I’ve wanted comments here for a second, but this is a static site (GitHub pages) and I’ve always had some dealbreaker turnoff with every embeddable option I’ve looked into. I saw giscus recently and thought it looks pretty nice.

What a beautiful melody… As I listened to the performance, I thought about all I’d seen…

A quick little tab. In the game Metaphor: ReFantazio, there’s a tavern bard named the Elegant Performer. If you talk to him he asks you about what city has left the largest impression on you, and if you answer Grand Trad, he plays a solo guitar variation of Grand Trad’s Night Theme.

I’ve been bought into the Apple ecosystem for a while now for phones. This might be a little surprising given the rest of the content on my blog, but I don’t really enjoy the experience of mobile phones (screentime says 20 minutes daily this week). I’ve done both Apple and Android, I don’t really like either as a development platform, and I find ios just stays out of the way a bit better. Anyway though, part of this was buying into the AirPlay ecosystem.

Regardless of what audio streaming technology you use, I’ve always felt the market for products that connect “legacy” media is lacking. Just about everything that streams audio from a physical input is priced as a luxury product, and it’s rare to not have some kind of additional ecosystem lock-in that comes with it. I’ve been iterating on several different homebrewed solutions for a while now.

Past iterations were built with a raspberry pi running Darkice / Icecast, streaming an internet radio station to my phone and allowing mobile to stream to devices over AirPlay. I found that solution a little finnicky / fragile, and was always interested in removing my phone from the equation. I kept iterating on it and finally landed on a really nice franken-solution utilizing PipeWire and MPD. As a bonus, it also streams internet radio stations, can be controlled remotely by Home Assistant, and has a local user interface.

All of this is running on my NixOS host redbud. This system is a retired laptop that I use as a metrics server, so I moved it to my living room and it lives under my record player so it can fill another niche.

I’ve fully realized the “What’s next?” section at the end of my ZFS encryption post, and I now have a full continuous integration / continuous delivery solution for my home lab. 🎉

There were a few humps to get over, many of them self imposed, but I wanted to document them and some thoughts around decisions I made.

KEYID A6C19D1C082670FD will be retired soon. I haven’t been using any public key servers, so this seems like the most appropriate place to post a rotation notification.

Old key hasn’t been leaked or misused. I’m still using it temporarily personally until I’m sure everything is completely settled.

I finally retired my last Yubikey 4, and have moved everything to ed25519 / cv25519 keys. Everything is supporting KDF now too, so that’s a nice bonus.

I’ve started using a ZFS root filesystem on all of my computers now. Various wants on different systems have led to me using ZFS native encryption on some systems, and ZFS on LVM on LUKS on some others. I’ve had a chance to feel out both options, and I’ve learned a bunch in the meantime, so I decided to try something else now.

This post gets into a scheme that allows a single self contained zpool to offer LUKS key managent and unlocking options on NixOS.

I wrote a tab I’m pretty proud of. The song is 林泉吟/Melodies of forest and springs by Raflum | 雨鎖悲秋:

I recent transitoned to using boot.initrd.systemd.enable = true on NixOS. It wasn’t terrible to figure out, but I did have some migrations to figure out for my boot process customizations. This is the blog post I wish I had to read first regardless 😅.

For many system configurations, transitioning to a systemd based initrd process will just work with the one config line above. This post gets into config patterns that typically require migration, what my personal migration looked like, and advice for debugging boot processes for any migration.

I’ve been using linux for quite a while. This has included personal, academic, and professional use. I started using NixOS on my physical machines last year, and I already have a really difficult time imaginging not using NixOS. I wanted to put together a post to talk about what I think is really unique, interesting, and compelling about it.

This gets a bit into some of the internals. I’ll try to keep it general and understandable without prior knowledge of NixOS or the Nix language.

Microsoft is starting to allow external identity providers to act as multi-factor authentication as a part of their authentication flows. This is currently documented as a preview feature on their website.

I worked with a client to implement support for this integration. This post has some thoughts, notes, surprises, and feedback from that experience.

Welcome to blog.decent.id!