToList users)
  ).options
  {
    users.users.root = {
      initialPassword = "tuxcord";
-
-      openssh.authorizedKeys.keys = lib.lists.concatLists (
-        map (user: getSSHKeys user.name) (builtins.filter (user: user.options.admin or false) users)
-      );
+      openssh.authorizedKeys.keys = self.lib.adminSSHKeys;
    };
  }
@@ -0,0 +1,146 @@
+/*
+  This file is provided under the MIT licence:
+
+  Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/
+# Generated by npins. Do not modify; will be overwritten regularly
+let
+  data = builtins.fromJSON (builtins.readFile ./sources.json);
+  version = data.version;
+
+  # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
+  range =
+    first: last: if first > last then [ ] else builtins.genList (n: first + n) (last - first + 1);
+
+  # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
+  stringToCharacters = s: map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
+
+  # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
+  stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
+  concatMapStrings = f: list: concatStrings (map f list);
+  concatStrings = builtins.concatStringsSep "";
+
+  # If the environment variable NPINS_OVERRIDE_${name} is set, then use
+  # the path directly as opposed to the fetched source.
+  # (Taken from Niv for compatibility)
+  mayOverride =
+    name: path:
+    let
+      envVarName = "NPINS_OVERRIDE_${saneName}";
+      saneName = stringAsChars (c: if (builtins.match "[a-zA-Z0-9]" c) == null then "_" else c) name;
+      ersatz = builtins.getEnv envVarName;
+    in
+    if ersatz == "" then
+      path
+    else
+      # this turns the string into an actual Nix path (for both absolute and
+      # relative paths)
+      builtins.trace "Overriding path of \"${name}\" with \"${ersatz}\" due to set \"${envVarName}\"" (
+        if builtins.substring 0 1 ersatz == "/" then
+          /. + ersatz
+        else
+          /. + builtins.getEnv "PWD" + "/${ersatz}"
+      );
+
+  mkSource =
+    name: spec:
+    assert spec ? type;
+    let
+      path =
+        if spec.type == "Git" then
+          mkGitSource spec
+        else if spec.type == "GitRelease" then
+          mkGitSource spec
+        else if spec.type == "PyPi" then
+          mkPyPiSource spec
+        else if spec.type == "Channel" then
+          mkChannelSource spec
+        else if spec.type == "Tarball" then
+          mkTarballSource spec
+        else
+          builtins.throw "Unknown source type ${spec.type}";
+    in
+    spec // { outPath = mayOverride name path; };
+
+  mkGitSource =
+    {
+      repository,
+      revision,
+      url ? null,
+      submodules,
+      hash,
+      branch ? null,
+      ...
+    }:
+    assert repository ? type;
+    # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
+    # In the latter case, there we will always be an url to the tarball
+    if url != null && !submodules then
+      builtins.fetchTarball {
+        inherit url;
+        sha256 = hash; # FIXME: check nix version & use SRI hashes
+      }
+    else
+      let
+        url =
+          if repository.type == "Git" then
+            repository.url
+          else if repository.type == "GitHub" then
+            "https://github.com/${repository.owner}/${repository.repo}.git"
+          else if repository.type == "GitLab" then
+            "${repository.server}/${repository.repo_path}.git"
+          else
+            throw "Unrecognized repository type ${repository.type}";
+        urlToName =
+          url: rev:
+          let
+            matched = builtins.match "^.*/([^/]*)(\\.git)?$" url;
+
+            short = builtins.substring 0 7 rev;
+
+            appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else "";
+          in
+          "${if matched == null then "source" else builtins.head matched}${appendShort}";
+        name = urlToName url revision;
+      in
+      builtins.fetchGit {
+        rev = revision;
+        inherit name;
+        # hash = hash;
+        inherit url submodules;
+      };
+
+  mkPyPiSource =
+    { url, hash, ... }:
+    builtins.fetchurl {
+      inherit url;
+      sha256 = hash;
+    };
+
+  mkChannelSource =
+    { url, hash, ... }:
+    builtins.fetchTarball {
+      inherit url;
+      sha256 = hash;
+    };
+
+  mkTarballSource =
+    {
+      url,
+      locked_url ? url,
+      hash,
+      ...
+    }:
+    builtins.fetchTarball {
+      url = locked_url;
+      sha256 = hash;
+    };
+in
+if version == 5 then
+  builtins.mapAttrs mkSource data.pins
+else
+  throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"
@@ -0,0 +1,4 @@
+{
+  "pins": {},
+  "version": 5
+}
@@ -31,7 +31,6 @@
          git
          inputs.agenix.packages.${stdenv.hostPlatform.system}.default
          jujutsu
-          neovim
          nix-output-monitor
          nixfmt
          npins
Author	SHA1	Message	Date
ErrorNoInternet	ac5fe801a9	shells: remove neovim Check / Nix flake (push) Failing after 9s Details Lint / Nix expressions (push) Failing after 11s Details Some users may be using self-contained Neovim executables.	2026-05-03 22:18:49 -04:00
ErrorNoInternet	d2ad014c23	agenix: import initial user dns keys	2026-05-03 22:18:49 -04:00
ErrorNoInternet	b431300f49	treewide: create global user list	2026-05-03 22:18:49 -04:00
javalsai	7218ed9bce	docs: add sections and fix typos/errors	2026-05-03 22:18:49 -04:00
ErrorNoInternet	fbbb83bf52	treewide: initialize npins	2026-05-03 22:18:48 -04:00