summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--flake.lock90
-rw-r--r--hosts/navi/default.nix12
-rw-r--r--hosts/vps/default.nix16
-rw-r--r--hosts/vps/services/cytube.nix140
-rw-r--r--hosts/vps/services/hydrus.nix1
-rw-r--r--hosts/vps/services/matrix.nix6
-rw-r--r--hosts/vps/services/website.nix78
-rw-r--r--mixins/cli.nix4
-rw-r--r--mixins/firefox/minimum/default.nix2
-rw-r--r--mixins/multimedia.nix2
-rw-r--r--profiles/impermanence.nix1
11 files changed, 252 insertions, 100 deletions
diff --git a/flake.lock b/flake.lock
index ceb01fb..fcbb580 100644
--- a/flake.lock
+++ b/flake.lock
@@ -8,11 +8,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1703433843,
-        "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=",
+        "lastModified": 1707830867,
+        "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "417caa847f9383e111d1397039c9d4337d024bf0",
+        "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
         "type": "github"
       },
       "original": {
@@ -72,11 +72,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1707524024,
-        "narHash": "sha256-HmumZ8FuWAAYZrWUKm3N4G4h8nmZ5VUVX+vXLmCJNKM=",
+        "lastModified": 1711006105,
+        "narHash": "sha256-pvjqjx4L2Hx/NP3RWcwLjk+ABtMODAJ9+rgreU6fP6I=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "d07de570ba05cec2807d058daaa044f6955720c7",
+        "rev": "a8c966ee117c278a5aabc6f00b00ef62eb7e28f6",
         "type": "github"
       },
       "original": {
@@ -94,11 +94,11 @@
       },
       "locked": {
         "dir": "pkgs/firefox-addons",
-        "lastModified": 1707602717,
-        "narHash": "sha256-mLEziZaYS1G9Q2l7L1/HU+PyScfBGwgh1R4Mov7x5iY=",
+        "lastModified": 1711080247,
+        "narHash": "sha256-INIn5/6anm9rW+DhOfL83O3Z5vka9IQA7WQOA/CyxEU=",
         "owner": "rycee",
         "repo": "nur-expressions",
-        "rev": "8e23ca5dcbcd202ceb790598b38a68d7d292ef38",
+        "rev": "83a5049cfc2e37d9ef5b540aa01c0e5cc1e2a00f",
         "type": "gitlab"
       },
       "original": {
@@ -132,11 +132,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1701473968,
-        "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
+        "lastModified": 1706830856,
+        "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
+        "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f",
         "type": "github"
       },
       "original": {
@@ -180,11 +180,11 @@
     },
     "hardware": {
       "locked": {
-        "lastModified": 1707211557,
-        "narHash": "sha256-LTKTzZ6fM5j8XWXf51IMBzDaOaJg9kYWLUZxoIhzRN8=",
+        "lastModified": 1710783728,
+        "narHash": "sha256-eIsfu3c9JUBgm3cURSKTXLEI9Dlk1azo+MWKZVqrmkc=",
         "owner": "nixos",
         "repo": "nixos-hardware",
-        "rev": "6e5cc385fc8cf5ca6495d70243074ccdea9f64c7",
+        "rev": "1e679b9a9970780cd5d4dfe755a74a8f96d33388",
         "type": "github"
       },
       "original": {
@@ -207,11 +207,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1701009247,
-        "narHash": "sha256-GuX16rzRze2y7CsewJLTV6qXkXWyEwp6VCZXi8HLruU=",
+        "lastModified": 1704029560,
+        "narHash": "sha256-a4Iu7x1OP+uSYpqadOu8VCPY+MPF3+f6KIi+MAxlgyw=",
         "owner": "hercules-ci",
         "repo": "hercules-ci-effects",
-        "rev": "31b6cd7569191bfcd0a548575b0e2ef953ed7d09",
+        "rev": "d5cbf433a6ae9cae05400189a8dbc6412a03ba16",
         "type": "github"
       },
       "original": {
@@ -248,11 +248,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1707607386,
-        "narHash": "sha256-hj/RgQMTvCWQVInkZwiMMieumkfOjHXhtWhfuXHop/8=",
+        "lastModified": 1710974515,
+        "narHash": "sha256-jZpdsypecYTOO9l12Vy77otGmh9uz8tGzcguifA30Vs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "bfd0ae29a86eff4603098683b516c67e22184511",
+        "rev": "1c2acec99933f9835cc7ad47e35303de92d923a4",
         "type": "github"
       },
       "original": {
@@ -269,11 +269,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1703838268,
-        "narHash": "sha256-SRg5nXcdPnrsQR2MTAp7en0NyJnQ2wB1ivmsgEbvN+o=",
+        "lastModified": 1708591310,
+        "narHash": "sha256-8mQGVs8JccWTnORgoLOTh9zvf6Np+x2JzhIc+LDcJ9s=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "2aff324cf65f5f98f89d878c056b779466b17db8",
+        "rev": "0e0e9669547e45ea6cca2de4044c1a384fd0fe55",
         "type": "github"
       },
       "original": {
@@ -284,11 +284,11 @@
     },
     "impermanence": {
       "locked": {
-        "lastModified": 1706639736,
-        "narHash": "sha256-CaG4j9+UwBDfinxxvJMo6yOonSmSo0ZgnbD7aj2Put0=",
+        "lastModified": 1708968331,
+        "narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=",
         "owner": "nix-community",
         "repo": "impermanence",
-        "rev": "cd13c2917eaa68e4c49fea0ff9cada45440d7045",
+        "rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30",
         "type": "github"
       },
       "original": {
@@ -304,11 +304,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1707620986,
-        "narHash": "sha256-XE0tCSkSVBeJDWhjFwusNInwAhrnp+TloUNUpvnTiLw=",
+        "lastModified": 1710644923,
+        "narHash": "sha256-0fjbN5GYYDKPyPay0l8gYoH+tFfNqPPwP5sxxBreeA4=",
         "owner": "Mic92",
         "repo": "nix-index-database",
-        "rev": "0cb4345704123492e6d1f1068629069413c80de0",
+        "rev": "e25efda85e39fcdc845e371971ac4384989c4295",
         "type": "github"
       },
       "original": {
@@ -324,11 +324,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1688141737,
-        "narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
+        "lastModified": 1708891350,
+        "narHash": "sha256-VOQrKK7Df/IVuNki+NshVuGkTa/Tw0GigPjWcZff6kk=",
         "owner": "matthewcroughan",
         "repo": "nixinate",
-        "rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
+        "rev": "452f33c60df5b72ad0858f5f2cf224bdf1f17746",
         "type": "github"
       },
       "original": {
@@ -350,11 +350,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1703730102,
-        "narHash": "sha256-oXEu4FYhIgS0+qMMf1YfnseMmOStK/45S4k6XUcGi4M=",
+        "lastModified": 1708597894,
+        "narHash": "sha256-KxpKOBDGPJ76k37vLukYHp/wd7U4DoUVIvy8atHfy/k=",
         "owner": "nixpak",
         "repo": "nixpak",
-        "rev": "39e3350f9d473422c8cf9e7cb362241f8ed2b974",
+        "rev": "535dd408c4b19f407bc22e42eb32ccb9256e5865",
         "type": "github"
       },
       "original": {
@@ -399,11 +399,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1707546158,
-        "narHash": "sha256-nYYJTpzfPMDxI8mzhQsYjIUX+grorqjKEU9Np6Xwy/0=",
+        "lastModified": 1711001935,
+        "narHash": "sha256-URtGpHue7HHZK0mrHnSf8wJ6OmMKYSsoLmJybrOLFSQ=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d934204a0f8d9198e1e4515dd6fec76a139c87f0",
+        "rev": "20f77aa09916374aa3141cbc605c955626762c9a",
         "type": "github"
       },
       "original": {
@@ -440,11 +440,11 @@
         "searx-randomizer": "searx-randomizer"
       },
       "locked": {
-        "lastModified": 1704255270,
-        "narHash": "sha256-VC3+/kDeA60MfwT6w5AMBKuHVrtTFLGmbjdTTmKjJ3I=",
+        "lastModified": 1710502118,
+        "narHash": "sha256-kPzvCwGVuLlPDVRD35dMnudWPpEzRXfU/9DHsG12PaY=",
         "owner": "schizofox",
         "repo": "schizofox",
-        "rev": "cd5aaffb0063f48cb3f1e62d32a890e5e19163f1",
+        "rev": "8dde2033a6f448c48a48d4d0aeb22bf2da840b7d",
         "type": "github"
       },
       "original": {
@@ -463,11 +463,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1701454956,
-        "narHash": "sha256-9m6QXEka8YUmAnM/o6OpPrPoYHCGFw40lNXV8VMlN24=",
+        "lastModified": 1704412376,
+        "narHash": "sha256-Ap/AudJxCYBDWYy0lyqP0/FZYJCibL7jKkoj6hp1WS0=",
         "owner": "schizofox",
         "repo": "searx-randomizer",
-        "rev": "46c41f2ae7107cc541ead1390f4cd6ce06045721",
+        "rev": "c36a473732ba6b4f6024ac1c181631cf4d542b17",
         "type": "github"
       },
       "original": {
diff --git a/hosts/navi/default.nix b/hosts/navi/default.nix
index cdc49cb..4f722d9 100644
--- a/hosts/navi/default.nix
+++ b/hosts/navi/default.nix
@@ -123,11 +123,11 @@
 
     home-manager.users.tzlil = {
       services.gnome-keyring = {
-      	enable = true; # for nheko
-	components = ["secrets"];
+        enable = true; # for nheko
+        components = ["secrets"];
       };
       home.packages = [
-	pkgs.nheko
+        pkgs.nheko
         pkgs.keepassxc
         pkgs.gtkcord4
         pkgs.cmst
@@ -296,12 +296,12 @@
 
     virtualisation.docker.enable = true;
     virtualisation.docker.storageDriver = "btrfs";
-	
+
     # rtl sdr
     hardware.rtl-sdr.enable = true;
-    users.users.tzlil.extraGroups = [ "plugdev" ];
+    users.users.tzlil.extraGroups = ["plugdev"];
 
-    services.udev.packages = [ pkgs.usb-blaster-udev-rules ];
+    services.udev.packages = [pkgs.usb-blaster-udev-rules];
     # pragmata
     # home-manager.users.tzlil.home.packages = [
 
diff --git a/hosts/vps/default.nix b/hosts/vps/default.nix
index 7cd5f6c..d55a62e 100644
--- a/hosts/vps/default.nix
+++ b/hosts/vps/default.nix
@@ -10,10 +10,11 @@
     ../../mixins/cli.nix
     ./services/website.nix
     ./services/git.nix
-    ./services/hydrus.nix
+    # ./services/hydrus.nix
     ./services/matrix.nix
     ./services/maloja.nix
     ./services/arXiv.nix
+    ./services/cytube.nix
   ];
 
   config = {
@@ -66,10 +67,21 @@
       openFirewall = true;
     };
     services.factorio = {
-      enable = true;
+      enable = false;
       openFirewall = true;
       game-password = "???";
       requireUserVerification = false;
     };
+    security.lockKernelModules = lib.mkForce false;
+    virtualisation.podman = {
+      enable = true;
+      autoPrune.enable = true;
+      dockerCompat = true;
+      defaultNetwork.settings = {
+        # Required for container networking to be able to use names.
+        dns_enabled = true;
+      };
+    };
+    virtualisation.oci-containers.backend = "podman";
   };
 }
diff --git a/hosts/vps/services/cytube.nix b/hosts/vps/services/cytube.nix
new file mode 100644
index 0000000..deb0058
--- /dev/null
+++ b/hosts/vps/services/cytube.nix
@@ -0,0 +1,140 @@
+{
+  pkgs,
+  config,
+  lib,
+  system,
+  ...
+}: {
+  config = let
+    dir = "/var/lib/cytube";
+    yamlConfig =
+      pkgs.writeText "config.yaml"
+      (lib.generators.toYAML {} {
+        mysql = {
+          server = "localhost";
+          port = 3306;
+          database = "cytube";
+          user = "cytube";
+          password = "";
+          pool-size = 10;
+        };
+        listen = [
+          {
+            ip = "";
+            port = 8080;
+            http = true;
+          }
+          {
+            ip = "";
+            port = 8081;
+            io = true;
+            url = "https://tube.tzlil.net";
+          }
+        ];
+        http = {
+          default-port = 8080;
+          root-domain = "tube.tzlil.net";
+          alt-domains = [];
+          minify = false;
+          max-age = "7d";
+          gzip = true;
+          gzip-threshold = 1024;
+          cookie-secret = "tube.tzlil.net";
+          index = {
+            max-entries = 50;
+          };
+          trust-proxies = ["loopback"];
+        };
+        https = {
+          enabled = false;
+        };
+        html-template = {
+          title = "TZLINC";
+          description = "lol";
+        };
+        io = {
+          domain = "https://tube.tzlil.net";
+          default-port = 8081;
+        };
+        youtube-v3-key = "";
+        max-channels-per-user = 1;
+        max-accounts-per-ip = 5;
+        ffmpeg = {
+          enabled = true;
+          ffprobe-exec = "ffprobe";
+        };
+        service-socket = {
+          enabled = false;
+        };
+      });
+  in {
+    services.mysql = {
+      enable = true;
+      package = pkgs.mariadb;
+      ensureDatabases = ["cytube"];
+      ensureUsers = [
+        {
+          name = "cytube";
+          ensurePermissions = {
+            "cytube.*" = "ALL PRIVILEGES";
+          };
+        }
+      ];
+
+      settings = {
+        mysqld = {
+          bind-address = "127.0.0.1";
+          port = "3306";
+        };
+      };
+    };
+
+    virtualisation.oci-containers.containers.cytube = {
+      ports = [
+        "8080:8080"
+        "8081:8081"
+      ];
+      image = "cytube";
+
+      imageFile = pkgs.dockerTools.buildImage {
+        name = "cytube";
+        tag = "latest";
+        fromImage = pkgs.dockerTools.pullImage {
+          imageName = "kittysh/cytube";
+          imageDigest = "sha256:77e6051c0fe4ce486375f53d80a5cb9a18e289db9cc8ba28e142287b53730455";
+          sha256 = "072gyx9s4nnq2i8h5b3n3vrcl5h7wigq9fzbf6y11n945km1ds2r";
+          finalImageName = "kittysh/cytube";
+          finalImageTag = "latest";
+        };
+
+        copyToRoot = pkgs.buildEnv {
+          name = "image-root";
+          paths = [pkgs.ffmpeg];
+          pathsToLink = ["/bin"];
+        };
+        config.Cmd = ["node" "index.js"];
+      };
+
+      workdir = "/home/syncuser/sync";
+      extraOptions = ["--mount=type=bind,source=${yamlConfig},target=/home/syncuser/sync/config.yaml" "--network=host"];
+    };
+
+    environment.persistence."/nix/persist".directories = [
+      {
+        directory = "${config.services.mysql.dataDir}";
+        user = "${config.services.mysql.user}";
+        group = "${config.services.mysql.group}";
+      }
+    ];
+
+    services.caddy = {
+      virtualHosts."tube.tzlil.net".extraConfig = ''
+        bind 0.0.0.0
+        handle /socket.io/* {
+          reverse_proxy :8081
+        }
+        reverse_proxy :8080
+      '';
+    };
+  };
+}
diff --git a/hosts/vps/services/hydrus.nix b/hosts/vps/services/hydrus.nix
index c967fbc..1c5f30c 100644
--- a/hosts/vps/services/hydrus.nix
+++ b/hosts/vps/services/hydrus.nix
@@ -41,7 +41,6 @@
       };
     };
 
-    security.lockKernelModules = lib.mkForce false;
     virtualisation.oci-containers.containers.hydrus-web = {
       ports = ["100.67.217.90:8080:80"];
       image = "ghcr.io/floogulinc/hydrus-web:dev";
diff --git a/hosts/vps/services/matrix.nix b/hosts/vps/services/matrix.nix
index a56b489..66adaed 100644
--- a/hosts/vps/services/matrix.nix
+++ b/hosts/vps/services/matrix.nix
@@ -93,9 +93,9 @@
       ensureUsers = [
         {
           name = "dendrite";
-          ensurePermissions = {
-            "DATABASE dendrite" = "ALL PRIVILEGES";
-          };
+          # ensurePermissions = {
+          # "DATABASE dendrite" = "ALL PRIVILEGES";
+          # };
         }
       ];
 
diff --git a/hosts/vps/services/website.nix b/hosts/vps/services/website.nix
index 1cdd33e..8aa51b0 100644
--- a/hosts/vps/services/website.nix
+++ b/hosts/vps/services/website.nix
@@ -42,46 +42,46 @@
           bind 0.0.0.0
           handle_path / {
             try_files ${pkgs.writeText "index.html" ''
-             <style>
-             @media (prefers-color-scheme: dark) {
-                 body { background-color: #121212; color: #d4d4d4; }
-                 a { color: #7878ff; }
-                 a:visited { color: #6464fa; }
-             }
-	     .mail:before {
-	       content: attr(b) "\0040" attr(a);
-	       unicode-bidi: bidi-override;
-	       direction: rtl;
-             </style>
-             <pre>
-            ~?~+=I?~~IIIII++,:   .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO
-            ?==++??==+I???7..:.   :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ
-            7+===I+~===?I77:  ?   ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ
-            ===++I+==?III??I,?,   ~I7NN,..  ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM
-            ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. ..  :88I. ..?=?++I:~+=.~~~NMMMNN
-            ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7  .,+=??I:,=, .:,=DNNMMN
-            =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO.  :~=+?,,,   .~,?8DDD8D
-            =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:..   .,::=888OOO
-            ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO
-            ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ
-            I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO
-            ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ
-            ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8
-            ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~
-            ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II?
-            I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII
-            ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I
-            ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+:   .=7+=~ ,,:?...~II??+??I?+??IIII?I
-            ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO   .~I  .Z:.,:~: ,+???+=,IIIIII??IIIII
-            ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII
-            No matter where you go, everyone's connected
+                    <style>
+                    @media (prefers-color-scheme: dark) {
+                        body { background-color: #121212; color: #d4d4d4; }
+                        a { color: #7878ff; }
+                        a:visited { color: #6464fa; }
+                    }
+             .mail:before {
+               content: attr(b) "\0040" attr(a);
+               unicode-bidi: bidi-override;
+               direction: rtl;
+                    </style>
+                    <pre>
+                   ~?~+=I?~~IIIII++,:   .?= .,I=O8OZ.DNNO, ZD7:::=.? ,,:,,I,,:,~+?II?I?II?=+=~+7$ZO
+                   ?==++??==+I???7..:.   :II$77?I+ID~NND8.ZMN7~=~I7:,., :?7,.,.~+?I???????,+~7+$ZOZ
+                   7+===I+~===?I77:  ?   ,$7$.:.,I?=7NNNINMMMNOI=++ .~==I$7, ..++?I???I+=?.+:O+ZZOZ
+                   ===++I+==?III??I,?,   ~I7NN,..  ??ONNNMMMD$777$7I$ZOO$7?....+=????I~=+,:+,O8DNMM
+                   ~=~==7II=+I?II7I,I+,8Z.II8D+=~:.,7$NMMMMMN8$7~. ..  :88I. ..?=?++I:~+=.~~~NMMMNN
+                   ~====II?I~+?I?$7I?~8D7+7$ZZNONDN8Z8NMMMMMMNNON:=. :,$.I7  .,+=??I:,=, .:,=DNNMMN
+                   =+?==+==?~+=I?$$I+88D:I$8NMNDDNNNDNNNMMMMMMMMM8I$77=MMDO.  :~=+?,,,   .~,?8DDD8D
+                   =~=+==I7I=IIIIO$=~OOD=I7ODNNNNMNNDNDNMMMMMMMMNO$O+OZ 78.,.I::++:..   .,::=888OOO
+                   ===I=I?~=?I???$I$?OODZ=7Z8NDONNN7D88MMMMMMMMMMNNNN8DNN~..~:7,,+7?,:,:::+8=Z888OO
+                   ~+===7?=??I????7Z7ZOD8I777$+NNN:OOZOMMMMMMMMMMMMMMNMM+..~=?=O:+?::=+~:~+IDD888OZ
+                   I==II??=I???=::7OI?O88Z=I~,?ZDD,Z$IDMMMMMMMMMMMMMMMM:$$?.~?+=?:,~+?I??==+++I8OOO
+                   ==+++??+=.,~,~:7Z$?7I77$=. $I$8I$7+~8NMMMMMMMMMMMMDDMN$ ,:+?=.~==?II+++=+=?II+OZ
+                   ==+?+I?,=:+?=~~??I++~7$$$= 777Z,$Z$$ONNMMMMMMMMMMMMMM8? .~=?:.==+?I~+?=+=??II?I8
+                   ?=+?I:=~??II=~~, II?+ 7$7?=?77$?$Z:8NMMMNMMMMMMMMMMMD7 ,,===::~=?II.??++?++III+~
+                   ??+.I+I=+I+??=~=~ =I+:?7$77?$$$ZI7Z8DM7NMMNMMMMMMMMOI. .,=~~.~~+I?:???==~????II?
+                   I??:==?I++I?~==+=~:.?I7I77$?IZ$ZODDOIDNNNNNMMMMNM8?.:. ,,+=,::~+==II=~,=?+?IIIII
+                   ??I:?=,=+++?II+=:,:, +77777$$777ODDMMNO~DNNNDD8?..::: .,,+~.,::=??????=+?IIIII?I
+                   ????++=~:=?IIIII=~:: ~~+II77$$7$ZO8NMMMND.+:   .=7+=~ ,,:?...~II??+??I?+??IIII?I
+                   ??III7II+~:?II7+II?, ~,:,~7777$$$I$8DNMMNO   .~I  .Z:.,:~: ,+???+=,IIIIII??IIIII
+                   ???I7I:,~=:,+II+=~I??:.,,,.:77777777$ODMM8 .:+ZI. ,~,..~~ :II?==~:?II??IIIIIIIII
+                   No matter where you go, everyone's connected
 
-            <a href="https://fm.tzlil.net">fm.tzlil.net</a> music
-            <a href="https://git.tzlil.net">git.tzlil.net</a> code
-            <a href="/arXiv">arXiv randomizer</a>
-	    matrix @tzlil:tzlil.net
-	    email tzlils protonmail com
-            </pre>
+                   <a href="https://fm.tzlil.net">fm.tzlil.net</a> music
+                   <a href="https://git.tzlil.net">git.tzlil.net</a> code
+                   <a href="/arXiv">arXiv randomizer</a>
+            matrix @tzlil:tzlil.net
+            email tzlils protonmail com
+                   </pre>
           ''} /
             file_server
           }
diff --git a/mixins/cli.nix b/mixins/cli.nix
index 2d1d56b..395b682 100644
--- a/mixins/cli.nix
+++ b/mixins/cli.nix
@@ -71,8 +71,8 @@
           shellAliases = {
             gc = "git clone";
             gs = "git status";
-	    ga = "git add";
-	    gm = "git commit -m"
+            ga = "git add";
+            gm = "git commit -m";
             l = "ls -alh";
             b = "bat";
             alv = "ping -c 1 -W 1";
diff --git a/mixins/firefox/minimum/default.nix b/mixins/firefox/minimum/default.nix
index a20d650..a207eb5 100644
--- a/mixins/firefox/minimum/default.nix
+++ b/mixins/firefox/minimum/default.nix
@@ -374,7 +374,7 @@ in
             redirector
             ublock-origin
             keepassxc-browser
-	    vimium
+            vimium
           ];
           settings = {
             "extensions.activeThemeID" = "{e410fec2-1cbd-4098-9944-e21e708418af}";
diff --git a/mixins/multimedia.nix b/mixins/multimedia.nix
index 9405934..7dbe2db 100644
--- a/mixins/multimedia.nix
+++ b/mixins/multimedia.nix
@@ -23,7 +23,7 @@
           "image/png" = ["${pkgs.swayimg}/share/applications/swayimg.desktop"];
           "image/jpeg" = ["${pkgs.swayimg}/share/applications/swayimg.desktop"];
         };
-	associations.added = config.home-manager.users.tzlil.xdg.mimeApps.defaultApplications;
+        associations.added = config.home-manager.users.tzlil.xdg.mimeApps.defaultApplications;
       };
       userDirs = {
         createDirectories = true;
diff --git a/profiles/impermanence.nix b/profiles/impermanence.nix
index c222a43..f03ff97 100644
--- a/profiles/impermanence.nix
+++ b/profiles/impermanence.nix
@@ -15,6 +15,7 @@ in {
       directories = [
         "/var/log"
         "/var/lib/systemd/coredump"
+        "/var/tmp" # for building oci containers
         "/tmp" # Make builds not crash by running them on disk instead of RAM (We still clean /tmp on boot)
       ];
       files =