- treefmt-nix drives `nix fmt` and the formatting check (nixfmt/shfmt/
prettier; generated files and flake.lock excluded). Replaces the
bespoke find-based check.
- deadnix and statix as flake checks and pre-commit hooks; deadnix
ignores module-arg patterns, statix.toml disables the two house-style
lints (repeated_keys, empty_pattern). Fixed the one real deadnix hit
(unused overlay arg) and statix hit (use inherit for claude-code).
- git-hooks.nix installs the pre-commit gate via the devShell.
- .editorconfig for the base style.
- Move system/modules/work/default.nix -> lyrathorpe/home/work.nix (it is
a home-manager module). README gains a Development section; docs
reformatted by the new formatter.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- common-nixos: nix.settings.auto-optimise-store + larger download buffer.
- workstation: fstrim, boot.tmp.cleanOnBoot, and the shared graphical
options moved here from the per-host configs (pipewire, swaylock PAM
stub, redistributable firmware) -- MBP-Asahi gains audio it lacked.
- T400: zramSwap for the low-RAM host.
- MBP-Asahi: nixos-apple-silicon binary cache substituter.
- MacPro31 README: describe the real (LVM/UUID) hardware config; it is no
longer a placeholder.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Update the interactive-shell README and keybindings reference for changes
made after the initial docs commit: no scheduled GC (manual only),
NO_TMUX escape hatch, default-terminal tmux-256color + truecolor, the
JetBrainsMono Nerd Font (new Fonts section + iTerm2 caveat), the
UseKeychain IgnoreUnknown guard, and the vim-tmux-navigator (Ctrl-hjkl) +
resurrect save/restore tmux bindings.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
nixpkgs' openssh lacks Apple's keychain patch, so `UseKeychain yes` is
rejected as "Bad configuration option" when that ssh is on PATH. Prefix
it with `IgnoreUnknown UseKeychain` (the module emits IgnoreUnknown first)
so a non-Apple ssh skips it while Apple's ssh still honours it. Still
Darwin-only.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The tmux statusline draws powerline/Nerd glyphs that default fonts lack,
so they render as blank/"?". tmux runs on every host (not just the Sway
ones), so install the font in the shared common-nixos module rather than
swaywm -- a future console-only or non-Sway host gets it too. The Mac
installs it via the Darwin config (/Library/Fonts). foot names it as its
main font (home/sway.nix).
On macOS, iTerm2's font is still a GUI setting: Settings -> Profiles ->
Text -> Font -> "JetBrainsMono Nerd Font".
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
tmux-direct as default-terminal desyncs zsh's line redraw on some
terminals (iTerm2: duplicated characters on Tab, stray newlines). Switch
to the standard tmux-256color and advertise truecolor per outer terminal
via terminal-features (add xterm-256color:RGB alongside the foot ones).
Also add a NO_TMUX escape hatch to the auto-start guard, so
`NO_TMUX=1 <terminal>` opens a bare shell.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The scheduled `nh clean` only reclaimed disk and risked reaping store
paths the current generation still references (notably on nix-darwin).
Keep `programs.nh` (nicer rebuilds + $NH_FLAKE) but remove clean.enable;
GC manually (`nh clean all` / `nix-collect-garbage -d`) when nothing
important is running. The resetZcompdump activation stays as a safety net
for stale completion dumps across rebuilds/manual GC.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add lyrathorpe/home/README.md covering the zsh / CLI tools / tmux / git /
ssh features and nice-to-haves configured across shell.nix and git.nix
(history, fzf/zoxide/direnv/eza/bat, nix-index, nh, tmux plugins +
auto-start, git aliases/settings/signing, ssh agent + Gitea host, the
zcompdump/GC maintenance behaviours, and per-host differences). Link it
from the top-level README alongside the keybindings reference.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Set HostName 10.187.1.76 on the code.emmathe.dev block so the Gitea
remote resolves to the fixed IP without relying on DNS (same user, port
30009 and key).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The home-manager bump deprecated programs.ssh.addKeysToAgent /
matchBlocks / the implicit default block. Move to programs.ssh.settings
with enableDefaultConfig = false, carrying the old defaults under
settings."*" plus AddKeysToAgent, the Darwin UseKeychain, and the
code.emmathe.dev (Port 30009) host. Silences all three ssh warnings.
Also drop ~/.zcompdump on each activation: a stale dump caches /nix/store
paths to completion functions, and once a rebuild or the weekly nh GC
removes them compinit fails with "_git: function definition file not
found" for every completion. Deleting it forces a fresh rebuild from the
current fpath.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The flake's origin (ssh://git@code.emmathe.dev) must resolve on every host.
Add a matchBlock for code.emmathe.dev: user git, Port 30009 (Gitea's
non-default SSH port -- the critical bit), the dedicated
~/.ssh/code.emmathe.dev key, and identitiesOnly. The work box keeps its own
ssh config (programs.ssh forced off there) which already has the entry.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Set user.email = iam@emmathe.dev on the personal hosts (mkDefault, so the
work module's address still wins on the work box). Add git aliases for
commitizen -- `git cz <sub>` (e.g. `git cz c`) and `git cc` for the commit
prompt; commitizen is already installed on every host (home.packages) and
defaults to the Conventional Commits ruleset.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Move the tmux auto-start out of the graphical-only desktop layer into the
shared shell config so it also covers WSL, iTerm2 and the Linux console
(folded into programs.zsh.initContent via mkMerge alongside the SSH PS1
block). Same guards: interactive, not-already-in-tmux, not-SSH,
not-VS-Code, tmux-present.
ssh: run a user ssh-agent on Linux (macOS uses launchd) and add keys on
first use (addKeysToAgent), so the passphrase is entered once per login
session instead of per commit/push -- which also feeds commit signing.
macOS additionally caches in the login keychain (UseKeychain). The work
box keeps its own ~/.ssh/config (programs.ssh forced off there); its
ssh-agent still runs via the work module.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Opening a terminal (foot) execs `tmux new-session -A -s main`, so every new
terminal lands in the multiplexer; panes run a plain non-login zsh. Guarded
to interactive, not-already-in-tmux, not-SSH, not-VS-Code, tmux-present --
preventing re-exec loops, hijacked scp/ssh shells, and lockout. Lives in the
graphical desktop layer, so the WSL work box keeps a plain shell.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
settings: pull.rebase + rebase autostash/autosquash, fetch.prune,
merge.conflictStyle=zdiff3, diff histogram + colorMoved, rerere,
commit.verbose, branch.sort, column.ui, help.autocorrect, and a small alias
set (st/co/sw/br/ci/last/unstage/lg). Global ignore file (result, .direnv,
*.swp, .DS_Store).
SSH commit/tag signing on personal hosts too, reusing the existing key
(the work module already signs on the work host). gpgsign is mkDefault so a
host lacking the key in its ssh-agent can disable it -- otherwise commits
there would fail. No personal user.email is set (unknown); signing does not
require one, but author email still falls back to user@host until set.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Vim half of the tmux plugin so Ctrl-h/j/k/l moves seamlessly between vim
splits and tmux panes.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Prebuilt nix-index database (follows nixpkgs) so command-not-found works
immediately without a manual `nix-index` run. Consumed in shell.nix.
Lock change is purely additive; existing pins are unchanged.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The eval steps listed hosts by hand and still referenced lyrathorpe-x1c,
which was removed (replaced by t400/macpro31), so CI errored. Derive the
NixOS and Darwin host lists from attrNames of nixos/darwinConfigurations
instead, so adding or removing a host needs no workflow change.
Verified locally under bash: all current hosts (edaas, macpro31, mbp,
t400, mac) evaluate; no removed host is referenced.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Rebuild after the lock-maintenance bump surfaced two home-manager
warnings on the Firefox config added in #17:
- pin programs.firefox.configPath = ".mozilla/firefox" (the legacy
location the system Firefox uses) to silence the stateVersion<26.05
default-change warning,
- address the add-on by pkgs.stdenv.hostPlatform.system (pkgs.system is
deprecated).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Firefox draws its own chrome and ignores the GTK theme, so theme it at the
browser level. Add the rycee firefox-addons flake input and, in the
home-manager desktop layer, manage the Firefox profile (package = null --
the system programs.firefox in user.nix still provides the binary):
- install the Catppuccin Mocha theme add-on (catppuccin-mocha-mauve; only
the mauve accent is packaged upstream, so it differs slightly from the
blue accent used elsewhere),
- autoDisableScopes = 0 so it applies on first launch,
- ui.systemUsesDarkTheme + prefers-color-scheme override for dark chrome
and page content.
Verified the XPI fetches, user.js renders the prefs, finalPackage is null
(no duplicate Firefox), all Sway hosts eval, and EDaaS is unaffected.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Set gtk.gtk4.theme = config.gtk.theme so any GTK4 app added later is
themed too. GTK4 ignores gtk-theme-name, but home-manager renders this as
an `@import` of the theme's gtk-4.0/gtk.css into ~/.config/gtk-4.0/gtk.css
-- which libadwaita honours, since that file overrides the named colours
it uses (window_bg_color/accent_bg_color/view_bg_color, verified present
in catppuccin-gtk's GTK4 stylesheet). Setting it explicitly (to the same
value as the legacy default) also silences the stateVersion<26.05
default-change warning. nemo (GTK3) is unaffected.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Document every configured shortcut in lyrathorpe/home/KEYBINDINGS.md,
compiled from the rendered configs (so it includes the home-manager Sway
module defaults alongside the custom binds and modes), and link it from
the top-level README. Notes the Dvorak keysym caveat and the
laptop-only brightness keys.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
From emmaisadev/dotfiles (tmux.conf): run a non-login shell
(default-command), drop the stock %/" split keys (the s/v vim splits
already come from reverseSplit), declare foot's terminal-features
(RGB/sync/clipboard/title/ccolour/cstyle), and raise the scrollback to
500000. Alt-arrow pane nav and mouse were already present. Also drop a
stale comment referencing the removed tty1 autostart.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Adapted from emmaisadev/dotfiles (sway/config.d) into the Nix config:
- Screenshots to swappy: Print = drag a region, Shift+Print = focused
window (a writeShellScript reusing the grimshot.sh tree/jq logic).
Replaces the old plain full-screen grim->file.
- Workspace cycle Mod+z / Mod+x (prev/next).
- Media keys (playerctl) and mic mute (wpctl source).
- Re-home `focus mode_toggle` onto Mod+Alt+space (Mod+Space is the
launcher now).
- Clipboard history: services.clipman stores copies; Mod+c picks one
through a Catppuccin-themed fuzzel (programs.fuzzel).
- Binding modes: a layout submenu (Mod+y -> s/w/e, which also restores
split-toggle that Mod+e gave up to nemo) and a power menu
(Mod+Shift+x -> lock/exit/sleep/reboot/shutdown). Mod+l still locks
immediately.
- Touchpad tap + natural scroll (laptops; inert on desktop).
- Solid Catppuccin base as the wallpaper (output * bg, no image).
- foot: term=xterm-256color and scrollback 100000 (colours unchanged).
- swaywm.nix: add slurp/swappy/jq/playerctl to the session packages.
Skipped from the dotfiles: named workspaces + app auto-assign, the foot
--server/footclient setup, and pactl/MX-Master/lxqt device-specific bits.
All in the shared files, so every Sway host gets it.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Install nemo and bind it to Mod+e (mkForce, overriding the module
default `layout toggle split`). Add a home-manager `gtk` block so GTK
apps match the desktop: the Catppuccin Mocha GTK theme
(catppuccin-gtk, mocha/blue), with Adwaita icons + cursor as before.
Under Sway GTK reads ~/.config/gtk-*/settings.ini directly (no XSettings
daemon), so this themes nemo without extra env.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Two desktop-config fixes found together:
1. Keybindings: the previous Mod+Space launcher bind wrapped the set in
`lib.mkMerge [ { ... } (mkOptionDefault ...) ]`. A normal-priority
definition there wins over (and discards) the home-manager module's
default keybindings, which are at mkOptionDefault priority -- so every
default bind (terminal Mod+Return, movement, workspaces, kill, ...) and
even the custom swaylock/volume binds silently vanished; only Mod+Space
survived. That is why Super+Enter opened nothing. Restore the single
mkOptionDefault wrapper (so it merges with the module defaults) and
override just Mod+Space via lib.mkForce to beat the module's default
focus-mode_toggle without a same-priority conflict. Generated config
goes from 1 bindsym back to 57.
2. foot 1.27: the bare [colors] section is deprecated in favour of
[colors-dark], and `[cursor] color` is rejected ("not a valid option:
color"). Move the palette to colors-dark and set the cursor colour via
its `cursor` key ("<text> <cursor>"). `foot --check-config` now passes.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
historySubstringSearch bound only the default CSI sequences (^[[A/^[[B),
so Up/Down did nothing at the prompt in foot and iTerm2, which send the
SS3 application-mode sequences (^[OA/^[OB). Bind both forms via
searchUpKey/searchDownKey; this covers foot, iTerm2 and the Linux TTY
(CSI).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
ReGreet is plain GTK4 (no libadwaita in its closure), so it defaulted to
light Adwaita and my libadwaita-named colour overrides (window_bg_color,
accent_bg_color, ...) were inert -- a light theme with stray accents.
Force the dark Adwaita variant via GTK_THEME=Adwaita:dark in the greeter
wrapper, and override the GTK4 legacy colour names (theme_bg_color,
theme_fg_color, theme_selected_bg_color, borders, ...) that plain GTK4
actually references. The libadwaita names stay as harmless forward-compat.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
greetd now owns tty1 and launches the Sway session, so the zsh
initContent that exec'd sway on tty1 login can never fire. Remove it (and
the now-unused lib arg), and refresh the module header (login is via the
greeter; host list MBP/T400/Mac Pro, no longer "X1").
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Factor the Catppuccin Mocha palette into lyrathorpe/catppuccin-mocha.nix
so the desktop (home/sway.nix) and the system greeter (swaywm.nix) share
one source of truth, then theme ReGreet from it: GTK CSS (libadwaita
named colours + plain node selectors for window/entry/button/combobox)
plus Noto Sans to match the bar and notifications.
Verified the rendered /etc/greetd/regreet.css and regreet.toml
(font_name = "Noto Sans 16"), and that foot still resolves its colours
through the shared import.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace the mismatched theming (gruvbox i3status-rust, unthemed foot,
default Sway borders) with a single Catppuccin Mocha palette so the
desktop matches the Vim colorscheme. A `ctp` let-binding holds the raw
hex once; consumers add "#" as needed.
Themed: foot (16-colour + selection/cursor), i3status-rust ("plain" base
+ overrides, idle blocks on mantle, loud bg only for warning/critical),
Sway window borders and the bar/workspace buttons, swaylock (full
ring/inside/text set) and dunst (base/text bg, blue/peach frames).
Lives in the shared home/sway.nix, so every Sway host is themed
consistently. Vim already uses catppuccin_mocha, so the editor is
unchanged.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Only `menu` was set, which the module's default keybindings run on Mod+d;
Mod+Space defaulted to `focus mode_toggle`, so sway-launcher-desktop was
never reachable from Mod+Space. Add an explicit Mod+Space -> exec ${menu}
binding at normal priority (via mkMerge) so it overrides the default.
Mod+d still launches it as well.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Dvorak is a variant of the "us" XKB layout, not a layout of its own:
there is no symbols/dvorak file, so "dvorak" fails to compile.
In the greetd/cage greeter the keymap comes solely from XKB_DEFAULT_*, so
the failure left the greeter with no keymap and therefore no keyboard
input at all (mouse unaffected). Split it into
XKB_DEFAULT_LAYOUT=us + XKB_DEFAULT_VARIANT=dvorak.
The same mistake in the Sway session (home/sway.nix) was masked: the
default us keymap compiled and the failing override was silently dropped,
so the session ran QWERTY despite the dvorak setting. Use xkb_variant
there too so it is actually Dvorak.
console.keyMap = "dvorak" (workstation.nix) is unaffected -- that is a
kbd console map, a separate subsystem where "dvorak" is valid.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Document the greetd/ReGreet greeter in the top-level README and the T400
and Mac Pro install notes, including that the user account needs a
password set before the greeter can authenticate.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace TTY/getty login with a graphical Wayland greeter on every host
with features.swayDesktop enabled (MBP, T400, Mac Pro; not the WSL box).
greetd launches ReGreet inside the cage kiosk compositor; the Sway
session is listed automatically via services.displayManager.sessionPackages.
Override regreet's mkDefault greetd command to export
XKB_DEFAULT_LAYOUT=dvorak so the greeter password field matches the
console (workstation.nix) and Sway session (home/sway.nix) layout.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add system/machine/{T400,MacPro31}/README.md covering the placeholder
hardware-configuration regeneration, partition labels, bootloader selection
(T400 boot variants; Mac Pro EFI quirks), and GPU notes. Link each from its
configuration.nix header, and refresh the top-level README host table (T400
replaces X1, Mac Pro 3,1 added) with links to both.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Split the T400 bootloader into self-contained, importable modules so the host
can match whatever firmware is flashed (switch by changing one import):
- boot-bios.nix stock BIOS / coreboot+SeaBIOS -> GRUB on the MBR (default)
- boot-coreboot-grub.nix coreboot GRUB payload -> config-only GRUB (device=nodev)
- boot-coreboot-uefi.nix coreboot Tianocore/UEFI payload -> systemd-boot; carries
its own ESP (/boot vfat) so it travels with the mode
Cover the optional discrete ATI Mobility Radeon HD 3470 (RV620): load the open
`radeon` KMS driver in the initrd for early modesetting (firmware via
enableRedistributableFirmware), with a note on the T400's switchable graphics.
All three boot variants evaluate; nixfmt clean.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- lyrathorpe-t400 replaces lyrathorpe-x1c: ThinkPad T400 (legacy BIOS -> GRUB,
Intel microcode + redistributable firmware for iwlwifi, pipewire, sshd).
- lyrathorpe-macpro31: new desktop host (portable = false) importing
desktop.nix. Mac Pro 3,1 has 64-bit EFI -> systemd-boot; wired NetworkManager
via desktop.nix; desktop status bar (temperature + net, no battery).
Both ship hand-written placeholder hardware-configuration.nix (root/swap/ESP by
label, GRUB device /dev/sda) to be regenerated with nixos-generate-config and
committed at install time. All five host configs evaluate; nixfmt clean.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The bootloader is firmware-specific, not form-factor: UEFI hosts use
systemd-boot, BIOS hosts use GRUB. Drop boot.loader.systemd-boot.enable from
workstation.nix and declare it on the MBP instead, so the incoming BIOS-only
T400 (GRUB) doesn't have to force it off.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Emma Thorpe
lyrathorpe