| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous environment.d fix was insufficient: even with the nix profile
on the --user manager's PATH (confirmed via `systemctl --user
show-environment`), bare-name ExecStart= still fails 203/EXEC. systemd's
--user manager does not resolve a bare ExecStart binary against the
imported/environment.d PATH.
Invoke each unit's main binary by absolute path %h/.nix-profile/bin/<name>
(waybar, swayidle, swayrd, inhibridge, wl-paste, wob). %h expands to $HOME
at unit load. Secondary lookups those binaries/scripts perform (cliphist,
swaymsg, playerctl) still rely on PATH, which environment.d provides — so
that file stays, with its comment corrected to reflect this split.
|
| |
|
|
|
|
|
|
| |
Same root cause as ghostty: imv (OpenGL), wl-mirror (EGL) and sparrow
(JavaFX/OpenGL) are GL/EGL apps that can't find the system Mesa/DRI driver
when built by nix on a non-NixOS host. Remove them from nix/host.nix; add
imv + wl-mirror to meta/base.txt (sparrow already lives in meta/btc.txt as
sparrow-wallet). Refresh the stale base.txt media comment accordingly.
|
| |
|
|
|
|
|
|
| |
ghostty is a GPU/OpenGL terminal. Nix-built GL apps on a non-NixOS host
can't locate the system Mesa/DRI driver (FHS /usr/lib drivers don't match
nix's search paths), so the nix-migrated ghostty failed to start with
"missing OpenGL context". Move it back to meta/base.txt (pacman) so it
links against system Mesa. Same caveat flagged for imv/wl-mirror/sparrow.
|
| |
|
|
|
|
|
| |
nixpkgs has no top-level `podman-docker` attribute — that's an Arch
convenience pkg. NixOS exposes it via the `virtualisation.podman.
dockerCompat` option but that's not reachable from home-manager. Ship
a one-line writeShellScriptBin instead; same result, no module rewire.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pull every pacman/AUR entry that is (1) packaged in nixpkgs and (2)
free of tight system coupling out of meta/base.txt and into
nix/host.nix. System coupling = setuid, /usr/lib/systemd/system unit,
udev rule, /usr/share/dbus-1/services file, /usr/share/wayland-sessions
entry, shared lib other pacman pkgs link, /etc/makepkg.conf reference,
system fontconfig path, PAM, Qt plugin search path, or kernel/
firmware/bootloader touchpoint. User-scope systemd units are NOT
coupling — nix drops them in ~/.nix-profile/share/systemd/user/ and
systemd picks them up; the chezmoi-owned unit files that referenced
/usr/bin/<tool> paths are fixed in a follow-up commit.
Wayland session: waybar, mako, fuzzel, wofi, swayidle, swayr,
inhibridge, bemoji, wob, poweralertd, grim, slurp, wf-recorder, wtype,
wl-clipboard, cliphist, imv, wl-mirror, playerctl, pulsemixer, ghostty.
General CLIs: qrencode, torsocks, lshw, yt-dlp, streamlink, chezmoi,
paru.
GUI: sparrow.
OCR: tesseract collapsed with .override { enableLanguages = [eng por] }
— replaces tesseract + tesseract-data-eng + tesseract-data-por.
STT: whisper-cpp.override { vulkanSupport = true; } plus an inline
whisper-cpp-model-base derivation that fetches ggml-base.bin from the
upstream huggingface mirror into
~/.nix-profile/share/whisper-cpp-models/.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move the podman stack (podman, crun, conmon, netavark, aardvark-dns,
slirp4netns, passt, podman-compose, podman-docker) from a vm-only block
into common.nix so the Arch host and the Ubuntu remote-dev VM run the
same nix-pinned versions. This drops podman-compose + podman-docker
from pacman as well — they were the only podman-stack pieces still
sourced from there on the host.
Relocate registries.conf + policy.json into the chezmoi tree at
dot_config/containers/ so both flavors share them; vm.nix now picks
them up via the existing link helper. storage.conf stays inline in
vm.nix because the VM needs the overlay driver while the Arch host
uses the btrfs driver (root fs is btrfs there).
|
| |
|
|
|
|
| |
home-manager: 7d8127d3 (master, 26.11) → b179bde2 (release-26.05)
Follow-up to the release-branch pin in the previous commit.
|
| |
|
|
|
|
|
|
|
| |
HM master had rolled to the 26.11 development cycle while the
nixos-unstable nixpkgs snapshot we follow is still on 26.05. Activation
emitted the 'mismatched versions' warning at every nix-switch.
Pin HM to its release-26.05 branch so the two stay in lockstep; bump the
branch name when nixpkgs lib.version rolls over.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
nixpkgs' clang-tools derivation symlinks scripts from clang-unwrapped
only when they're executable; run-clang-tidy loses the +x bit during
the multi-output split and gets skipped. Re-expose it ourselves by
probing clang-unwrapped's main and python outputs (bin/ first, then
the legacy share/clang/ layout) and installing the first hit at
$out/bin/run-clang-tidy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The AUR `external-editor-revived` PKGBUILD declares a hard `thunderbird`
dependency, which blocks removing the unused system Thunderbird binary
alongside the org.mozilla.thunderbird flatpak (and pacman's
`AssumeInstalled` is a CLI flag, not a pacman.conf directive, so the
previous workaround was nonfunctional).
Nixpkgs' `external-editor-revived` is just `rustPlatform.buildRustPackage`
plus a relocatable native-messaging manifest — zero mailer dep — so the
host gets it from nix instead.
* nix/host.nix: add `external-editor-revived` to `home.packages`. Kept
out of `common.nix` so the remote-dev VM (which has no Thunderbird)
doesn't carry the build closure.
* run_onchange_after_deploy-tb-eer.sh.tmpl: search
`~/.nix-profile/{bin,lib/mozilla/native-messaging-hosts}` first and
fall through to the legacy pacman paths. The chezmoi manifest-hash
probe now checks the nix path too, so the hook re-runs cleanly when
nix bumps the EER version.
* meta/base.txt: drop the `external-editor-revived` AUR entry and
rewrite the comment to point at the nix declaration.
* etc/pacman.conf: revert the bogus `AssumeInstalled` directive
(CLI-only, not pacman.conf).
On-host migration:
home-manager switch --flake ~/dotfiles/nix#host # picks up EER
sudo pacman -Rns external-editor-revived thunderbird mpv
chezmoi apply -v # re-runs tb-eer hook
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Upstream tuicr commit 5b19712 migrated from the legacy
`defaultPackage.<system>` flake output to the standard
`packages.<system>.default`, which broke `nix-update` with:
error: attribute 'defaultPackage' missing
|
| |
|
|
|
|
| |
Add dot_config/tuicr/config.toml with theme = "gruvbox-dark".
Symlinked from nix/vm.nix per the symlink invariant so the same
config applies on both host (via chezmoi) and VM (via home-manager).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
tuicr's upstream flake uses the legacy 'defaultPackage.<system>' output
schema, not 'packages.<system>.default' — fixes the home-manager switch
error 'attribute packages missing' at nix/flake.nix:28.
zsh: removing the system zsh package took /etc/zsh/zprofile with it,
which used to 'source /etc/profile' and pull in /etc/profile.d/*.sh
(flatpak.sh, nix.sh, etc.). Reconstruct XDG_DATA_DIRS in dot_zprofile
defensively, including per-user + system flatpak exports + nix-profile
share, so 'flatpak update' stops warning and desktop entries from
flatpak/nix-installed apps work in launchers (fuzzel).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The VM doesn't run chezmoi, so every config the host gets via chezmoi
must reach the VM via a nix symlink. Audit found gaps for tools whose
binary IS in common.nix but whose dot_config tree was unlinked:
bat, lsd, yazi, ripgrep, fd, wget, npm, ipython,
gdb, clangd, ccache
Plus the new tuicr claude-code skill (under ~/.claude/skills/tuicr/,
NOT ~/.config — uses home.file instead of xdg.configFile).
Reorganises the block by category and adds an INVARIANT comment
pointing at the rule in .github/copilot-instructions.md.
GUI/wayland-only tools (sway/mako/waybar/fuzzel/mpv/zathura/etc) stay
unlinked: the VM is headless.
|
| |
|
|
|
|
| |
tuicr (TUI git-change reviewer) isn't packaged in nixpkgs, so pull it
as a flake input with an overlay exposing pkgs.tuicr. The companion
claude-code skill lives in dot_claude/skills/tuicr/ (separate commit).
|
| |
|
|
|
|
|
|
| |
Root filesystem is btrfs; the userspace tools are needed for routine
maintenance (scrub, balance, subvolume management) and inspection
(`btrfs filesystem usage` — the only honest reporter on btrfs since
plain `df` doesn't account for metadata/profiles/unallocated). Also
used by the mkinitcpio btrfs hook at boot.
|
| |
|
|
|
|
| |
Interactive python REPL. Uses python3Packages.ipython so only the
`ipython` binary lands on PATH — no stray system `python`/`python3`,
preserving the 'tools managed by uv per-project' policy in common.nix.
|
| |
|
|
| |
Stops the 'X news items unread' banner on every home-manager switch.
|
| |
|
|
|
|
|
| |
Upstream rewrote the derivation in 1.0.43+ to fetch a prebuilt binary
from the copilot-cli releases (autoPatchelf + makeBinaryWrapper) instead
of buildNpmPackage, sidestepping the /var/empty/.cache EACCES that
blocked 1.0.40.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per user decision: on the Arch host, chezmoi remains the single deployer
of $HOME dotfiles. nix/common.nix's xdg.configFile + sshConfig
activation + .zshenv home.file block was causing home-manager to fight
chezmoi on every nix-switch, materializing .backup files for nvim,
zellij, zsh, git, ghostty, direnv.
Resolution:
- nix/common.nix: drop the entire deployment block, drop the
my.dotfilesPath option, drop the let..in dotfiles/link helpers.
Module is now deployment-agnostic: only installs packages.
- nix/host.nix: drop my.dotfilesPath; explicit comment that chezmoi
owns dotfile deployment on the host.
- nix/vm.nix: gains everything previously in common.nix's deployment
block — xdg.configFile (nvim/zellij/zsh/git/ghostty/direnv),
home.activation.sshConfig, home.file.".zshenv". The 'dotfiles'
let-binding (= $HOME/.local/share/dotfiles) and 'link' helper move
here too, since they're vm-only now.
Host runbook unchanged (`just sync`); first run after pulling will
just be a no-op nix-switch instead of a backup-file storm.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- common.nix hardcoded the runtime dotfiles checkout to
~/.local/share/dotfiles, which is correct for the remote-dev VM but
not the Arch host (where the canonical clone lives at ~/dotfiles).
ssh activation was failing with 'cannot stat
/home/sommerfeld/.local/share/dotfiles/private_dot_ssh/config' on
every host nix-switch.
Promote the path to a typed option (config.my.dotfilesPath) and set
it from each profile:
nix/host.nix -> $HOME/dotfiles
nix/vm.nix -> $HOME/.local/share/dotfiles
common.nix now wraps its config in 'config = { ... }' so the
options can sit alongside.
- dockerfile-language-server-nodejs was renamed in nixpkgs to
dockerfile-language-server; pick up the new name to silence the
evaluation warning (the rename will eventually become a hard error).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
github-copilot-cli (broken)
nodePackages was removed wholesale from nixpkgs; everything that lived
under it must be referenced via its top-level name or dropped.
- prettier: moved nodePackages.prettier -> prettier (top-level alias).
- jsonlint: not available at top level. Dropped from nix/common.nix
AND from the nvim-lint and conform-nvim configs in
dot_config/nvim/lua/plugins/lsp.lua. jsonls already provides
schema-aware diagnostics; jq still handles formatting. The
jsonlint redundancy is acceptable to lose.
- github-copilot-cli (1.0.40 in nixpkgs): buildNpmPackage derivation
doesn't redirect HOME during npm postinstall, so it fails with
EACCES on /var/empty/.cache on Determinate nix. Removed; install
manually from https://github.com/github/copilot-cli into
/usr/local/bin/ as before (current host already has it there).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
in nix-switch
- gh-actions-language-server is an npm package (lttb/gh-actions-language-server)
not packaged in nixpkgs. Removed from nix/common.nix and from the
vim.lsp.enable list in dot_config/nvim/lua/plugins/lsp.lua. Restore
later via a per-project flake.nix if working on a workflows-heavy repo.
- just runs recipes with a sanitized env where $USER may be unset;
home-manager's activation script dereferences it unconditionally
and fails with 'USER: unbound variable'. Export USER (and HOME for
symmetry) at the top of the nix-switch recipe.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Migrated to Home-Manager (nix/common.nix):
cmake, ninja, ccache, sccache (build orchestrators — they only
delegate to whatever compiler is on PATH, don't ship one
themselves, so no ABI shadowing risk)
valgrind (instruments at syscall/library boundary; works fine with
pacman-built target binaries)
doxygen (source-only documentation tool; was accidentally dropped
in the previous sweep — restored here)
Dropped entirely (per-project flake.nix + direnv .envrc instead):
clang, lld, mold, rustup, npm
Rationale: these are language/toolchain-specific compilers and
linkers; when a project needs them, the project's own flake provides
the version it wants, pinned in flake.lock. base-devel still ships
gcc/ld/as/make for general-purpose system builds and one-offs.
npm is also dropped from pacman; nodejs_24 in nix/common.nix already
ships npm for the editor/AI-agent path. Project-side npm comes via
per-project flake when needed.
Updated nix/common.nix policy comment to match: only ban the actual
compilers/linkers (cc/gcc/clang/ld) and forbidden runtimes (cargo,
rustc, go, python3) — build orchestrators and instrumentation tools
are explicitly allowed.
The --- dev --- section in base.txt is now just perf and podman-*
(kernel-coupled / system-runtime-coupled).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Migrated to Home-Manager (nix/common.nix):
duf, gdu, nmap, procs, yazi, difftastic, direnv (was duplicated),
git-absorb, samply, strace, t-rec, act, pandoc, gdb, lldb
lldb stays nix-only (no longer in base.txt) — per user policy, only
ever used to debug own builds, so glibc/kernel ABI skew vs the
pacman-built system isn't a concern. Same logic could extend to
valgrind, but valgrind has tighter glibc compat needs; perf links
against kernel ABI and must match the running kernel. Both stay
pacman.
uv was already in nix; removed pacman duplicate.
Kept on pacman (cannot migrate without breaking system builds, per
nix/common.nix policy that bans compilers/linkers/build systems on
PATH):
ccache, clang, cmake, lld, mold, ninja, npm, rustup, sccache,
podman-compose, podman-docker (system runtime integration),
perf, valgrind (kernel/glibc-coupled), unzip (transitive via base),
doxygen (huge nixpkgs closure not worth it).
Dropped entirely (unused):
android-tools, go, gpg-tui, luarocks (was for Mason-managed nvim
plugin deps; Mason is gone), bash-completion (zsh-only setup),
pandoc-bin (replaced by nix pandoc).
jdk21-openjdk kept — still needed for the groovy/jenkins toolchain
paths in nvim.
Rewrote the --- dev --- section comment to explain the policy.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cleanup pass following p7 review:
- pass-otp: wired via pass.withExtensions in nix/common.nix
(`pass otp ...` works against the same store).
- zsh-completions: added as a separate package next to zsh + plugins
(fpath picks it up via HM's nix-profile share/).
- wget: already in nix/common.nix; removed pacman duplicate.
- gnupg: already in nix/common.nix; removed pacman entry.
pcscd still comes from pacman pcsclite (system
service needs root + hardware access), nix gnupg's
scdaemon dials it via /run/pcscd/pcscd.comm.
- curl: removed; pulled transitively by base, base-devel,
paru and many others.
Kept on pacman:
- pcsclite, ccid : pcscd is a system daemon; libs needed by HM scdaemon
- man-db, man-pages : distro-specific
- base, base-devel : meta-packages
- pass-secret-service-bin : AUR-only
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following are now provisioned by Home-Manager via nix/common.nix
and live under ~/.nix-profile/bin (which is first in PATH per phase
p3):
ripgrep, fd, bat, glow, fzf, lsd, jq, yq (yq-go), zoxide, just, sd,
choose, dog, curlie, hyperfine, htop, fastfetch, tldr, rsync,
mergiraf, git-delta (delta), tree-sitter-cli (tree-sitter), neovim,
zellij, github-cli (gh), pass, openssh, git, zsh,
zsh-syntax-highlighting, zsh-autosuggestions,
zsh-history-substring-search, basedpyright-bin (basedpyright),
rust-analyzer
Kept:
- pass-otp, zsh-completions: no Home-Manager equivalent yet
- pcsclite: still needed by Home-Manager gnupg/scdaemon
(see nix/host.nix scdaemon.conf)
- curl, wget, man-db, man-pages, gnupg: system-fundamental, fine to
keep duplicated. git/openssh/gnupg also come back as transitive
deps of paru/sudo/etc. even if dropped here.
Added hyperfine to nix/common.nix (missed in the p5 batch).
Phase 7 of the nix-on-host migration plan.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LSPs, formatters, linters, and the lldb-dap debugger now come from
~/.nix-profile/bin (see nix/common.nix). lspconfig keeps the default
configs; we just opt-in via vim.lsp.enable() with an explicit list.
Changes:
- dot_config/nvim/lua/plugins/lsp.lua: drop mason*, replace
mason-lspconfig handler with explicit vim.lsp.enable({...}); drop
groovy/jenkins formatters and lint entries; drop systemd lint
(nginx + groovy + systemdlint tools dropped per plan).
- dot_config/nvim/lua/plugins/debug.lua: drop mason-nvim-dap; drop
codelldb adapter; switch dap.configurations.cpp to type='lldb'
(lldb-dap is the upstream successor, ships with pkgs.lldb).
- dot_config/nvim/init.lua: remove mason.nvim, mason-lspconfig.nvim,
mason-tool-installer.nvim, mason-nvim-dap.nvim from vim.pack.add.
- dot_config/nvim/lua/config/update.lua: remove MasonToolsUpdateSync.
- dot_config/zsh/dot_zshrc: flip plugin source order — prefer
~/.nix-profile/share, fall back to /usr/share/zsh (was the other
way around).
- nix/bootstrap.sh: drop the uv-python3.11 step (no longer needed
once Mason no longer source-builds Python LSPs on Ubuntu 20.04).
Phase 6 of the nix-on-host migration plan.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replaces Mason entirely (phase p6 of the nix migration will rip out
mason-tool-installer and friends). The set tracks the previous
ensure_installed list in nvim's lsp.lua, with five niche tools dropped
per the migration plan:
- groovy-language-server, npm-groovy-lint
- nginx-language-server, nginx-config-formatter
- systemdlint
systemd-lsp is renamed to systemd-language-server (the nixpkgs attr
name). codelldb is replaced by lldb-dap (upstream successor, ships with
pkgs.lldb); dap configs switch in phase p6.
Drops jre, basedpyright, cargo, rustc from vm.nix — they only existed
to work around Mason quirks on Ubuntu 20.04 (uv-python wheel
incompatibility, source-build needs). With Mason gone, basedpyright
comes from nixpkgs cleanly on both profiles.
Phase 5 of the nix-on-host migration plan.
|
|
|
Restructures the Home-Manager profile to support both the Arch host and
the Ubuntu remote-dev VM from the same flake.
- remote-dev/ → nix/ (hard rename; .chezmoiignore updated)
- home.nix split into common.nix (shared), vm.nix (Mason runtime
carve-outs + podman stack), host.nix (gpg scdaemon delegation to
system pcscd)
- flake.nix exposes homeConfigurations.{vm,host} via a mkProfile
helper
- rj alias in dot_zshrc updated to ~/.local/share/dotfiles/nix
- bootstrap.sh / justfile updated to use #vm against the new path
The split is behaviour-preserving for the VM: vm.nix + common.nix
together carry the same package set as the previous home.nix.
host.nix is provisioned but not yet wired into bootstrap (phase p8).
Phase 1 of the nix-on-host migration plan.
|
sommerfeld