Add gen-update-targets.sh to parse flake.nix and generate grouped
update targets (update-kyle, update-mc). Makefile now has install
(copy) and link (symlink) targets for rebuild-nixos. Also fix mc
flake input URLs to use /mc/ org path.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add mcp flake input (git+ssh://git@git.wntrmute.dev/mc/mcp.git)
- Add mcp CLI to mcpkg.nix system packages (installed on all machines)
- Update mcp.nix to use Nix-managed mcp-agent binary path instead of
hardcoded /usr/local/bin/mcp-agent
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The previous commit removed the systemd service that stripped Tailscale's
~. DNS catch-all, breaking all DNS resolution — even when Tailscale is
disconnected. Restore it as fix-tailscale-dns, which restricts tailscale0
to only route ~scylla-hammerhead.ts.net queries.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The u2f udev rules set GROUP=plugdev on hidraw devices, but the
group didn't exist. Create it and add kyle to it so FIDO2 keys
are accessible without relying on logind uaccess ACLs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace vendor-specific hidraw rule (3434) with libfido2 udev
package which covers all FIDO2 devices. Fixes FIDO2 key visibility
on orion.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Install mciasctl, mciasgrpcctl, mcrctl, and mcproxyctl via new
configs/mcpkg.nix module. Adds flake inputs for mcias, mcr, and
mc-proxy from git.wntrmute.dev.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
