Refactor/flake dedup and wsl input (#3)

* fix: configure docker for EDaaS WSL VDI

Enable rootful docker with the Docker Desktop proxy patch, add emmathorpe to the docker group, disable resolvconf and enable nix-ld.

* feat: flesh out work module and pin claude-code to nixpkgs unstable

Migrate git config to the settings option, fix the signing key path and email, add argo-rollouts/google-cloud-sdk and other tooling, and enable go. claude-code is sourced from the nixpkgs-unstable overlay.

* chore: update personal git, delta and editor config

Move git config to the settings option, switch to the standalone programs.delta module with git integration, add commitizen, and treat Jenkinsfiles as groovy.

* refactor: dedupe flake with mkHost and add nixos-wsl flake input

Extract a shared mkHost helper to remove duplicated home-manager scaffolding, add nixos-wsl as a flake input so the EDaaS host builds without --impure, source claude-code via a nixpkgs-unstable overlay, and expose a nixfmt formatter output.

* style: format nix files with nixfmt

* refactor: migrate to stable nixpkgs 26.05 and track upstream asahi flake

Pin nixpkgs to nixos-26.05 and home-manager to release-26.05; claude-code stays bleeding-edge via the nixpkgs-unstable overlay.

Centralize allowUnfree and experimental-features in mkHost and pin nix.registry/nixPath to the flake nixpkgs.

Replace the vendored apple-silicon-support module with the nixos-apple-silicon flake input, dropping ~8.8k lines of vendored code.

Fix stable-induced package renames: neofetch -> fastfetch, noto-fonts-emoji -> noto-fonts-color-emoji.

* refactor: adopt flake-parts with host table and scoped unfree

Wrap outputs in flake-parts.lib.mkFlake, replacing forAllSystems boilerplate with systems + perSystem. Drop the unused self argument.

Collapse the three mkHost calls into a hosts attrset mapped with lib.mapAttrs; adding a machine is now a single table entry.

Replace blanket allowUnfree with an allowUnfreePredicate allowlist (claude-code, lens). Add devShells.default (nixfmt, nil, git) and a checks.formatting nixfmt --check gate.

* docs(flake): annotate inputs, mkHost, host table and perSystem

Explanatory comments only; no eval change (drvPath identical).

* refactor(home): split home-manager into focused modules; clarify desktop scope

Break the home.nix monolith into emmathorpe/home/{default,shell,git,editor,desktop}.nix. The host table now composes desktop.nix onto graphical hosts only, so element-desktop, the Sway session vars and cursor theme are no longer installed on the headless WSL host.

Consolidate chat apps: legcord moves from user.nix (system) into the home desktop module alongside element-desktop. The tty1 'exec sway' autostart moves into desktop.nix so it never runs on headless hosts.

Desktop functionality: add xdg.portal (wlr + gtk) in swaywm.nix to enable screen sharing and native file pickers for Element and Firefox under wlroots.

* feat(desktop): declarative Sway config with idle-lock, notifications and bar

Add emmathorpe/home/sway.nix managing wayland.windowManager.sway (package = null, reusing the system Sway wrapper) plus swaylock, swayidle, dunst and an i3status-rust bar. home-manager's systemd integration wires sway-session.target so the swayidle/dunst user services start with the session.

swayidle locks after 5 min, powers outputs off after 10, and locks before sleep. Media/brightness keys use wpctl (pipewire) and brightnessctl; the launcher is sway-launcher-desktop in a floating foot window; keyboard is set to dvorak to match the console.

Move swaylock/swayidle/dunst/i3status-rust out of the system programs.sway extraPackages (now home-managed). Add security.pam.services.swaylock on the MBP host so the lock screen can authenticate (X1 already had it with fingerprint auth).

---------

Co-authored-by: Emma Thorpe <emma.thorpe@citrix.com>

emmathorpe/swaywm.nix

@@ -1,35 +1,58 @@
-{ config, lib, options, pkgs, ... }:
+{
+  config,
+  lib,
+  options,
+  pkgs,
+  ...
+}:
 
-let 
-	cfg = config.features.swayDesktop;
+let
+  cfg = config.features.swayDesktop;
 in
 {
-	options = {
-		features.swayDesktop.enable = lib.mkEnableOption "Enable Sway Desktop";
-	};
-	config = lib.mkIf cfg.enable {
-		programs.sway = {
-			enable = true;
-			wrapperFeatures.gtk = true;
-			extraSessionCommands = ''
-				# QT
-        export QT_QPA_PLATFORM="wayland;xcb"
-        export QT_QPA_PLATFORMTHEME=qt5ct
-				# SDL
-        export SDL_VIDEODRIVER=wayland
-				# Java
-        export _JAVA_AWT_WM_NONREPARENTING=1
-				# Misc
-        export CLUTTER_BACKEND=wayland
-        export WINIT_UNIX_BACKEND=x11
-        export MOZ_ENABLE_WAYLAND=1
-			'';
-			extraPackages = with pkgs; [ brightnessctl foot grim swayidle swaylock i3status-rust sway-launcher-desktop dunst pavucontrol ];
-		};
-		fonts.packages = with pkgs; [
-			noto-fonts
-			noto-fonts-emoji
-			font-awesome
-		];
-	};
+  options = {
+    features.swayDesktop.enable = lib.mkEnableOption "Enable Sway Desktop";
+  };
+  config = lib.mkIf cfg.enable {
+    programs.sway = {
+      enable = true;
+      wrapperFeatures.gtk = true;
+      extraSessionCommands = ''
+        				# QT
+                export QT_QPA_PLATFORM="wayland;xcb"
+                export QT_QPA_PLATFORMTHEME=qt5ct
+        				# SDL
+                export SDL_VIDEODRIVER=wayland
+        				# Java
+                export _JAVA_AWT_WM_NONREPARENTING=1
+        				# Misc
+                export CLUTTER_BACKEND=wayland
+                export WINIT_UNIX_BACKEND=x11
+                export MOZ_ENABLE_WAYLAND=1
+        			'';
+      # Core Wayland utilities. The lock screen, idle daemon, status bar and
+      # notification daemon are configured per-user in home/sway.nix.
+      extraPackages = with pkgs; [
+        brightnessctl
+        foot
+        grim
+        sway-launcher-desktop
+        pavucontrol
+      ];
+    };
+    fonts.packages = with pkgs; [
+      noto-fonts
+      noto-fonts-color-emoji
+      font-awesome
+    ];
+
+    # Desktop portals: enables screen sharing (wlroots) and native file pickers
+    # for Wayland apps such as Element and Firefox.
+    xdg.portal = {
+      enable = true;
+      wlr.enable = true;
+      extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+      config.common.default = "*";
+    };
+  };
 }