From bea26c55c36313833fbce0e7e09558fe3239dafe Mon Sep 17 00:00:00 2001 From: naturallaw77 Date: Wed, 27 May 2026 09:35:36 -0500 Subject: [PATCH 1/8] overall nixpkgs update --- flake.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index 2b900a5..ee2212c 100755 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1779373552, - "narHash": "sha256-9FCY5+WZmoZi4zN0xbdq3lNcPudvYjONpv21/9ddV/0=", + "lastModified": 1779889285, + "narHash": "sha256-5QOMNn/rxJjsy9n2pAG5+AwUXOAPXSzcr62y1tGHXKA=", "owner": "emmanuelrosa", "repo": "btc-clients-nix", - "rev": "94797b5b75bbc021b0ceb83473110bcb58683542", + "rev": "9a3dd86e11ea5fb17ace9043aa3d0d5ed359a3ca", "type": "github" }, "original": { @@ -221,11 +221,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1778869304, - "narHash": "sha256-30sZNZoA1cqF5JNO9fVX+wgiQYjB7HJqqJ4ztCDeBZE=", + "lastModified": 1779560665, + "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d233902339c02a9c334e7e593de68855ad26c4cb", + "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786", "type": "github" }, "original": { @@ -258,11 +258,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1779399125, - "narHash": "sha256-MWvSXTl1xUJsf74f1wD9mCWWsYN4uR1iAJNmUEnknqw=", + "lastModified": 1779816597, + "narHash": "sha256-Kgod3gZlhSp6WozZ2pFaclXbWpjs6kQLAtldoxb85Lc=", "owner": "nix-community", "repo": "nixvim", - "rev": "7f6f92a3c9f5e1d61d417bf761b4934ac5acc401", + "rev": "297f9341476ba7f821a42d7a2805e206ef8c6ef8", "type": "github" }, "original": { -- 2.54.0 From 1cd4fc8b4029b47cb7a22d5b6cbbf8753c17338a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 27 May 2026 15:56:18 +0000 Subject: [PATCH 2/8] Initial plan -- 2.54.0 From 3745eedd74d5760e2a398559e0a48646aa093007 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 27 May 2026 15:59:50 +0000 Subject: [PATCH 3/8] Add unified template asset cache-busting version --- app/sovran_systemsos_web/server.py | 36 ++++++++++++++- app/sovran_systemsos_web/templates/index.html | 44 +++++++++---------- app/sovran_systemsos_web/templates/login.html | 4 +- 3 files changed, 59 insertions(+), 25 deletions(-) diff --git a/app/sovran_systemsos_web/server.py b/app/sovran_systemsos_web/server.py index b82820b..39aeb48 100644 --- a/app/sovran_systemsos_web/server.py +++ b/app/sovran_systemsos_web/server.py @@ -652,6 +652,35 @@ templates = Jinja2Templates(directory=os.path.join(_BASE_DIR, "templates")) # ── Static asset cache-busting ──────────────────────────────────── +def _compute_asset_version() -> str: + """Return a stable asset version string for cache-busting template assets.""" + nix_match = re.search(r"/nix/store/([a-z0-9]{32})-", os.path.realpath(_BASE_DIR)) + if nix_match: + return nix_match.group(1)[:16] + + hasher = hashlib.sha256() + for root in ( + os.path.join(_BASE_DIR, "static"), + os.path.join(_BASE_DIR, "templates"), + ): + if not os.path.isdir(root): + continue + for dirpath, dirnames, filenames in os.walk(root): + dirnames.sort() + for filename in sorted(filenames): + path = os.path.join(dirpath, filename) + try: + stat = os.stat(path) + except OSError: + continue + hasher.update(path.encode()) + hasher.update(f"{stat.st_mtime_ns}:{stat.st_size}".encode()) + return hasher.hexdigest()[:16] + + +ASSET_VERSION = _compute_asset_version() + + def _file_hash(filename: str) -> str: """Return first 8 chars of the MD5 hex digest for a static file.""" path = os.path.join(_BASE_DIR, "static", filename) @@ -1894,7 +1923,10 @@ def _verify_support_removed() -> bool: @app.get("/login", response_class=HTMLResponse) async def login_page(request: Request): - return templates.TemplateResponse("login.html", {"request": request}) + return templates.TemplateResponse("login.html", { + "request": request, + "asset_version": ASSET_VERSION, + }) @app.get("/auto-login") @@ -1961,6 +1993,7 @@ async def api_logout(request: Request): async def index(request: Request): return templates.TemplateResponse("index.html", { "request": request, + "asset_version": ASSET_VERSION, }) @@ -1969,6 +2002,7 @@ async def onboarding(request: Request): _ensure_onboarding_reopened_for_migration() return templates.TemplateResponse("onboarding.html", { "request": request, + "asset_version": ASSET_VERSION, "onboarding_js_hash": _ONBOARDING_JS_HASH, }) diff --git a/app/sovran_systemsos_web/templates/index.html b/app/sovran_systemsos_web/templates/index.html index fa2806b..3168de4 100644 --- a/app/sovran_systemsos_web/templates/index.html +++ b/app/sovran_systemsos_web/templates/index.html @@ -4,17 +4,17 @@ Sovran_SystemsOS Hub - - - - - - - - - - - + + + + + + + + + + + @@ -263,16 +263,16 @@ - - - - - - - - - - - + + + + + + + + + + + diff --git a/app/sovran_systemsos_web/templates/login.html b/app/sovran_systemsos_web/templates/login.html index cb05415..c469965 100644 --- a/app/sovran_systemsos_web/templates/login.html +++ b/app/sovran_systemsos_web/templates/login.html @@ -4,8 +4,8 @@ Sovran Hub — Login - - + +
-- 2.54.0 From fae57c0375323b8bb1ef1c1cdd07656d9de85635 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 27 May 2026 15:59:57 +0000 Subject: [PATCH 4/8] Initial plan -- 2.54.0 From 15cd07d12ff5cce0f8723bf98b6a6847a2706404 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 27 May 2026 16:02:37 +0000 Subject: [PATCH 5/8] Add resilient Nix download/fallback settings for hub update flows --- configuration.nix | 7 +++++++ modules/core/sovran-hub.nix | 30 +++++++++++++++++++++++++----- 2 files changed, 32 insertions(+), 5 deletions(-) diff --git a/configuration.nix b/configuration.nix index 8042626..cfcfd4c 100644 --- a/configuration.nix +++ b/configuration.nix @@ -26,6 +26,13 @@ nix.settings = { experimental-features = [ "nix-command" "flakes" ]; download-buffer-size = 524288000; + + # Network resilience for cache.nixos.org (Fastly) flakiness. + connect-timeout = 10; # fail-fast on dead TCP connects (default: 0 = unlimited) + stalled-download-timeout = 90; # default 300s; retry sooner on stalled transfers + download-attempts = 7; # default 5 + http-connections = 25; # cap concurrency (helps MTU/middlebox paths) + fallback = true; # build locally if a substitute can't be fetched }; # ── Networking ────────────────────────────────────────────── diff --git a/modules/core/sovran-hub.nix b/modules/core/sovran-hub.nix index 565c68f..bf34456 100644 --- a/modules/core/sovran-hub.nix +++ b/modules/core/sovran-hub.nix @@ -138,7 +138,11 @@ let RC=0 echo "── Step 1/3: nix flake update ────────────────────" - if ! nix flake update --flake /etc/nixos --print-build-logs 2>&1; then + if ! nix flake update --flake /etc/nixos --print-build-logs \ + --option connect-timeout 10 \ + --option stalled-download-timeout 90 \ + --option download-attempts 7 \ + --option fallback true 2>&1; then echo "[ERROR] nix flake update failed" RC=1 fi @@ -146,7 +150,11 @@ let if [ "$RC" -eq 0 ]; then echo "── Step 2/3: nixos-rebuild ──────────────────────────" - SWITCH_OUT=$(nixos-rebuild switch --flake /etc/nixos --print-build-logs 2>&1) + SWITCH_OUT=$(nixos-rebuild switch --flake /etc/nixos --print-build-logs \ + --option connect-timeout 10 \ + --option stalled-download-timeout 90 \ + --option download-attempts 7 \ + --option fallback true 2>&1) SWITCH_RC=$? echo "$SWITCH_OUT" if [ "$SWITCH_RC" -eq 0 ]; then @@ -155,7 +163,11 @@ let echo "" echo " ✓ Build succeeded — a reboot is required to apply this update" echo " (Critical system components changed; running nixos-rebuild boot instead)" - if nixos-rebuild boot --flake /etc/nixos --print-build-logs 2>&1; then + if nixos-rebuild boot --flake /etc/nixos --print-build-logs \ + --option connect-timeout 10 \ + --option stalled-download-timeout 90 \ + --option download-attempts 7 \ + --option fallback true 2>&1; then echo "REBOOT_REQUIRED" > "$STATUS" exit 0 else @@ -209,7 +221,11 @@ let echo "══════════════════════════════════════════════════" echo "" echo "── Rebuilding system configuration ──────────────" - SWITCH_OUT=$(nixos-rebuild switch --flake /etc/nixos --print-build-logs 2>&1) + SWITCH_OUT=$(nixos-rebuild switch --flake /etc/nixos --print-build-logs \ + --option connect-timeout 10 \ + --option stalled-download-timeout 90 \ + --option download-attempts 7 \ + --option fallback true 2>&1) SWITCH_RC=$? echo "$SWITCH_OUT" if [ "$SWITCH_RC" -eq 0 ]; then @@ -222,7 +238,11 @@ let echo "" echo " ✓ Build succeeded — a reboot is required to apply this rebuild" echo " (Critical system components changed; running nixos-rebuild boot instead)" - if nixos-rebuild boot --flake /etc/nixos --print-build-logs 2>&1; then + if nixos-rebuild boot --flake /etc/nixos --print-build-logs \ + --option connect-timeout 10 \ + --option stalled-download-timeout 90 \ + --option download-attempts 7 \ + --option fallback true 2>&1; then echo "REBOOT_REQUIRED" > "$STATUS" else echo "[ERROR] nixos-rebuild boot also failed" -- 2.54.0 From 66cacaaf9d66a6fb370504cbc261e3d3ee9da679 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 27 May 2026 16:03:31 +0000 Subject: [PATCH 6/8] Harden asset-version fallback hashing separators --- app/sovran_systemsos_web/server.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/sovran_systemsos_web/server.py b/app/sovran_systemsos_web/server.py index 39aeb48..778da52 100644 --- a/app/sovran_systemsos_web/server.py +++ b/app/sovran_systemsos_web/server.py @@ -653,7 +653,7 @@ templates = Jinja2Templates(directory=os.path.join(_BASE_DIR, "templates")) # ── Static asset cache-busting ──────────────────────────────────── def _compute_asset_version() -> str: - """Return a stable asset version string for cache-busting template assets.""" + """Return a 16-char asset version from Nix store hash or static/template metadata.""" nix_match = re.search(r"/nix/store/([a-z0-9]{32})-", os.path.realpath(_BASE_DIR)) if nix_match: return nix_match.group(1)[:16] @@ -674,7 +674,9 @@ def _compute_asset_version() -> str: except OSError: continue hasher.update(path.encode()) + hasher.update(b"\0") hasher.update(f"{stat.st_mtime_ns}:{stat.st_size}".encode()) + hasher.update(b"\0") return hasher.hexdigest()[:16] -- 2.54.0 From e0d4b3544dbea26f3e602e4682925a39f6f5313a Mon Sep 17 00:00:00 2001 From: naturallaw77 Date: Wed, 27 May 2026 11:15:09 -0500 Subject: [PATCH 7/8] updated config for gnome 50 support --- configuration.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/configuration.nix b/configuration.nix index cfcfd4c..7863170 100644 --- a/configuration.nix +++ b/configuration.nix @@ -70,7 +70,6 @@ # ── Desktop ──────────────────────────────────────────────── services.displayManager.gdm.enable = true; services.displayManager.gdm.autoSuspend = false; - services.displayManager.gdm.wayland = true; services.desktopManager.gnome.enable = true; services.printing.enable = true; systemd.enableEmergencyMode = false; -- 2.54.0 From aad1e3deccf911ede5eb10ff14437d7ba2e5525e Mon Sep 17 00:00:00 2001 From: naturallaw77 Date: Tue, 2 Jun 2026 11:27:41 -0500 Subject: [PATCH 8/8] overall nixpkgs update --- flake.lock | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/flake.lock b/flake.lock index ee2212c..110513d 100755 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1779889285, - "narHash": "sha256-5QOMNn/rxJjsy9n2pAG5+AwUXOAPXSzcr62y1tGHXKA=", + "lastModified": 1780397635, + "narHash": "sha256-6WH7LKD6i91VLWoz4mEpoULtqVinCEZxG7ZjJPMSi3k=", "owner": "emmanuelrosa", "repo": "btc-clients-nix", - "rev": "9a3dd86e11ea5fb17ace9043aa3d0d5ed359a3ca", + "rev": "feacd7684dc6bfcd49c57764944a2049bbd71924", "type": "github" }, "original": { @@ -190,11 +190,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1777728799, - "narHash": "sha256-z7jjYQqhkFKab92VQ3duB7QVO7f7Y62qTFrJYXO/lyo=", + "lastModified": 1780218263, + "narHash": "sha256-T/f0pPDrH3Qc1VXyQXbK7yfHWRn90l3xwplc/nsxin4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "4b2287113c2f9a2331c04899b2e2e5ab92dea9c5", + "rev": "7fc393d1b46fa000d48ff14e8b6a3c9985f03af0", "type": "github" }, "original": { @@ -221,11 +221,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1779560665, - "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=", + "lastModified": 1780243769, + "narHash": "sha256-x5UQuRsH3MqI0U9afaXSNqzTPSeZlRLvFAav2Ux1pNw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786", + "rev": "331800de5053fcebacf6813adb5db9c9dca22a0c", "type": "github" }, "original": { @@ -237,11 +237,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1779259093, - "narHash": "sha256-7DKWmH23hL2eYdkxCKeqj2i+yljTKuU+3Nk1UPHOnxc=", + "lastModified": 1780030872, + "narHash": "sha256-u6WU/yd/o8iYQrHX3RAwO1hYa3LkoSL+WNQD0rJfJZQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d99b013d5d1931ad77fe3912ed218170dec5d9a4", + "rev": "e9a7635a57597d9754eccebdfc7045e6c8600e6b", "type": "github" }, "original": { @@ -258,11 +258,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1779816597, - "narHash": "sha256-Kgod3gZlhSp6WozZ2pFaclXbWpjs6kQLAtldoxb85Lc=", + "lastModified": 1780235872, + "narHash": "sha256-/TTVFhJQ5StCOrRFO+5NfSkYPSbAAekwymovcQzxNgE=", "owner": "nix-community", "repo": "nixvim", - "rev": "297f9341476ba7f821a42d7a2805e206ef8c6ef8", + "rev": "e5c7b40dc569f5c97ba2182d409f0fb54c02d7c1", "type": "github" }, "original": { @@ -298,15 +298,16 @@ }, "systems_2": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1774449309, + "narHash": "sha256-brhZ8DmuGtzkCYHJg4HEd602amKm89Y9ytsFZ5uWD1w=", "owner": "nix-systems", "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "rev": "c29398b59d2048c4ab79345812849c9bd15e9150", "type": "github" }, "original": { "owner": "nix-systems", + "ref": "future-26.11", "repo": "default", "type": "github" } -- 2.54.0