attic-closure archetype: no parity-lib builder exists for attic pushes, so
wrap the existing per-arch package build in ci/publish.py (woodpecker-peek
pattern) and expose `nix run .#{stage,publish}-amd64` + `.#publish`.
Two-halves rule: STAGE nix-builds every package in the arch list into the
local store (emmett-buildable); PUBLISH additionally attic-pushes each
closure. Local runs DRY-RUN unless --push/PUBLISH=1; CI sets PUBLISH=1.
The .woodpecker/{amd64,arm64}.yaml now call the same ci/publish.py so CI
and local runs can't drift. arm64 stays node-bound (no emmett cross path),
so it has no local-parity app. ci/build.py becomes a forwarding shim.
Adds mcp-chrome as a flake input (mirroring the woodpecker-peek pattern)
and re-exposes two packages: mcp-chrome-wasm-simd (proven green, ~22 s)
and mcp-chrome-extension (KNOWN-BROKEN under nix-daemon; exposed for
local builds but kept out of the CI matrix to avoid red pipelines).
CI warms attic with mcp-chrome-wasm-simd on x86_64-linux and aarch64-linux
only; s390x cross and Darwin are out of scope.
Closesoleks/mcp-chrome#5.
Re-exposes oleks/woodpecker-peek as packages.<sys>.woodpecker-peek for
x86_64-linux and aarch64-linux, and adds it to ci/build.py so the
amd64/arm64 workflows push the closure to attic-infra-cache-k3s-1.
Consumers (emmett) then set services.woodpecker-peek.package = pkgs.woodpecker-peek
and pull the cached binary instead of rebuilding.
Add the renamed gitea-local-fork derivation to the Woodpecker
build matrix on x86_64 and aarch64 (the only platforms the
derivation supports — see flake.nix). Resulting closure is
pushed to attic-infra-cache-k3s-1 so subsequent
`just gitea-run` invocations resolve from cache rather than
recompile Go 1.26.3 locally.
Pipeline #41 died with exit 127 on `free -h` — procps isn't in the
nix-ci image. New info() helper runs the command and ignores the exit
code, so missing tools no longer abort the build. Also switched to
/proc/meminfo since it's always available on Linux.
google-antigravity pulls in google-chrome, which transitively builds
liberation-fonts; fontforge segfaults while generating the .ttf files
(pipeline #40). Package definitions stay in the flake for local
builds — re-enable in CI once upstream fontforge is fixed.
setup.sh now traces each command (set -ex) so /etc/hosts, nix.conf,
and netrc setup are visible in pipeline logs.
build.py replaces capture() with a streaming build() helper for
nix builds: stderr is inherited (live --print-build-logs output)
while stdout is captured for the out path. Also dumps nix version,
uname, disk, and memory at the start so failures have context.
- packages/xontribs.nix: xontrib-prompt-starship, -broot, -term-integrations
wheels for use with `programs.xonsh.extraPackages` (or xonsh.override)
- packages/hyprspace.nix + hyprspace flake input (flake=false): rebuild
plugin against the consumer's hyprland; exposed via overlays.hyprspace
- overlays/gcc15-fixes.nix: hotdoc/kitty/libsecret/xdg-desktop-portal/afdko
workarounds so fleet nodes on the same pin can opt in with one line
- flake.nix: lift overlays out of eachSystem to the root (overlays.default
was previously nested per-system, which doesn't match flake schema)
Oleks