apply.nu

@@ -11,23 +11,20 @@ def --wrapped sync [...arguments] {
 
 # Applies the changes to the site by uploading it to the VPS.
 def main [] {
-  const dest_directory = "_site_production"
-  const deno_arguments = [ "task", "build", "--dest", $dest_directory, "--location", "https://rgbcu.be/" ]
-
   if (pwd | str starts-with "/data/data/com.termux") {
     sync ./ nine:site
 
-    ssh -tt nine $"
+    ssh -tt nine "
       cd site
-      LUME_DRAFTS=false nix run nixpkgs#deno -- ($deno_arguments | str join ' ')
+      LUME_DRAFTS=false nix run default#deno -- task build --location https://rgbcu.be/
     "
 
-    sync ("nine:site/" + $dest_directory) ./
+    sync nine:site/_site ./
   } else {
-    LUME_DRAFTS=false deno ...$deno_arguments
+    LUME_DRAFTS=false deno task build --location https://rgbcu.be/
   }
 
-  cd $dest_directory
+  cd _site
 
   let host = "root@best";
 

site.ts

@@ -176,7 +176,7 @@ site.use(checkUrls({
 site.use(feed({
   output: ["/blog.rss", "/blog.json"],
 
-  query: "type=article unlisted!=true",
+  query: "type=article",
   sort: "date=asc",
   limit: Infinity,
 

site/_includes/default.vto

@@ -15,10 +15,10 @@ layout: null
   <meta name="darkreader-lock">
 
   <!-- META -->
-  {{ if title }}       <title>{{ title }}</title>                               {{ /if }}
-  {{ if description }} <meta name="description" content="{{ description }}">    {{ /if }}
-  {{ if author }}      <meta name="author"      content="{{ author }}">         {{ /if }}
-  {{ if tags }}        <meta name="keywords"    content="{{ tags.join(",") }}"> {{ /if }}
+  {{ if title }}       <title>{{ title }}</title>                                   {{ /if }}
+  {{ if description }} <meta name="description" content="{{ description }}">        {{ /if }}
+  {{ if author }}      <meta name="author"      content="{{ author }}">             {{ /if }}
+  {{ if keywords }}    <meta name="keywords"    content="{{ keywords.join(",") }}"> {{ /if }}
 
   <!-- FANCY -->
   <link rel="icon" href="/assets/icons/icon.gif">

site/blog.vto

@@ -18,7 +18,7 @@ Blog Articles
 
 <style>ul * { overflow-wrap:anywhere !important; }</style>
 <ul>
-  {{ for article of search.pages("type=article unlisted!=true", "order=asc date=desc")}}
+  {{ for article of search.pages("type=article", "order=asc date=desc")}}
   <li class="flex">
     <a id="matrix" class="text-right font-mono" style="margin-right:calc(var(--spacing)*2)" href="{{ article.url }}">
       {{ article.date.toISOString().slice(2, 10).replaceAll("-", " ") }}

site/blog/2024-03-04-htmnix.md

@@ -2,7 +2,7 @@
 title: HTMNIX
 description: How the absolutely cursed HTMNIX project works.
 
-tags:
+keywords:
 - html
 - nix
 ---

site/blog/2024-04-02-cosmic-drift.md

@@ -2,9 +2,9 @@
 title: Cosmic Drift
 description: Or how I missed the school bus because of a cosmic ray.
 
-tags:
-- time
-- unix-timestamps
+keywords:
+  - time
+  - unix-timestamps
 ---
 
 So, every day I wake up at 6:55, get dressed by 7, walk to the bus stop by 7:13

site/blog/2024-04-15-nix-iceberg.md

@@ -2,9 +2,9 @@
 title: Explaining the Nix iceberg
 description: And revealing how cursed Nix is.
 
-unlisted: true
+draft: true
 
-tags:
+keywords:
 - nix
 ---
 
@@ -226,6 +226,8 @@ in builtins.break {
 
 Evaluate this expression with `nix eval --debugger --expr/--file` and see.
 
+<!-- TODO: Mention that this didn't use to work. -->
+
 ## `tvix`
 
 [Tvix](https://tvix.dev/) is an alternate implementation of Nix written in Rust.
@@ -562,22 +564,15 @@ print t
 
 The
 [`accept-flake-config`](https://nix.dev/manual/nix/2.29/command-ref/conf-file#conf-accept-flake-config)
-Nix configuration variable or `--option accept-flake-config true` flag in Nix
-commands allows Nix to unconditionally accept flake `nixConfig`'s.
+Nix configuration variable or `--accept-flake-config` flag in Nix commands
+allows Nix to unconditionally accept flake `nixConfig`'s.
 
 This is dangerous, because this can enable `builtins.importNative` by enabling
 the
 [`allow-unsafe-native-code-during-evaluation`](https://nix.dev/manual/nix/2.29/command-ref/conf-file#conf-allow-unsafe-native-code-during-evaluation)
-option, which then allows Nix expressions to load arbitrary dynamic libraries,
+option, which then allows Nix expresions to load arbitrary dynamic libraries,
 which can do anything as they are not confined to the Nix evaluation sandbox.
 
-However, a malicious flake doesn't even have to go that far. It can define an
-evil substituter using the `extra-substituters` key in `nixConfig`, and you may
-get served malicious packages.
-
-This is why you should generally be wary of using this option or typing in `Y`
-when asked to trust a substituter/enable a setting in interactive mode.
-
 ## Zilch
 
 ZilchOS is a decidedly tiny Nix-based distro. It is a great project to see how
@@ -588,13 +583,7 @@ It was created by [t184256](https://github.com/t184256) on GitHub, here is the
 
 ## `set.a or "meow"` is set-specific
 
-[As mentioned previously,](#let-a-1-or-6-in-a-or-9-) the Nix parser is weird and
-treats `or` as an identifier when it is not right after an attribute selection
-expression.
-
-So, the `or` in `set.key or default` is the keyword, but in `set or default` it
-is not, and the latter expression is actually a double function application,
-where we apply `or` to `set`, and then `default` to the result of that.
+TODO
 
 ## `builtins.toString [true false true] == "1  1"`
 
@@ -825,20 +814,7 @@ evaluate to 1.
 
 ## `__impure`
 
-With the
-[`impure-derivations`](https://nix.dev/manual/nix/2.29/development/experimental-features.html#xp-feature-impure-derivations)
-experimental Nix feature, you can set the `__impure` attribute to `true` within
-derivations to mark them "impure".
-
-What this does is:
-
-1. Let the derivation build have access to the network.
-2. Prevent the impure derivation from becoming a
-   [content-addressed](https://nix.dev/manual/nix/2.29/development/experimental-features.html#xp-feature-ca-derivations)
-   derivation.
-
-Impure derivations can also only be used by other impure derivations or
-fixed-output derivations (FODs).
+TODO
 
 # Tier 5: `normal and can be trusted with nix`
 
@@ -903,67 +879,38 @@ Give feedback at https://github.com/NixOS/nix/pull/11121
 
 ## `restrict-eval`
 
-[From the Nix manual:](https://nix.dev/manual/nix/2.29/command-ref/conf-file.html#conf-restrict-eval)
+[From the Nix manual:](https://nix.dev/manual/nix/2.29/command-ref/conf-file.html?highlight=restrict-eval#conf-restrict-eval)
 
 > If set to true, the Nix evaluator will not allow access to any files outside
 > of `builtins.nixPath`, or to URIs outside of `allowed-uris`.
 
 ## nix2
 
-`nix2` is commonly used to refer to `nix-<action>` style commands, such as
-`nix-build`, `nix-shell` while `nix3` is used to refer to `nix <action>` style
-commands, such as `nix build`, `nix develop`, and so on.
-
 ## `__noChroot`
 
 When the
-[`sandbox`](https://nix.dev/manual/nix/2.29/command-ref/conf-file.html#conf-sandbox)
+[`sandbox`](https://nix.dev/manual/nix/2.29/command-ref/conf-file.html?highlight=__nos#conf-sandbox)
 Nix configuration value is set to `relaxed`, fixed-output derivations (FODs)
 that have the `__noChroot` attribute set to `true` will not run in the Nix
 sandbox.
 
 ## cloud scale hydra
 
-[Cloudscale hydra](https://web.archive.org/web/20220624223053/https://cloudscalehydra.com/)
-was
-Graham[^![Graham "Determinate" Christensen](/assets/images/graham-sickos-resized.webp)]
-Christensen's previous failed project.
-
-He then went on to create [FlakeHub](https://flakehub.com/), which could be said
-is the successor to Cloudscale Hydra.
-
-It is curious that the following links are the only non-automated mentions of
-the project on the open internet:
-
-- [Meeting about nixpkgs `cudaPackages` from February 13th, 2025.](https://pad.lassul.us/p/KXm3h1AS-?print-pdf#/)
-  ([archive](https://archive.is/fbNMP)) (Search for `cloud-scale hydra`)
-
-- [A link to a now-defunct Hydra instance hosted by Cloudscale Hydra, in the Determinate Systems blog.](https://determinate.systems/posts/hydra-deployment-source-of-truth/)
-  ([archive](https://web.archive.org/web/20250319031645/https://determinate.systems/posts/hydra-deployment-source-of-truth/))
-  (Search for `cloudscalehydra`)
-
-- [A tweet from the Determinate Systems, about the availability of Cloudscale Hydra](https://x.com/DeterminateSys/status/1445785369941889024)
-  ([archive, actually check this one out! it's from 2021](https://web.archive.org/web/20220112074900/https://twitter.com/DeterminateSys/status/1445785369941889024))
-
-If you can't find the mentions in these pages, check the archives out.
-
-![Cloudscale Hydra landing page sketch](/assets/images/cloudscale-hydra.webp)
+TODO
 
 ## `(_:_) != (_:_)` but `(a:a) == (a:a)`
 
 Evaluating `(_:_) == (_:_)`, we see that it is `false`, which means the two
 functions aren't equal to eachother, as we are comparing them directly and when
-compared directly, function comparisons return false.
+compared directly, functions return false.
 
-But then why does `(a:a) == (a:a)` return `true`? Aren't we still comparing
-functions?
+But then why does `(a:a) == (a:a)` return `true`? Aren't they both functions?
 
 **Nope!**
 
 `a:a` is a
-[legacy URL literal](https://nix.dev/manual/nix/2.29/development/experimental-features.html#no-url-literals),
-which can be disabled using the
-[`no-url-literals` experimental Nix feature.](https://nix.dev/manual/nix/2.29/development/experimental-features.html#xp-feature-no-url-literals)
+[legacy URL literal](https://nix.dev/manual/nix/2.29/development/experimental-features.html?highlight=url%20literal#no-url-literals),
+which can be disabled using the `no-url-literals` Nix feature.
 
 ## de betekenis van @niksnut
 
@@ -973,14 +920,14 @@ TODO
 
 This is the legacy `let` syntax. Equivalent to `let huh = "?"; in huh`.
 
-# Tier 6: `has meowed before`
+## Tier 6: `has meowed before`
 
-## `let { body = 1; __overrides.body = 2; }`
+### `let { body = 1; __overrides.body = 2; }`
 
 This is a combination of [`__override`](#rec-a-5-b-a-1-overridesa-6-) for keyed
-expressions and the [`legacy let syntax`](#let-huh-body-huh-).
+experessions and the [`legacy let syntax`](#let-huh-body-huh-).
 
-## function identity is load bearing on importing nixpkgs
+### function identity is load bearing on importing nixpkgs
 
 Since
 [attribute sets with function members compare function identities (memory locations)](#let-f-a-a-s-ff-in-f-f-s-s),
@@ -994,9 +941,9 @@ determine whether if we are cross-compiling.
 
 Therefore, function identity really **is** load bearing on importing nixpkgs.
 
-## `import <nix/fetchurl.nix>`
+### `import <nix/fetchurl.nix>`
 
-This looks like we are importing `<nix>`, and getting the `fetchurl.nix` file in
+This looks like we are importing <nix>, and getting the `fetchurl.nix` file in
 it.
 
 Let's see if that is true:
@@ -1051,15 +998,15 @@ and its contents are set to a
 You do not need to be in impure evaluation mode to use `corepkgs`, aka
 `<nix/*>`.
 
-## test suite of nix wasn't run
+### test suite of nix wasn't run
 
 TODO
 
-## fixed-output derivation sandboxing
+### fixed-output derivation sandboxing
 
 TODO
 
-## `importNative`
+### `importNative`
 
 [`builtins.importNative`](https://nix.dev/manual/nix/2.29/command-ref/conf-file.html#conf-allow-unsafe-native-code-during-evaluation)
 allows Nix expressions to import arbitrary dynamic libraries to produce Nix
@@ -1068,11 +1015,11 @@ expressions.
 Of course, this is turned off by default as it is a security risk. You probably
 shouldn't use this.
 
-## `chromium recompressTarball`
+### `chromium recompressTarball`
 
 TODO
 
-## more than 1 million chars of indents breaks things
+### more than 1 million chars of indents breaks things
 
 The weird Nix parser
 [hard codes `1000000`](https://github.com/NixOS/nix/blob/2afc84fddf463b22196aeb70587bc0c9259e330f/src/libexpr/include/nix/expr/parser-state.hh#L250)
@@ -1082,7 +1029,7 @@ spanning multiple lines.
 So when you have a line with more than a million spaces for the indent, it is
 ignored and not included in the minimum indent calculation.
 
-# Tier 7: `wears animal ears to NixCon`
+## Tier 7: `wears animal ears to NixCon`
 
 <h2><small>
 
@@ -1097,37 +1044,11 @@ TODO
 
 ## `(_: builtins.break _)`
 
-Historically, the [`builtins.break`](#-debugger) function used to not work
-reliably in some cases, such as `let-in`'s and function calls.
-
-This was fixed in [this merge request](https://github.com/NixOS/nix/pull/9917),
-in February 8, 2024.
-
-But before that fix, you would use `(_: builtins.break _)` or an equivalent
-instead of `builtins.break` itself.
+TODO
 
 ## multiplayer tic-tac-toe in nix repl
 
-You want to read this blog post:
-[Are Nix Expressions Pacman-Complete?](https://stuebinm.eu/posts/nix-tic-tac-toe-complete.html)
-
-You can run it using the following bash/zsh/etc (any shell that implements
-`$(( RANDOM ))`):
-
-```sh
-git clone https://stuebinm.eu/git/playground nix-tic-tac-toe
-
-# In first shell:
-nix-build --argstr seed $(( RANDOM )) nix-tic-tac-toe/nix-turing/game.nix
-
-# In second shell, in parallel:
-move=0
-while true; do
-  read -p "move: " content
-  echo "$content" > "/tmp/input-${move}"
-  ((move++))
-done
-```
+TODO
 
 ## `let e="e"; in [001.2e01e.30.4]`
 
@@ -1146,5 +1067,3 @@ TODO
 TODO
 
 ## `builtins.derivationStrict`
-
-TODO

site/blog/2024-05-20-swap-i.md

@@ -2,7 +2,7 @@
 title: Swap the `ı` and `i` key on your keyboard for faster modal editing
 description: How to swap the ı and i key on your Turkish keyboard on Linux.
 
-tags:
+keywords:
 - localisation
 - modal-editors
 ---

site/blog/2024-09-30-gitignore.md

@@ -5,7 +5,7 @@ description: And how to roll the rock over the edge.
 color: "#A5804C"
 thumbnail: /assets/images/sisyphus-ds-store.webp
 
-tags:
+keywords:
 - vcs
 ---
 

site/blog/2025-06-05-why-cores.md

@@ -4,7 +4,7 @@ title: "Why more `/sys/class/hwmon/*/temp*_label` than CPU cores?"
 color: "#99CF9F"
 thumbnail: /assets/images/cpu-dumb.webp
 
-tags:
+keywords:
 - hardware
 ---