- lyrathorpe-t400 replaces lyrathorpe-x1c: ThinkPad T400 (legacy BIOS -> GRUB,
Intel microcode + redistributable firmware for iwlwifi, pipewire, sshd).
- lyrathorpe-macpro31: new desktop host (portable = false) importing
desktop.nix. Mac Pro 3,1 has 64-bit EFI -> systemd-boot; wired NetworkManager
via desktop.nix; desktop status bar (temperature + net, no battery).
Both ship hand-written placeholder hardware-configuration.nix (root/swap/ESP by
label, GRUB device /dev/sda) to be regenerated with nixos-generate-config and
committed at install time. All five host configs evaluate; nixfmt clean.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add system/modules/desktop.nix (counterpart to laptop.nix): imports the
workstation base and uses wired NetworkManager instead of iwd.
Thread a `portable` flag (default true) through mkHost into specialArgs and
home-manager.extraSpecialArgs, mirroring username/fullName. lyrathorpe/home/
sway.nix consumes it to drop mobile components on desktop hosts:
- status bar swaps the battery block for CPU temperature + network throughput
- screen-brightness keybindings are omitted (no internal backlight)
No host uses desktop.nix yet; a future desktop host imports it and sets
`portable = false`. Verified by evaluating sway.nix both ways:
laptop -> [.. sound battery time] + brightness keys;
desktop -> [.. temperature net sound time], no brightness keys.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Add common-nixos.nix (timezone, locale, git/fastfetch) imported by every
NixOS host, and laptop.nix (systemd-boot, sway, dvorak, iwd, firewall)
imported by X1 and MBP. Strip the nixos-generate-config boilerplate from
both machine configs and reduce them to host-specific settings.
- Enable the firewall on the laptops (was disabled); X1 opens 22 next to
its sshd.
- Pin nixpkgs input to github:nixos/nixpkgs/nixos-26.05 for consistency;
lock rev unchanged (still b51242d).
- Drop unused module arguments.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Set home-manager.backupFileExtension = "backup" on the NixOS and Darwin base modules. Existing machines carry hand-written ~/.zshrc and ~/.zshenv that home-manager would refuse to overwrite, aborting activation. With a backup extension, the originals are saved as .backup and activation proceeds. The oh-my-zsh setup is already declared in lyrathorpe/home/shell.nix, so the generated files supersede the old ones.
Add the nix-homebrew input and darwin module so the Homebrew prefix is installed and owned declaratively (no manual bootstrap), with enableRosetta for x86_64 formulae on Apple Silicon and user = host username.
Set homebrew.onActivation.cleanup = zap so the taps/brews/casks/masApps lists are authoritative: anything not declared is removed on activation.
Add the nix-darwin input (nix-darwin-26.05, follows nixpkgs) and a mkDarwinHost mirroring mkHost: shared commonModule (nixpkgs/nix settings) is factored out and reused, home-manager is wired via darwinModules, and identity is threaded through specialArgs.
New darwinConfigurations.lyrathorpe-mac (aarch64-darwin) reuses the cross-platform ./lyrathorpe/home modules (shell, git, editor); Linux-only sway/desktop modules are excluded. Build with: darwin-rebuild switch --flake .#lyrathorpe-mac.
Move ./emmathorpe -> ./lyrathorpe (git mv preserves history) and rename the MBP/X1 nixosConfiguration names to lyrathorpe-mbp / lyrathorpe-x1c. The EDaaS host keeps its emmathorpe-edaas name and Emma Thorpe identity; it still imports the shared (renamed) config dir.
Derivation outputs are byte-identical to before; pure relabel.
Thread username and fullName per host through the flake host table and specialArgs / home-manager.extraSpecialArgs, so user.nix and git.nix derive identity instead of hardcoding it.
MBP and X1 now provision user lyrathorpe (Lyra Thorpe). EDaaS retains emmathorpe (Emma Thorpe) and its wsl.defaultUser; work commit email is unchanged.
* fix: configure docker for EDaaS WSL VDI
Enable rootful docker with the Docker Desktop proxy patch, add emmathorpe to the docker group, disable resolvconf and enable nix-ld.
* feat: flesh out work module and pin claude-code to nixpkgs unstable
Migrate git config to the settings option, fix the signing key path and email, add argo-rollouts/google-cloud-sdk and other tooling, and enable go. claude-code is sourced from the nixpkgs-unstable overlay.
* chore: update personal git, delta and editor config
Move git config to the settings option, switch to the standalone programs.delta module with git integration, add commitizen, and treat Jenkinsfiles as groovy.
* refactor: dedupe flake with mkHost and add nixos-wsl flake input
Extract a shared mkHost helper to remove duplicated home-manager scaffolding, add nixos-wsl as a flake input so the EDaaS host builds without --impure, source claude-code via a nixpkgs-unstable overlay, and expose a nixfmt formatter output.
* style: format nix files with nixfmt
* refactor: migrate to stable nixpkgs 26.05 and track upstream asahi flake
Pin nixpkgs to nixos-26.05 and home-manager to release-26.05; claude-code stays bleeding-edge via the nixpkgs-unstable overlay.
Centralize allowUnfree and experimental-features in mkHost and pin nix.registry/nixPath to the flake nixpkgs.
Replace the vendored apple-silicon-support module with the nixos-apple-silicon flake input, dropping ~8.8k lines of vendored code.
Fix stable-induced package renames: neofetch -> fastfetch, noto-fonts-emoji -> noto-fonts-color-emoji.
* refactor: adopt flake-parts with host table and scoped unfree
Wrap outputs in flake-parts.lib.mkFlake, replacing forAllSystems boilerplate with systems + perSystem. Drop the unused self argument.
Collapse the three mkHost calls into a hosts attrset mapped with lib.mapAttrs; adding a machine is now a single table entry.
Replace blanket allowUnfree with an allowUnfreePredicate allowlist (claude-code, lens). Add devShells.default (nixfmt, nil, git) and a checks.formatting nixfmt --check gate.
* docs(flake): annotate inputs, mkHost, host table and perSystem
Explanatory comments only; no eval change (drvPath identical).
* refactor(home): split home-manager into focused modules; clarify desktop scope
Break the home.nix monolith into emmathorpe/home/{default,shell,git,editor,desktop}.nix. The host table now composes desktop.nix onto graphical hosts only, so element-desktop, the Sway session vars and cursor theme are no longer installed on the headless WSL host.
Consolidate chat apps: legcord moves from user.nix (system) into the home desktop module alongside element-desktop. The tty1 'exec sway' autostart moves into desktop.nix so it never runs on headless hosts.
Desktop functionality: add xdg.portal (wlr + gtk) in swaywm.nix to enable screen sharing and native file pickers for Element and Firefox under wlroots.
* feat(desktop): declarative Sway config with idle-lock, notifications and bar
Add emmathorpe/home/sway.nix managing wayland.windowManager.sway (package = null, reusing the system Sway wrapper) plus swaylock, swayidle, dunst and an i3status-rust bar. home-manager's systemd integration wires sway-session.target so the swayidle/dunst user services start with the session.
swayidle locks after 5 min, powers outputs off after 10, and locks before sleep. Media/brightness keys use wpctl (pipewire) and brightnessctl; the launcher is sway-launcher-desktop in a floating foot window; keyboard is set to dvorak to match the console.
Move swaylock/swayidle/dunst/i3status-rust out of the system programs.sway extraPackages (now home-managed). Add security.pam.services.swaylock on the MBP host so the lock screen can authenticate (X1 already had it with fingerprint auth).
---------
Co-authored-by: Emma Thorpe <emma.thorpe@citrix.com>
Migrate git config to the settings option, fix the signing key path and email, add argo-rollouts/google-cloud-sdk and other tooling, enable go, and wire a dedicated nixpkgs-unstable input so claude-code tracks unstable independently of the pinned nixpkgs.
Emma Thorpe
lyrathorpe