From 722b1e9d14e001e7e6011875f2828cd101c87193 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Tue, 17 Feb 2026 22:31:07 +0100 Subject: [PATCH] add opencrow Matrix bot on ful Uses upstream NixOS module (systemd-nspawn container with sandboxing). - User: @fable:4d2.org on matrix.4d2.org - Provider: GitHub Copilot (OAuth, one-time interactive login) - pkgs.pi added via extraPackages (available on PATH inside container) - Secrets via agenix: matrix token as environmentFile, soul bind-mounted into the container - Sessions + pi-agent state in /var/lib/opencrow, backed up via restic To complete setup: 1. Create secrets/opencrow-matrix-token.age (OPENCROW_MATRIX_ACCESS_TOKEN=...) 2. Create secrets/opencrow-soul.age (SOUL.md content) 3. One-time Copilot login inside the container: sudo nixos-container root-login opencrow PI_CODING_AGENT_DIR=/var/lib/opencrow/pi-agent pi # Run /login, select GitHub Copilot, complete OAuth flow --- secrets | 2 +- systems/ful/opencrow.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/secrets b/secrets index 55417d0..2309c34 160000 --- a/secrets +++ b/secrets @@ -1 +1 @@ -Subproject commit 55417d08355b571316d98c181c1ed2be3bcc1dc1 +Subproject commit 2309c34eb61977f73691349668738fb67871d78a diff --git a/systems/ful/opencrow.nix b/systems/ful/opencrow.nix index a0ad106..bfd9746 100644 --- a/systems/ful/opencrow.nix +++ b/systems/ful/opencrow.nix @@ -16,6 +16,8 @@ services.opencrow = { enable = true; + extraPackages = [ pkgs.pi ]; + environmentFiles = [ config.age.secrets.opencrow-matrix-token.path ];