Skip to content

chore(flake): bump nixpkgs (waydroid 1.6.3) + p620 audible-sync#705

Merged
olafkfreund merged 2 commits into
mainfrom
chore/bump-nixpkgs-waydroid-1.6.3
Jun 1, 2026
Merged

chore(flake): bump nixpkgs (waydroid 1.6.3) + p620 audible-sync#705
olafkfreund merged 2 commits into
mainfrom
chore/bump-nixpkgs-waydroid-1.6.3

Conversation

@olafkfreund

@olafkfreund olafkfreund commented Jun 1, 2026

Copy link
Copy Markdown
Owner

Summary

Two related changes bundled because they need each other to land cleanly:

  1. Bump nixpkgs to nixos-unstable HEAD (331800de, 2026-05-31). Headline change: waydroid 1.6.2 → 1.6.3 (upstream release 4 days ago). Picked up automatically by both razer and p620 via features.virtualization.waydroid.

  2. Add audible-sync feature on p620 — one-command pipeline to download + decrypt your Audible library to .m4b files, organised one folder per book under ~/audiobooks/audible.

Churn fixes triggered by the bump

File Fix
modules/desktop/stylix-theme.nix Disable stylix.targets.kmscon — upstream stylix still sets the removed-in-26.11 services.kmscon.fonts option
hosts/razer/configuration.nix Permit newly-EOL'd electron-39.8.10
hosts/p620/configuration.nix Same electron-39.8.10 permit
hosts/razer/nixos/boot.nix Drop our local openrazer-kernel-7.0.9-hid-report-raw-event.patch — the fix has landed in nixpkgs' packaged openrazer 3.12.3, our patch now refuses to re-apply. Kept linuxPackages_latest (kernel 7.0.10).

Why the previous "bump all" PR (#703) left nixpkgs unchanged

scripts/update-commit-deploy.sh does try to bump nixpkgs via a gh api splice against the nixos-unstable branch HEAD. When PR #703 ran, the channel branch had been stuck at 64c08a7c since 2026-05-23 — Hydra hadn't promoted a fresh commit yet. By the time this PR was prepared (~9 hours after #703 merged), Hydra had advanced the channel to 331800de. The "(nixpkgs unchanged)" in #703's title was literal: there was nothing newer to advance to at that moment.

audible-sync notable details

  • Implemented as pkgs.writeShellApplication with runtimeInputs = [ audible-cli ffmpeg jq coreutils findutils ].
  • Suppresses SC2088 (tilde in single quotes — false positive; lib.escapeShellArg emits '~/...' and the next line does the ~$HOME substitution at runtime).
  • Adds -nostdin to ffmpeg invocations — fixes a real bug where ffmpeg would swallow stdin inside the while read decryption loop and silently truncate the batch.
  • Legal note in module header: personal-use only; stripping DRM violates Audible's ToS.

Test plan

  • just test-host razer — green, final derivation nixos-system-razer-26.11.20260531.331800d
  • just test-host p620 — green, final derivation nixos-system-p620-26.11.20260531.331800d
  • Razer closure contains waydroid-1.6.3 + openrazer-3.12.3-7.0.10 (kernel 7.0.10)
  • Razer kernel resolves to 7.0.10 (linuxPackages_latest)
  • Deploy razer + p620
  • audible-sync end-to-end after one-time audible quickstart on p620

Files NOT touched (pre-existing user WIP, left alone)

  • home/development/claude-code-commands/* (dns command WIP)
  • home/development/claude-code-skills/dns/* (dns skill WIP)
  • home/media/music.nix
  • secrets.nix, secrets/api-godaddy.age, secrets/godaddy-account.age (godaddy WIP)

🤖 Generated with Claude Code

olafkfreund and others added 2 commits June 1, 2026 23:30
@olafkfreund @claude
chore(flake): bump nixpkgs to nixos-unstable HEAD (waydroid 1.6.3)
84c1767 
nixos-unstable advanced from 64c08a7c (2026-05-23) to 331800de
(2026-05-31). Previous `update-commit-deploy.sh` runs found nothing to
bump because Hydra hadn't promoted a fresh commit to the channel yet;
the branch has now moved forward.

Headline change: `waydroid` 1.6.2 → 1.6.3 (upstream release 2026-05-28).
Picked up automatically by both razer and p620, which use the
`features.virtualization.waydroid` module.

Churn fixes that became necessary with this bump:

- modules/desktop/stylix-theme.nix: disable `stylix.targets.kmscon`.
  The upstream stylix module still writes `services.kmscon.fonts`,
  which nixpkgs 26.11 removed (`services.kmscon.config.font-name` is
  the new API). Razer doesn't theme the Linux text console anyway.

- hosts/razer/configuration.nix: permit `electron-39.8.10`. Newly
  flagged EOL upstream; still transitively required by some package
  in razer's closure (audit + drop in a follow-up).

- hosts/razer/nixos/boot.nix: drop our local
  `openrazer-kernel-7.0.9-hid-report-raw-event.patch`. The fix has
  landed in nixpkgs' packaged openrazer 3.12.3, and reapplying our
  patch now fails with "Reversed (or previously applied) patch
  detected". Kept `boot.kernelPackages = pkgs.linuxPackages_latest`
  (kernel 7.0.10), which was inadvertently dropped when the patch
  block was first removed.

Build verified on razer; p620 verified in a follow-up commit
(needed the same electron-39 permit + audible-sync shellcheck fixes).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@olafkfreund @claude
feat(p620): audible-sync — download + decrypt Audible library to .m4b
8f85b60 
One-command pipeline: library export → bulk download (.aaxc/.aax)
→ decrypt to .m4b → organise into one folder per book under
`features.audibleSync.outputDir` (default `~/audiobooks/audible`).
Re-runnable; already-downloaded books and already-decrypted files
are skipped.

One-time setup on p620 after deploy:
  1. `audible quickstart`     — picks marketplace, handles 2FA
  2. `audible library list`   — confirm books are visible
  3. `audible-sync`           — downloads + decrypts everything

Implemented as `pkgs.writeShellApplication`. Two shellcheck escalations
needed handling:

- SC2088 (tilde in single quotes won't expand) is a false positive:
  `lib.escapeShellArg cfg.outputDir` emits `'~/...'`, and the very
  next line uses bash parameter expansion to substitute `~` with
  `$HOME` at runtime. Suppressed via `excludeShellChecks`.

- SC2095 (ffmpeg may swallow stdin inside a `while read` loop) is a
  real bug — ffmpeg reads stdin by default and would consume the
  file paths the loop is trying to iterate, breaking the decryption
  batch silently. Fixed by adding `-nostdin` to both ffmpeg calls.

Also permits `electron-39.8.10` in p620's `permittedInsecurePackages`
(same churn fix as razer; needed to build past the nixpkgs bump).

Legal note: stripping DRM violates Audible's ToS. Personal-use only.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings June 1, 2026 22:30
@olafkfreund olafkfreund merged commit 77150a3 into main Jun 1, 2026
7 checks passed
@olafkfreund olafkfreund deleted the chore/bump-nixpkgs-waydroid-1.6.3 branch June 1, 2026 22:31
Copilot AI reviewed Jun 1, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the flake-pinned nixpkgs revision (bringing in upstream changes like Waydroid 1.6.3) and adds a new audible-sync feature/module that installs an end-to-end Audible download+decrypt pipeline, enabled on host p620. It also includes a few host/module tweaks required to keep builds working after the nixpkgs bump.

Changes:

  • Bump flake.lock to a newer nixos-unstable commit.
  • Add modules/services/audible-sync.nix and enable features.audibleSync on p620.
  • Post-bump fixes: disable Stylix kmscon target, permit newly-insecure Electron version, and simplify razer kernel override by dropping the now-upstreamed openrazer patch.

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
modules/services/audible-sync.nix New features.audibleSync module providing an audible-sync shell app and installing required tooling.
modules/desktop/stylix-theme.nix Disables stylix.targets.kmscon to avoid evaluation/build failures after the nixpkgs bump.
hosts/razer/nixos/boot.nix Removes custom openrazer patching and keeps only the linuxPackages_latest kernel selection.
hosts/razer/configuration.nix Permits electron-39.8.10 in permittedInsecurePackages to unblock evaluation/builds post-bump.
hosts/p620/configuration.nix Imports and enables the new audible-sync module and permits electron-39.8.10.
flake.lock Advances the pinned nixpkgs revision/hash/timestamp.

Comment thread modules/services/audible-sync.nix
Comment on lines +137 to +140
for ext in jpg jpeg png chapters.json; do
src="$dir/$base.$ext"
[ -e "$src" ] && cp -n "$src" "$target/" || true
done
Comment thread modules/desktop/stylix-theme.nix
Comment on lines +64 to +67
# kmscon: stylix's kmscon target still sets the removed-in-nixpkgs-50
# `services.kmscon.fonts` option, which now fails the build. We don't
# theme the Linux text console anyway (Wayland sessions are what
# matters here), so disable the target until upstream stylix updates.
Comment thread hosts/razer/nixos/boot.nix
Comment on lines +58 to 62
# (openrazer @ff30624). That fix has now landed in nixpkgs' packaged
# openrazer, so reapplying our patch on top fails with "Reversed (or
# previously applied) patch detected". Override slimmed to just the
# kernel selection.
# See: https://github.com/openrazer/openrazer/issues/2808
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@olafkfreund