The commit enables the SSH service on the ryu NixOS configuration with enhanced security settings including disabling password authentication and prohibiting root login. It also adds several font packages to the home configuration.
Changes:
- Enabled SSH service in ryu configuration with security settings
- Added font packages to home programs
- Moved SSH service definition to its own module file
- Removed SSH enablement from main configuration
- Updated service imports to include openssh module
feat(authelia): configure port and reverse proxy
feat(lldap): force password reset and update settings
fix(nixos): remove root from trusted users on ryu and tako
fix(immich): disable auto launch and enable password login
refactor(tako): enable authelia, immich, and lldap services
chore(secrets): update lldap seed and metadata timestamps
The changes update the configuration to use a `device.user` variable instead of hardcoded usernames like "fs0c131y" and "servius". This makes the configurations more flexible and reusable across different devices. The changes affect nixos configurations for mirai, ryu, and tako, as well as the darwin configuration for kuro, and the deploy.nix file.
The key changes include:
- Replacing hardcoded usernames with `device.user` in trusted-users lists
- Updating system.primaryUser to use `device.user`
- Modifying user definitions to use the device.user variable
- Adjusting deploy configuration to use "servius" as sshUser for tako
- Commenting out some service modules in tako's services/default.nix
The commit message reflects the main changes:
1. Updated model name from "gpt-oss-20b" to "qwen3-coder-30b" in aichat.nix
2. Changed the default model to ryu:qwen3-coder-30b in aichat.nix
3. Added a new chat template file (chat.hbs) with tool/function calling support
4. Configured llama.cpp to use the new chat template file
5. Enabled HDR display settings in hyprland
6. Modified gamemode to unload lmstudio on start and added custom script for gamemode startup
All changes are focused on implementing Qwen3-Coder-30B model with enhanced tool calling capabilities and system configuration improvements.
feat(hyprland): enable direct_scanout and set bitdepth to 10
fix(hyprpaper): conditionally enable based on 'ryu' device
fix(wallpaperengine): add shorthand flag for scaling option
feat(ryu): switch to open NVIDIA driver and use latest package
