T400 gets the generic lenovo-thinkpad + common-pc-laptop(-ssd) +
common-cpu-intel blocks (no t400-specific profile exists); this also
enables tlp and the tp_smapi/acpi_call battery tooling. Mac Pro 3,1 gets
common-pc-ssd + common-cpu-intel. nixos-hardware follows our nixpkgs to
keep a single nixpkgs in the closure.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Declarative Neovim, on the nixos-26.05 release branch and following our
nixpkgs to keep a single nixpkgs in the closure. Consumed by
lyrathorpe/home/editor.nix.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- treefmt-nix drives `nix fmt` and the formatting check (nixfmt/shfmt/
prettier; generated files and flake.lock excluded). Replaces the
bespoke find-based check.
- deadnix and statix as flake checks and pre-commit hooks; deadnix
ignores module-arg patterns, statix.toml disables the two house-style
lints (repeated_keys, empty_pattern). Fixed the one real deadnix hit
(unused overlay arg) and statix hit (use inherit for claude-code).
- git-hooks.nix installs the pre-commit gate via the devShell.
- .editorconfig for the base style.
- Move system/modules/work/default.nix -> lyrathorpe/home/work.nix (it is
a home-manager module). README gains a Development section; docs
reformatted by the new formatter.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Prebuilt nix-index database (follows nixpkgs) so command-not-found works
immediately without a manual `nix-index` run. Consumed in shell.nix.
Lock change is purely additive; existing pins are unchanged.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Firefox draws its own chrome and ignores the GTK theme, so theme it at the
browser level. Add the rycee firefox-addons flake input and, in the
home-manager desktop layer, manage the Firefox profile (package = null --
the system programs.firefox in user.nix still provides the binary):
- install the Catppuccin Mocha theme add-on (catppuccin-mocha-mauve; only
the mauve accent is packaged upstream, so it differs slightly from the
blue accent used elsewhere),
- autoDisableScopes = 0 so it applies on first launch,
- ui.systemUsesDarkTheme + prefers-color-scheme override for dark chrome
and page content.
Verified the XPI fetches, user.js renders the prefs, finalPackage is null
(no duplicate Firefox), all Sway hosts eval, and EDaaS is unaffected.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Add common-nixos.nix (timezone, locale, git/fastfetch) imported by every
NixOS host, and laptop.nix (systemd-boot, sway, dvorak, iwd, firewall)
imported by X1 and MBP. Strip the nixos-generate-config boilerplate from
both machine configs and reduce them to host-specific settings.
- Enable the firewall on the laptops (was disabled); X1 opens 22 next to
its sshd.
- Pin nixpkgs input to github:nixos/nixpkgs/nixos-26.05 for consistency;
lock rev unchanged (still b51242d).
- Drop unused module arguments.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add the nix-homebrew input and darwin module so the Homebrew prefix is installed and owned declaratively (no manual bootstrap), with enableRosetta for x86_64 formulae on Apple Silicon and user = host username.
Set homebrew.onActivation.cleanup = zap so the taps/brews/casks/masApps lists are authoritative: anything not declared is removed on activation.
Add the nix-darwin input (nix-darwin-26.05, follows nixpkgs) and a mkDarwinHost mirroring mkHost: shared commonModule (nixpkgs/nix settings) is factored out and reused, home-manager is wired via darwinModules, and identity is threaded through specialArgs.
New darwinConfigurations.lyrathorpe-mac (aarch64-darwin) reuses the cross-platform ./lyrathorpe/home modules (shell, git, editor); Linux-only sway/desktop modules are excluded. Build with: darwin-rebuild switch --flake .#lyrathorpe-mac.
* fix: configure docker for EDaaS WSL VDI
Enable rootful docker with the Docker Desktop proxy patch, add emmathorpe to the docker group, disable resolvconf and enable nix-ld.
* feat: flesh out work module and pin claude-code to nixpkgs unstable
Migrate git config to the settings option, fix the signing key path and email, add argo-rollouts/google-cloud-sdk and other tooling, and enable go. claude-code is sourced from the nixpkgs-unstable overlay.
* chore: update personal git, delta and editor config
Move git config to the settings option, switch to the standalone programs.delta module with git integration, add commitizen, and treat Jenkinsfiles as groovy.
* refactor: dedupe flake with mkHost and add nixos-wsl flake input
Extract a shared mkHost helper to remove duplicated home-manager scaffolding, add nixos-wsl as a flake input so the EDaaS host builds without --impure, source claude-code via a nixpkgs-unstable overlay, and expose a nixfmt formatter output.
* style: format nix files with nixfmt
* refactor: migrate to stable nixpkgs 26.05 and track upstream asahi flake
Pin nixpkgs to nixos-26.05 and home-manager to release-26.05; claude-code stays bleeding-edge via the nixpkgs-unstable overlay.
Centralize allowUnfree and experimental-features in mkHost and pin nix.registry/nixPath to the flake nixpkgs.
Replace the vendored apple-silicon-support module with the nixos-apple-silicon flake input, dropping ~8.8k lines of vendored code.
Fix stable-induced package renames: neofetch -> fastfetch, noto-fonts-emoji -> noto-fonts-color-emoji.
* refactor: adopt flake-parts with host table and scoped unfree
Wrap outputs in flake-parts.lib.mkFlake, replacing forAllSystems boilerplate with systems + perSystem. Drop the unused self argument.
Collapse the three mkHost calls into a hosts attrset mapped with lib.mapAttrs; adding a machine is now a single table entry.
Replace blanket allowUnfree with an allowUnfreePredicate allowlist (claude-code, lens). Add devShells.default (nixfmt, nil, git) and a checks.formatting nixfmt --check gate.
* docs(flake): annotate inputs, mkHost, host table and perSystem
Explanatory comments only; no eval change (drvPath identical).
* refactor(home): split home-manager into focused modules; clarify desktop scope
Break the home.nix monolith into emmathorpe/home/{default,shell,git,editor,desktop}.nix. The host table now composes desktop.nix onto graphical hosts only, so element-desktop, the Sway session vars and cursor theme are no longer installed on the headless WSL host.
Consolidate chat apps: legcord moves from user.nix (system) into the home desktop module alongside element-desktop. The tty1 'exec sway' autostart moves into desktop.nix so it never runs on headless hosts.
Desktop functionality: add xdg.portal (wlr + gtk) in swaywm.nix to enable screen sharing and native file pickers for Element and Firefox under wlroots.
* feat(desktop): declarative Sway config with idle-lock, notifications and bar
Add emmathorpe/home/sway.nix managing wayland.windowManager.sway (package = null, reusing the system Sway wrapper) plus swaylock, swayidle, dunst and an i3status-rust bar. home-manager's systemd integration wires sway-session.target so the swayidle/dunst user services start with the session.
swayidle locks after 5 min, powers outputs off after 10, and locks before sleep. Media/brightness keys use wpctl (pipewire) and brightnessctl; the launcher is sway-launcher-desktop in a floating foot window; keyboard is set to dvorak to match the console.
Move swaylock/swayidle/dunst/i3status-rust out of the system programs.sway extraPackages (now home-managed). Add security.pam.services.swaylock on the MBP host so the lock screen can authenticate (X1 already had it with fingerprint auth).
---------
Co-authored-by: Emma Thorpe <emma.thorpe@citrix.com>
Migrate git config to the settings option, fix the signing key path and email, add argo-rollouts/google-cloud-sdk and other tooling, enable go, and wire a dedicated nixpkgs-unstable input so claude-code tracks unstable independently of the pinned nixpkgs.
Renovate Bot
lyrathorpe