| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
nixpkgs has no top-level `podman-docker` attribute — that's an Arch
convenience pkg. NixOS exposes it via the `virtualisation.podman.
dockerCompat` option but that's not reachable from home-manager. Ship
a one-line writeShellScriptBin instead; same result, no module rewire.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the podman stack (podman, crun, conmon, netavark, aardvark-dns,
slirp4netns, passt, podman-compose, podman-docker) from a vm-only block
into common.nix so the Arch host and the Ubuntu remote-dev VM run the
same nix-pinned versions. This drops podman-compose + podman-docker
from pacman as well — they were the only podman-stack pieces still
sourced from there on the host.
Relocate registries.conf + policy.json into the chezmoi tree at
dot_config/containers/ so both flavors share them; vm.nix now picks
them up via the existing link helper. storage.conf stays inline in
vm.nix because the VM needs the overlay driver while the Arch host
uses the btrfs driver (root fs is btrfs there).
|
| |
|
|
|
|
|
|
|
| |
nixpkgs' clang-tools derivation symlinks scripts from clang-unwrapped
only when they're executable; run-clang-tidy loses the +x bit during
the multi-output split and gets skipped. Re-expose it ourselves by
probing clang-unwrapped's main and python outputs (bin/ first, then
the legacy share/clang/ layout) and installing the first hit at
$out/bin/run-clang-tidy.
|
| |
|
|
|
|
| |
tuicr (TUI git-change reviewer) isn't packaged in nixpkgs, so pull it
as a flake input with an overlay exposing pkgs.tuicr. The companion
claude-code skill lives in dot_claude/skills/tuicr/ (separate commit).
|
| |
|
|
|
|
| |
Interactive python REPL. Uses python3Packages.ipython so only the
`ipython` binary lands on PATH — no stray system `python`/`python3`,
preserving the 'tools managed by uv per-project' policy in common.nix.
|
| |
|
|
| |
Stops the 'X news items unread' banner on every home-manager switch.
|
| |
|
|
|
|
|
| |
Upstream rewrote the derivation in 1.0.43+ to fetch a prebuilt binary
from the copilot-cli releases (autoPatchelf + makeBinaryWrapper) instead
of buildNpmPackage, sidestepping the /var/empty/.cache EACCES that
blocked 1.0.40.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per user decision: on the Arch host, chezmoi remains the single deployer
of $HOME dotfiles. nix/common.nix's xdg.configFile + sshConfig
activation + .zshenv home.file block was causing home-manager to fight
chezmoi on every nix-switch, materializing .backup files for nvim,
zellij, zsh, git, ghostty, direnv.
Resolution:
- nix/common.nix: drop the entire deployment block, drop the
my.dotfilesPath option, drop the let..in dotfiles/link helpers.
Module is now deployment-agnostic: only installs packages.
- nix/host.nix: drop my.dotfilesPath; explicit comment that chezmoi
owns dotfile deployment on the host.
- nix/vm.nix: gains everything previously in common.nix's deployment
block — xdg.configFile (nvim/zellij/zsh/git/ghostty/direnv),
home.activation.sshConfig, home.file.".zshenv". The 'dotfiles'
let-binding (= $HOME/.local/share/dotfiles) and 'link' helper move
here too, since they're vm-only now.
Host runbook unchanged (`just sync`); first run after pulling will
just be a no-op nix-switch instead of a backup-file storm.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- common.nix hardcoded the runtime dotfiles checkout to
~/.local/share/dotfiles, which is correct for the remote-dev VM but
not the Arch host (where the canonical clone lives at ~/dotfiles).
ssh activation was failing with 'cannot stat
/home/sommerfeld/.local/share/dotfiles/private_dot_ssh/config' on
every host nix-switch.
Promote the path to a typed option (config.my.dotfilesPath) and set
it from each profile:
nix/host.nix -> $HOME/dotfiles
nix/vm.nix -> $HOME/.local/share/dotfiles
common.nix now wraps its config in 'config = { ... }' so the
options can sit alongside.
- dockerfile-language-server-nodejs was renamed in nixpkgs to
dockerfile-language-server; pick up the new name to silence the
evaluation warning (the rename will eventually become a hard error).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
github-copilot-cli (broken)
nodePackages was removed wholesale from nixpkgs; everything that lived
under it must be referenced via its top-level name or dropped.
- prettier: moved nodePackages.prettier -> prettier (top-level alias).
- jsonlint: not available at top level. Dropped from nix/common.nix
AND from the nvim-lint and conform-nvim configs in
dot_config/nvim/lua/plugins/lsp.lua. jsonls already provides
schema-aware diagnostics; jq still handles formatting. The
jsonlint redundancy is acceptable to lose.
- github-copilot-cli (1.0.40 in nixpkgs): buildNpmPackage derivation
doesn't redirect HOME during npm postinstall, so it fails with
EACCES on /var/empty/.cache on Determinate nix. Removed; install
manually from https://github.com/github/copilot-cli into
/usr/local/bin/ as before (current host already has it there).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
in nix-switch
- gh-actions-language-server is an npm package (lttb/gh-actions-language-server)
not packaged in nixpkgs. Removed from nix/common.nix and from the
vim.lsp.enable list in dot_config/nvim/lua/plugins/lsp.lua. Restore
later via a per-project flake.nix if working on a workflows-heavy repo.
- just runs recipes with a sanitized env where $USER may be unset;
home-manager's activation script dereferences it unconditionally
and fails with 'USER: unbound variable'. Export USER (and HOME for
symmetry) at the top of the nix-switch recipe.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Migrated to Home-Manager (nix/common.nix):
cmake, ninja, ccache, sccache (build orchestrators — they only
delegate to whatever compiler is on PATH, don't ship one
themselves, so no ABI shadowing risk)
valgrind (instruments at syscall/library boundary; works fine with
pacman-built target binaries)
doxygen (source-only documentation tool; was accidentally dropped
in the previous sweep — restored here)
Dropped entirely (per-project flake.nix + direnv .envrc instead):
clang, lld, mold, rustup, npm
Rationale: these are language/toolchain-specific compilers and
linkers; when a project needs them, the project's own flake provides
the version it wants, pinned in flake.lock. base-devel still ships
gcc/ld/as/make for general-purpose system builds and one-offs.
npm is also dropped from pacman; nodejs_24 in nix/common.nix already
ships npm for the editor/AI-agent path. Project-side npm comes via
per-project flake when needed.
Updated nix/common.nix policy comment to match: only ban the actual
compilers/linkers (cc/gcc/clang/ld) and forbidden runtimes (cargo,
rustc, go, python3) — build orchestrators and instrumentation tools
are explicitly allowed.
The --- dev --- section in base.txt is now just perf and podman-*
(kernel-coupled / system-runtime-coupled).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Migrated to Home-Manager (nix/common.nix):
duf, gdu, nmap, procs, yazi, difftastic, direnv (was duplicated),
git-absorb, samply, strace, t-rec, act, pandoc, gdb, lldb
lldb stays nix-only (no longer in base.txt) — per user policy, only
ever used to debug own builds, so glibc/kernel ABI skew vs the
pacman-built system isn't a concern. Same logic could extend to
valgrind, but valgrind has tighter glibc compat needs; perf links
against kernel ABI and must match the running kernel. Both stay
pacman.
uv was already in nix; removed pacman duplicate.
Kept on pacman (cannot migrate without breaking system builds, per
nix/common.nix policy that bans compilers/linkers/build systems on
PATH):
ccache, clang, cmake, lld, mold, ninja, npm, rustup, sccache,
podman-compose, podman-docker (system runtime integration),
perf, valgrind (kernel/glibc-coupled), unzip (transitive via base),
doxygen (huge nixpkgs closure not worth it).
Dropped entirely (unused):
android-tools, go, gpg-tui, luarocks (was for Mason-managed nvim
plugin deps; Mason is gone), bash-completion (zsh-only setup),
pandoc-bin (replaced by nix pandoc).
jdk21-openjdk kept — still needed for the groovy/jenkins toolchain
paths in nvim.
Rewrote the --- dev --- section comment to explain the policy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cleanup pass following p7 review:
- pass-otp: wired via pass.withExtensions in nix/common.nix
(`pass otp ...` works against the same store).
- zsh-completions: added as a separate package next to zsh + plugins
(fpath picks it up via HM's nix-profile share/).
- wget: already in nix/common.nix; removed pacman duplicate.
- gnupg: already in nix/common.nix; removed pacman entry.
pcscd still comes from pacman pcsclite (system
service needs root + hardware access), nix gnupg's
scdaemon dials it via /run/pcscd/pcscd.comm.
- curl: removed; pulled transitively by base, base-devel,
paru and many others.
Kept on pacman:
- pcsclite, ccid : pcscd is a system daemon; libs needed by HM scdaemon
- man-db, man-pages : distro-specific
- base, base-devel : meta-packages
- pass-secret-service-bin : AUR-only
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following are now provisioned by Home-Manager via nix/common.nix
and live under ~/.nix-profile/bin (which is first in PATH per phase
p3):
ripgrep, fd, bat, glow, fzf, lsd, jq, yq (yq-go), zoxide, just, sd,
choose, dog, curlie, hyperfine, htop, fastfetch, tldr, rsync,
mergiraf, git-delta (delta), tree-sitter-cli (tree-sitter), neovim,
zellij, github-cli (gh), pass, openssh, git, zsh,
zsh-syntax-highlighting, zsh-autosuggestions,
zsh-history-substring-search, basedpyright-bin (basedpyright),
rust-analyzer
Kept:
- pass-otp, zsh-completions: no Home-Manager equivalent yet
- pcsclite: still needed by Home-Manager gnupg/scdaemon
(see nix/host.nix scdaemon.conf)
- curl, wget, man-db, man-pages, gnupg: system-fundamental, fine to
keep duplicated. git/openssh/gnupg also come back as transitive
deps of paru/sudo/etc. even if dropped here.
Added hyperfine to nix/common.nix (missed in the p5 batch).
Phase 7 of the nix-on-host migration plan.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replaces Mason entirely (phase p6 of the nix migration will rip out
mason-tool-installer and friends). The set tracks the previous
ensure_installed list in nvim's lsp.lua, with five niche tools dropped
per the migration plan:
- groovy-language-server, npm-groovy-lint
- nginx-language-server, nginx-config-formatter
- systemdlint
systemd-lsp is renamed to systemd-language-server (the nixpkgs attr
name). codelldb is replaced by lldb-dap (upstream successor, ships with
pkgs.lldb); dap configs switch in phase p6.
Drops jre, basedpyright, cargo, rustc from vm.nix — they only existed
to work around Mason quirks on Ubuntu 20.04 (uv-python wheel
incompatibility, source-build needs). With Mason gone, basedpyright
comes from nixpkgs cleanly on both profiles.
Phase 5 of the nix-on-host migration plan.
|
|
|
Restructures the Home-Manager profile to support both the Arch host and
the Ubuntu remote-dev VM from the same flake.
- remote-dev/ → nix/ (hard rename; .chezmoiignore updated)
- home.nix split into common.nix (shared), vm.nix (Mason runtime
carve-outs + podman stack), host.nix (gpg scdaemon delegation to
system pcscd)
- flake.nix exposes homeConfigurations.{vm,host} via a mkProfile
helper
- rj alias in dot_zshrc updated to ~/.local/share/dotfiles/nix
- bootstrap.sh / justfile updated to use #vm against the new path
The split is behaviour-preserving for the VM: vm.nix + common.nix
together carry the same package set as the previous home.nix.
host.nix is provisioned but not yet wired into bootstrap (phase p8).
Phase 1 of the nix-on-host migration plan.
|
sommerfeld